hackers
398,806 views
195 Discussing
Hot
Latest
Hackers use Facebook ads to steal crypto assets
Hackers have started attacking crypto users through aggressive advertising of Windows 11 updates on Facebook.
Fake announcements are disguised as official updates, but in reality, they steal seed phrases from crypto wallets, logins, and other confidential information. Additionally, malware collects saved passwords and active sessions in the browser.
Fake announcements are disguised as official updates, but in reality, they steal seed phrases from crypto wallets, logins, and other confidential information. Additionally, malware collects saved passwords and active sessions in the browser.
🚨 16 BILLION Passwords Leaked — The Biggest Hack in Internet History! 😱
A record-breaking cyberattack just shook the internet like never before!
👉 16 BILLION+ freshly stolen credentials have been leaked online.
Not old data — newly hacked passwords stolen via malware directly from users’ devices.
🔥 Major platforms hit:
Apple
Google
Facebook
Telegram
GitHub
Even government websites 😨
Hackers now have access to:
Emails
Bank Accounts
Crypto Wallets
And much more!
---
⚠️ What You MUST Do Right Now:
✅ Change all your passwords immediately
✅ Enable Two-Factor Authentication (2FA) everywhere
✅ Never click on unknown links or open random files
✅ Use a trusted password manager
✅ Share this alert with your friends & family — help them stay safe too!
---
This breach is 100x bigger than the last 184M record leak in May.
It’s not just a data breach — it’s a full-on cyber crisis!
💻 Are YOU at risk? Better check now!
#CyberAlert #DataLeak #Hackers #OnlineSecurity #StaySafe
A record-breaking cyberattack just shook the internet like never before!
👉 16 BILLION+ freshly stolen credentials have been leaked online.
Not old data — newly hacked passwords stolen via malware directly from users’ devices.
🔥 Major platforms hit:
Apple
Telegram
GitHub
Even government websites 😨
Hackers now have access to:
Emails
Bank Accounts
Crypto Wallets
And much more!
---
⚠️ What You MUST Do Right Now:
✅ Change all your passwords immediately
✅ Enable Two-Factor Authentication (2FA) everywhere
✅ Never click on unknown links or open random files
✅ Use a trusted password manager
✅ Share this alert with your friends & family — help them stay safe too!
---
This breach is 100x bigger than the last 184M record leak in May.
It’s not just a data breach — it’s a full-on cyber crisis!
💻 Are YOU at risk? Better check now!
#CyberAlert #DataLeak #Hackers #OnlineSecurity #StaySafe
🚨MILLION DOLLAR MISTAKE:😭$ETH
A victim (0xd674) lost 4556 $ETH ($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC...dD2E48.
The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital's deposit address and repeatedly sent dust transactions.
11 hours ago, the victim copied an address directly from transaction history to deposit into Galaxy Digital but copied the poison address instead.
As a result, 4,556 $ETH ($12.4M) was sent to the attacker.
💢A painful lesson!
Always double-check the address before making a transfer.
Don't copy addresses from your transaction history for convenience.
Victim address:
0xd6741220a947941bF290799811FcDCeA8AE4A7Da
#Mistake #crypto #Hack #HackerAlert #hackers
A victim (0xd674) lost 4556 $ETH ($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC...dD2E48.
The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital's deposit address and repeatedly sent dust transactions.
11 hours ago, the victim copied an address directly from transaction history to deposit into Galaxy Digital but copied the poison address instead.
As a result, 4,556 $ETH ($12.4M) was sent to the attacker.
💢A painful lesson!
Always double-check the address before making a transfer.
Don't copy addresses from your transaction history for convenience.
Victim address:
0xd6741220a947941bF290799811FcDCeA8AE4A7Da
#Mistake #crypto #Hack #HackerAlert #hackers
HTX and Poloniex assets are '100% safe', says Justin Sun after $200M hack
Cryptocurrency tycoon Justin Sun has said assets held on HTX and Poloniex are "100% safe" following last month's hack in which more than $200 million was siphoned from both exchanges.
Both exchanges have opened withdrawals for certain assets, although several altcoins remain blocked. Bitcoin (BTC) and Tron (TRX) are the two digital assets that could retire; This led to both tokens trading at a premium on Poloniex over the past few weeks, meaning users would have to take a haircut of up to 10% to liquidate their asset and withdraw another.
The withdrawal freeze came after hackers stole $114 million from Poloniex hot wallets on November 10; This was followed by the theft of $97 million from HTX and the Heco Chain blockchain protocol. “At this time, Poloniex and HTX have recovered from the attack and we are resuming tokens one by one,” investor Justin Sun told CoinDesk. at Poloniex and HTX advisor. “I think for HTX, we have already recovered 95% in terms of assets worth dollars. At Poloniex, we have recovered around 85% in terms of dollar asset value.”
“And also note that since we have already covered all token losses on the platform, on HTX and Poloniex, 100% of the assets are 100% safe,” Sun added. “Although in terms of the exchanges themselves, we basically need to make those profits in the future. But for clients’ assets, it is 100% safe.”
An HTX spokesperson told CoinDesk: “The recent exit represents a small fraction of our total reserves, and HTX remains in stable and healthy operation.”
#HTXExchange #PoloniexHack #hackers #exploit #BTC
Cryptocurrency tycoon Justin Sun has said assets held on HTX and Poloniex are "100% safe" following last month's hack in which more than $200 million was siphoned from both exchanges.
Both exchanges have opened withdrawals for certain assets, although several altcoins remain blocked. Bitcoin (BTC) and Tron (TRX) are the two digital assets that could retire; This led to both tokens trading at a premium on Poloniex over the past few weeks, meaning users would have to take a haircut of up to 10% to liquidate their asset and withdraw another.
The withdrawal freeze came after hackers stole $114 million from Poloniex hot wallets on November 10; This was followed by the theft of $97 million from HTX and the Heco Chain blockchain protocol. “At this time, Poloniex and HTX have recovered from the attack and we are resuming tokens one by one,” investor Justin Sun told CoinDesk. at Poloniex and HTX advisor. “I think for HTX, we have already recovered 95% in terms of assets worth dollars. At Poloniex, we have recovered around 85% in terms of dollar asset value.”
“And also note that since we have already covered all token losses on the platform, on HTX and Poloniex, 100% of the assets are 100% safe,” Sun added. “Although in terms of the exchanges themselves, we basically need to make those profits in the future. But for clients’ assets, it is 100% safe.”
An HTX spokesperson told CoinDesk: “The recent exit represents a small fraction of our total reserves, and HTX remains in stable and healthy operation.”
#HTXExchange #PoloniexHack #hackers #exploit #BTC
On January 9, the US Securities and Exchange Commission (SEC) suffered a significant breach of cybersecurity and a loss of public confidence as a result of a social media account hack that led to a fake announcement about the approval of spot Bitcoin exchange-traded funds (ETFs).
For a short while, hackers gained access to the SEC's X account and released a statement purporting the organisation had approved the much anticipated products, which momentarily raised the price of Bitcoin. US officials launched a probe into the incident, and the SEC's cybersecurity and position on cryptocurrency came under fresh fire.
#ETFApprovalDreams #hackers #SEC #CryptoniteUae #BTCETFSPOT
For a short while, hackers gained access to the SEC's X account and released a statement purporting the organisation had approved the much anticipated products, which momentarily raised the price of Bitcoin. US officials launched a probe into the incident, and the SEC's cybersecurity and position on cryptocurrency came under fresh fire.
#ETFApprovalDreams #hackers #SEC #CryptoniteUae #BTCETFSPOT
This Article Shares 8 Security Practices That Everyone Should Be Using to Avoid Crypto Hacks
Crypto hackers have stolen $4+ billion in the last 2 years.
If you are not careful, you'll be next.
This article shares 8 security practices that everyone should be using.
If you already have multisig, virtual machines, 3 identities, your own email servers, a nuclear bunker and a lifetime supply of ramen.
Then you won’t need this guide,
For everyone else let's begin.
1. Crypto Storage
Hardware Wallets (Tier 1) - Ledger, NGRAVE, Trezor
Paper Wallet (Tier 2) - Easily lost and damaged. But costs only time.
Desktop wallet (Tier 3) - Only as safe as the system they are on. Not Ideal.
2. Emails
Old emails with weak passwords are a common point of entry for hackers.
If you’ve had it for a while and used it for multiple websites, chances are you want to get rid of it.
3. VPN
Most main providers are good enough (nord / express).
You can take your privacy even further and try something like Mullvad.
4. 2FA
2FA everything.
Cold 2fa Device (Tier 1) - Yubikey or Google Titan
Custom 2fa Device (Tier 2) - Cheaper option is to buy a cheap phone, download 2fa, swap it to flight mode forever.
Note: 2FA can be circumvented, it is not an absolute defence.\
5. Passwords
This is where we disproportionately limit the damage a successful hack can do to us. I’m going to share a multilevel system I’ve built for myself.
There are two tiers of data.
Level 1 Data
Level 2 Data
Level 1 Data
To determine if your data is level 1 ask yourself this.
"If a hacker had access to only this information, would they be able to attack me?"
For example, if a hacker gained access to your private keys, they could directly access your cryptocurrency.
Level 1 Data Rules
- Keep offline
- Never be stored on your laptop
- When entering these passwords, you will alternate between using your actual keyboard and an on-screen keyboard
- These passwords will be a minimum of 15 keys long and as complex as possible
- Have back ups
Level 2 Data
Any data which on its own cannot grant the hacker access to any of your funds or important data is considered level 2.
This means If a hacker were to gain access to a level 2 password, they would still be unable to actually access anything vulnerable.
Level 2 Data Rules
You can randomly generate by your password manager and should never be typed, always copy and paste from your manager without revealing the password in case you are being watched or key logged.
6. EXCHANGES
Don't trust any sketchy exchanges with your crypto.
-Deposit only what you need to buy/sell.
-Use reputable exchanges like Binance.
- Use 2FA
-Set a global lock that requires a minimum wait time before settings are changed
-Whitelist your addresses and set a lock on adding new addresses
-Use leverage to reduce counterparty risk
7. Advanced: Separate computers
Separate computers are an expensive option so decide if it’s worth the investment relative to the value of your online security and assets.
-High Security Computer
-Low Security Computer
High Security Computer
Used only for handling crypto, banking, trading and other sensitive activities.
Your high security device is never to deviate from essential websites or click on any links.
All it takes is one mistake to compromise your security.
Low Security Computer
For all other activities, you can use your low security device.
There should never be crossover between these two devices.
8. PROTECT OTHERS
Someone you care about getting attacked can be leveraged against you.
Share this with others and make sure they are as protected as you.
#hackers #BitEagleNews
If you are not careful, you'll be next.
This article shares 8 security practices that everyone should be using.
If you already have multisig, virtual machines, 3 identities, your own email servers, a nuclear bunker and a lifetime supply of ramen.
Then you won’t need this guide,
For everyone else let's begin.
1. Crypto Storage
Hardware Wallets (Tier 1) - Ledger, NGRAVE, Trezor
Paper Wallet (Tier 2) - Easily lost and damaged. But costs only time.
Desktop wallet (Tier 3) - Only as safe as the system they are on. Not Ideal.
2. Emails
Old emails with weak passwords are a common point of entry for hackers.
If you’ve had it for a while and used it for multiple websites, chances are you want to get rid of it.
3. VPN
Most main providers are good enough (nord / express).
You can take your privacy even further and try something like Mullvad.
4. 2FA
2FA everything.
Cold 2fa Device (Tier 1) - Yubikey or Google Titan
Custom 2fa Device (Tier 2) - Cheaper option is to buy a cheap phone, download 2fa, swap it to flight mode forever.
Note: 2FA can be circumvented, it is not an absolute defence.\
5. Passwords
This is where we disproportionately limit the damage a successful hack can do to us. I’m going to share a multilevel system I’ve built for myself.
There are two tiers of data.
Level 1 Data
Level 2 Data
Level 1 Data
To determine if your data is level 1 ask yourself this.
"If a hacker had access to only this information, would they be able to attack me?"
For example, if a hacker gained access to your private keys, they could directly access your cryptocurrency.
Level 1 Data Rules
- Keep offline
- Never be stored on your laptop
- When entering these passwords, you will alternate between using your actual keyboard and an on-screen keyboard
- These passwords will be a minimum of 15 keys long and as complex as possible
- Have back ups
Level 2 Data
Any data which on its own cannot grant the hacker access to any of your funds or important data is considered level 2.
This means If a hacker were to gain access to a level 2 password, they would still be unable to actually access anything vulnerable.
Level 2 Data Rules
You can randomly generate by your password manager and should never be typed, always copy and paste from your manager without revealing the password in case you are being watched or key logged.
6. EXCHANGES
Don't trust any sketchy exchanges with your crypto.
-Deposit only what you need to buy/sell.
-Use reputable exchanges like Binance.
- Use 2FA
-Set a global lock that requires a minimum wait time before settings are changed
-Whitelist your addresses and set a lock on adding new addresses
-Use leverage to reduce counterparty risk
7. Advanced: Separate computers
Separate computers are an expensive option so decide if it’s worth the investment relative to the value of your online security and assets.
-High Security Computer
-Low Security Computer
High Security Computer
Used only for handling crypto, banking, trading and other sensitive activities.
Your high security device is never to deviate from essential websites or click on any links.
All it takes is one mistake to compromise your security.
Low Security Computer
For all other activities, you can use your low security device.
There should never be crossover between these two devices.
8. PROTECT OTHERS
Someone you care about getting attacked can be leveraged against you.
Share this with others and make sure they are as protected as you.
#hackers #BitEagleNews
🚨 Deepfake Alert!
🔴 Manta Network's Kenny Li suspects the notorious Lazarus Group tried to target him in a sophisticated deepfake Zoom attack 🕵️♂️.
#Hackers used a fake video to gain trust, then pushed a malicious script download before disappearing 💻😱.
This incident highlights the growing threat of #deepfakes and social engineering in cybersecurity 🤖💸. Prioritize your online security:
✨ Verify identities before sharing sensitive info
✨ Be cautious of unexpected video calls or requests
✨ Keep software and systems up-to-date
🔴 Manta Network's Kenny Li suspects the notorious Lazarus Group tried to target him in a sophisticated deepfake Zoom attack 🕵️♂️.
#Hackers used a fake video to gain trust, then pushed a malicious script download before disappearing 💻😱.
This incident highlights the growing threat of #deepfakes and social engineering in cybersecurity 🤖💸. Prioritize your online security:
✨ Verify identities before sharing sensitive info
✨ Be cautious of unexpected video calls or requests
✨ Keep software and systems up-to-date
👉👉👉 #PhishingScams Targeted Decrypt Newsletter Subscribers—Here’s the Latest
In the early hours of March 27, #hackers posing as Decrypt sent an email to our newsletter subscribers announcing a fabricated token airdrop. Upon discovering the phishing attempt, we promptly sent a follow-up email to alert our readers of the scam.
Regrettably, in our urgency to caution our subscribers and due to a previous phishing incident in January, we mistakenly attributed fault to our email service provider, MailerLite, for this attack. However, it has since been clarified that the hackers obtained our password key from Decrypt's end—MailerLite bears no responsibility.
“Due to security measures, MailerLite does not retain API key information, making it inaccessible in MailerLite’s admin panel or the account in general,” explained a MailerLite spokesperson today. “As a result, despite Decrypt Media's account being affected during the data breach on January 23, 2024, perpetrators were unable to access API keys that could facilitate the sending of phishing campaigns on March 27, 2024.”
We extend our sincere apologies to MailerLite for our hasty misjudgment.
We'll cooperate with law enforcement as we investigate. MailerLite reported that the phishing campaigns originated from IP address "69.4.234.86" and used user agent "python-requests/2.31.0" via their API. The intruders removed addresses ending in decrypt.co or decryptmedia.com from our list to evade detection before sending the fraudulent emails.
While most readers remain vigilant against phishing attempts, one individual tried to connect their wallet to a bogus address. Even one instance is concerning. #CryptoScams are rampant and sophisticated. Decrypt, like other crypto entities, has been impersonated. Hackers create fake websites, Discord servers, and social media accounts impersonating our team. Note that we only operate under decrypt.co and decryptmedia.com domains—be cautious of other domains!
Source - decrypt.co
#CryptoNews🔒📰🚫 #BinanceSquareTalks
In the early hours of March 27, #hackers posing as Decrypt sent an email to our newsletter subscribers announcing a fabricated token airdrop. Upon discovering the phishing attempt, we promptly sent a follow-up email to alert our readers of the scam.
Regrettably, in our urgency to caution our subscribers and due to a previous phishing incident in January, we mistakenly attributed fault to our email service provider, MailerLite, for this attack. However, it has since been clarified that the hackers obtained our password key from Decrypt's end—MailerLite bears no responsibility.
“Due to security measures, MailerLite does not retain API key information, making it inaccessible in MailerLite’s admin panel or the account in general,” explained a MailerLite spokesperson today. “As a result, despite Decrypt Media's account being affected during the data breach on January 23, 2024, perpetrators were unable to access API keys that could facilitate the sending of phishing campaigns on March 27, 2024.”
We extend our sincere apologies to MailerLite for our hasty misjudgment.
We'll cooperate with law enforcement as we investigate. MailerLite reported that the phishing campaigns originated from IP address "69.4.234.86" and used user agent "python-requests/2.31.0" via their API. The intruders removed addresses ending in decrypt.co or decryptmedia.com from our list to evade detection before sending the fraudulent emails.
While most readers remain vigilant against phishing attempts, one individual tried to connect their wallet to a bogus address. Even one instance is concerning. #CryptoScams are rampant and sophisticated. Decrypt, like other crypto entities, has been impersonated. Hackers create fake websites, Discord servers, and social media accounts impersonating our team. Note that we only operate under decrypt.co and decryptmedia.com domains—be cautious of other domains!
Source - decrypt.co
#CryptoNews🔒📰🚫 #BinanceSquareTalks
North Korea is behind the Bybit HACK
🙄Hack A group of DPRK #hackers #LazarusGroup hacked a cold wallet on the exchange for 400k $ETH ($1.5 billion dollars)
Now they have more ether than Vitaliy Buterin, the creator of the token himself
😀The channels are already screaming that North Korea has announced a strategic reserve of ether😂
#BybitHack #BybitWalletHack
Now they have more ether than Vitaliy Buterin, the creator of the token himself
😀The channels are already screaming that North Korea has announced a strategic reserve of ether😂
#BybitHack #BybitWalletHack
🔓 Hackers Steal $1.5bn from Crypto Exchange in ‘Biggest Digital Heist Ever’ 💸💻
The crypto world has been rocked by a massive security breach! 😱 Hackers have stolen a staggering $1.5 billion from a major cryptocurrency exchange, making it the largest digital heist in history. 🏴☠️💰
🚨 What Happened?
Cybercriminals managed to bypass security protocols and siphon off funds from the exchange’s wallets. 🔐➡️💸 Here’s what we know:
⚠️ Unprecedented breach – A sophisticated attack exploited vulnerabilities in the exchange’s system. 🛑🔓
💰 $1.5 billion lost – One of the biggest crypto thefts ever recorded. 📉🔥
🌐 Impact on the crypto market – Prices of major cryptocurrencies fluctuated as news broke. 📊📉
🕵️ How Did the Hackers Do It?
Security experts believe the attack was executed through:
🔍 Phishing & social engineering – Tricking employees into revealing credentials. 🎭🔑
🛠️ Exploiting smart contract flaws – Manipulating weaknesses in blockchain protocols. 🏗️⚠️
🌍 Global cyber network – A well-organized hacker group likely behind the attack. 💻🌐
🏦 How to Protect Your Crypto?
With cybercrime on the rise, here’s how you can keep your crypto assets safe: 🛡️🔒
1️⃣ Use Cold Wallets – Store your crypto offline to prevent online breaches. 🏦❄️
2️⃣ Enable 2FA – Add an extra layer of security to your accounts. 🔑🔐
3️⃣ Be Wary of Phishing – Avoid suspicious emails and messages. 🚫📧
4️⃣ Use Reputable Exchanges – Stick to platforms with strong security measures. 🏛️✅
5️⃣ Stay Informed – Follow cybersecurity updates to spot potential threats. 📢📰
🏁 What’s Next?
Authorities and cybersecurity firms are working around the clock to track down the hackers and recover stolen funds. ⏳⚖️ Will they succeed? Only time will tell. 🕰️👀
#Crypto #Hackers #CyberSecurity #Bitcoin #CryptoExchange
$SOL $BNB $XRP
The crypto world has been rocked by a massive security breach! 😱 Hackers have stolen a staggering $1.5 billion from a major cryptocurrency exchange, making it the largest digital heist in history. 🏴☠️💰
🚨 What Happened?
Cybercriminals managed to bypass security protocols and siphon off funds from the exchange’s wallets. 🔐➡️💸 Here’s what we know:
⚠️ Unprecedented breach – A sophisticated attack exploited vulnerabilities in the exchange’s system. 🛑🔓
💰 $1.5 billion lost – One of the biggest crypto thefts ever recorded. 📉🔥
🌐 Impact on the crypto market – Prices of major cryptocurrencies fluctuated as news broke. 📊📉
🕵️ How Did the Hackers Do It?
Security experts believe the attack was executed through:
🔍 Phishing & social engineering – Tricking employees into revealing credentials. 🎭🔑
🛠️ Exploiting smart contract flaws – Manipulating weaknesses in blockchain protocols. 🏗️⚠️
🌍 Global cyber network – A well-organized hacker group likely behind the attack. 💻🌐
🏦 How to Protect Your Crypto?
With cybercrime on the rise, here’s how you can keep your crypto assets safe: 🛡️🔒
1️⃣ Use Cold Wallets – Store your crypto offline to prevent online breaches. 🏦❄️
2️⃣ Enable 2FA – Add an extra layer of security to your accounts. 🔑🔐
3️⃣ Be Wary of Phishing – Avoid suspicious emails and messages. 🚫📧
4️⃣ Use Reputable Exchanges – Stick to platforms with strong security measures. 🏛️✅
5️⃣ Stay Informed – Follow cybersecurity updates to spot potential threats. 📢📰
🏁 What’s Next?
Authorities and cybersecurity firms are working around the clock to track down the hackers and recover stolen funds. ⏳⚖️ Will they succeed? Only time will tell. 🕰️👀
#Crypto #Hackers #CyberSecurity #Bitcoin #CryptoExchange
$SOL $BNB $XRP
More about OpenBounty on Shentu Chain!
OpenBounty is a decentralized platform that connects white hat hackers and Web3 projects to enhance the security of the decentralized ecosystem. Here's a more detailed breakdown of how it works:
1. Project Registration: Web3 projects register on the OpenBounty platform, providing details about their project and the bounties they offer for identifying and reporting vulnerabilities.
2. Bounty Creation: Projects create bounties for specific vulnerabilities or issues they want to address. The bounty amount is set by the project and can vary depending on the severity of the vulnerability.
3. White Hat Participation: White hat hackers and security researchers review the available bounties and choose the ones they want to work on. They then analyze the project's code and systems to identify potential vulnerabilities.
4. Vulnerability Reporting: Once a white hat hacker identifies a vulnerability, they submit a detailed report to the OpenBounty platform. The report includes a description of the vulnerability, its potential impact, and steps to reproduce the issue.
5. Verification and Resolution: The project team reviews the vulnerability report and verifies its validity. If the vulnerability is confirmed, the project works on fixing the issue. The white hat hacker receives the bounty reward once the vulnerability is resolved.
6. Reputation System: OpenBounty maintains a reputation system for both projects and white hat hackers. Projects with a good reputation are more likely to attract skilled white hat hackers, while white hat hackers with a strong reputation are more likely to be trusted by projects.
By utilizing the Shentu Chain, OpenBounty ensures a transparent and tamper-proof environment for bug bounty programs. This fosters collaboration between Web3 protocols and skilled white hat hackers, ultimately enhancing the security of the decentralized ecosystem.
#shentu #ShentuChain #openbounty #hackers #write2earn
$CTK
OpenBounty is a decentralized platform that connects white hat hackers and Web3 projects to enhance the security of the decentralized ecosystem. Here's a more detailed breakdown of how it works:
1. Project Registration: Web3 projects register on the OpenBounty platform, providing details about their project and the bounties they offer for identifying and reporting vulnerabilities.
2. Bounty Creation: Projects create bounties for specific vulnerabilities or issues they want to address. The bounty amount is set by the project and can vary depending on the severity of the vulnerability.
3. White Hat Participation: White hat hackers and security researchers review the available bounties and choose the ones they want to work on. They then analyze the project's code and systems to identify potential vulnerabilities.
4. Vulnerability Reporting: Once a white hat hacker identifies a vulnerability, they submit a detailed report to the OpenBounty platform. The report includes a description of the vulnerability, its potential impact, and steps to reproduce the issue.
5. Verification and Resolution: The project team reviews the vulnerability report and verifies its validity. If the vulnerability is confirmed, the project works on fixing the issue. The white hat hacker receives the bounty reward once the vulnerability is resolved.
6. Reputation System: OpenBounty maintains a reputation system for both projects and white hat hackers. Projects with a good reputation are more likely to attract skilled white hat hackers, while white hat hackers with a strong reputation are more likely to be trusted by projects.
By utilizing the Shentu Chain, OpenBounty ensures a transparent and tamper-proof environment for bug bounty programs. This fosters collaboration between Web3 protocols and skilled white hat hackers, ultimately enhancing the security of the decentralized ecosystem.
#shentu #ShentuChain #openbounty #hackers #write2earn
$CTK
🚨#LOOPSCALE RECAPTURES #STOLEN FUNDS, SET TO RESTART SERVICES POST-HACK
🔹Exploit Details: #Hackers drained 5.73M USDC and 1,211.4 SOL via a pricing logic flaw
🔹All stolen funds have been recovered
🔹Service Restoration: Refinancing function will restart soon, full rollout in phases
🔹Borrower Update: 3-day grace period extended; users urged to manage positions proactively
🔹Rewards: Vault/Advanced Lend balances (Apr 26–Jun 7) get 12x points boost
---
$SOL
🔹Exploit Details: #Hackers drained 5.73M USDC and 1,211.4 SOL via a pricing logic flaw
🔹All stolen funds have been recovered
🔹Service Restoration: Refinancing function will restart soon, full rollout in phases
🔹Borrower Update: 3-day grace period extended; users urged to manage positions proactively
🔹Rewards: Vault/Advanced Lend balances (Apr 26–Jun 7) get 12x points boost
---
$SOL
🚨LOOPscale #HACKER AGREES TO#RETURN FUNDS FOR BOUNTY
🔹Loopscale Labs said hackers agreed to return stolen funds via bounty negotiation.
🔹Hack involved 5.7M$USDC and 1,200$SOL theft.
🔹Withdrawal recovery plan and incident report postponed, expected in a few days.
🔹Loopscale Labs said hackers agreed to return stolen funds via bounty negotiation.
🔹Hack involved 5.7M$USDC and 1,200$SOL theft.
🔹Withdrawal recovery plan and incident report postponed, expected in a few days.
🚨🇰🇵North Korean #hackers are using a new malware called "NimDoor" to target crypto companies, according to Sentinel Labs.
🔹Disguised as Zoom updates and spread via Telegram, the malware is written in the rare Nim language, allowing it to bypass Apple's security and steal crypto wallet data, browser passwords, and Telegram local databases.
----
$BTC $ETH
🔹Disguised as Zoom updates and spread via Telegram, the malware is written in the rare Nim language, allowing it to bypass Apple's security and steal crypto wallet data, browser passwords, and Telegram local databases.
----
$BTC $ETH
Schrödinger's Vulnerability: Why Hackers Invent WordPress Security Problems
An unusual strategy by cybercriminals is leading to massive infections of websites with malicious code.
WordPress admins are receiving fake security notifications related to a non-existent vulnerability allegedly being tracked under the ID CVE-2023-45124 . The purpose of the attack is to infect websites with a malicious plugin.
The emails, masquerading as official messages from WordPress, talk about a critical remote code execution ( RCE ) vulnerability discovered on the administrator's site. WordPress users are being persuaded to install a plugin that claims to solve a security problem.
Clicking the “Download plugin” button leads to a fake page “en-gb-wordpress[.]org”, outwardly indistinguishable from the official site “wordpress.com”. The page indicates an inflated number of downloads of the plugin at 500 thousand downloads, as well as fake user reviews.
makes it difficult to detect and remove. At the moment, the purpose of the plugin is unknown, but experts suggest that it can be used to inject advertising on compromised sites, redirect visitors, steal confidential information, or even blackmail site owners with the threat of leaking database contents.
WordPress security experts from Wordfence and PatchStack have posted warnings on their sites to raise awareness among administrators and users about this threat. It is extremely important to be careful when installing unknown plugins and to pay attention to suspicious emails.
#cyborg #BinanceTournament #hackers #News #BTC
$BTC $ETH $BNB
An unusual strategy by cybercriminals is leading to massive infections of websites with malicious code.
WordPress admins are receiving fake security notifications related to a non-existent vulnerability allegedly being tracked under the ID CVE-2023-45124 . The purpose of the attack is to infect websites with a malicious plugin.
The emails, masquerading as official messages from WordPress, talk about a critical remote code execution ( RCE ) vulnerability discovered on the administrator's site. WordPress users are being persuaded to install a plugin that claims to solve a security problem.
Clicking the “Download plugin” button leads to a fake page “en-gb-wordpress[.]org”, outwardly indistinguishable from the official site “wordpress.com”. The page indicates an inflated number of downloads of the plugin at 500 thousand downloads, as well as fake user reviews.
makes it difficult to detect and remove. At the moment, the purpose of the plugin is unknown, but experts suggest that it can be used to inject advertising on compromised sites, redirect visitors, steal confidential information, or even blackmail site owners with the threat of leaking database contents.
WordPress security experts from Wordfence and PatchStack have posted warnings on their sites to raise awareness among administrators and users about this threat. It is extremely important to be careful when installing unknown plugins and to pay attention to suspicious emails.
#cyborg #BinanceTournament #hackers #News #BTC
$BTC $ETH $BNB
🚨 ALERT: North Korean #hackers deploy new info-stealing #malware through fake crypto job sites targeting blockchain professionals, according to Cisco Talos.
#NorthKorea #Malware #FakeCryptoJobSites #Hackers
#NorthKorea #Malware #FakeCryptoJobSites #Hackers
🛡️ Blockchain vs Hackers: Who Wins in 2025? 🚀
Blockchain is secure, but hackers don’t always attack the chain itself—they target exchanges, wallets, and smart contracts.
⚡ Common Attacks:
✅Exchange hacks 💸
✅Smart contract bugs 🔓
✅Cross-chain bridge exploits 🌉
✅Phishing scams 🎭
❌ Defenses:
✅Decentralization makes Bitcoin/Ethereum resilient
✅Audits & bug bounties protect DeFi
✅Multi-sig wallets & AI monitoring improve security
👉 Final Thought: Blockchain isn’t unhackable, but it’s getting harder to break every year.
Do you think hackers will always stay one step ahead, or will blockchain win the battle?
#Blockchain #Hackers #CyberSecurity #Crypto $BTC
Blockchain is secure, but hackers don’t always attack the chain itself—they target exchanges, wallets, and smart contracts.
⚡ Common Attacks:
✅Exchange hacks 💸
✅Smart contract bugs 🔓
✅Cross-chain bridge exploits 🌉
✅Phishing scams 🎭
❌ Defenses:
✅Decentralization makes Bitcoin/Ethereum resilient
✅Audits & bug bounties protect DeFi
✅Multi-sig wallets & AI monitoring improve security
👉 Final Thought: Blockchain isn’t unhackable, but it’s getting harder to break every year.
Do you think hackers will always stay one step ahead, or will blockchain win the battle?
#Blockchain #Hackers #CyberSecurity #Crypto $BTC
How did a well-known centralized exchange get hacked?
On February 21st, one of the largest hacks to a centralized #exchange occurred, where #hackers nearly $1.4 billion dollars in ETH were stolen from one of the platform's wallets, but how did this happen and what are the hackers doing with this money? Let's explore.
On Friday, February 21, #blockchain researcher "Zach XBT" reported on his main networks that there were some very suspicious money outflows from the By...bit Exchange.
Image 1
On Friday, February 21, #blockchain researcher "Zach XBT" reported on his main networks that there were some very suspicious money outflows from the By...bit Exchange.
Image 1
Login to explore more contents