#wazirX #CryptoNewss #CryptoDawar #cyberattacks #CyberSafety

BENGALURU: Crypto exchange WazirX, in a virtual conference on Monday stressed that tracking and recovering stolen crypto assets is a top priority for the exchange.
WazirX, which is pursuing a restructuring of crypto balances which will take at least six months, filed a moratorium application in Singapore Court and as part of the restructuring, aims to engage with a white knight to provide capital and pursue partnerships and collaborations.
The cyberattack on July 18 resulted in a large volume of ERC-20 tokens being stolen. About Rs 2,000 crore worth of user funds were lost.
Last month, Google subsidiary Mandiant Solutions provided a clean chit to the crypto exchange, but digital assets security firm Liminal Custody questioned the scope and methodology of the audit.
When asked about it, Nischal Shetty, WaxirX Founder and CEO told TNIE. "It's just three laptops that we used for accessing the liminal website. Our infrastructure was not impacted or involved in this process. We gave the entire laptop image and data to the forensic team, we have even provided this to the right authorities."
He added that there is nothing beyond the laptop image that exists with us since nothing else on our end was used for accessing the Liminal website except these three laptops.
George Gwee, director of restructuring at Kroll and Jason Kardachi, MD of Kroll, also addressed the conference. Kroll is the financial advisor and according to them, customers will receive returns of 55 per cent to 57 per cent of the funds. This means, 43 per cent of the money would not be able to recover.
However, Shetty added that they are in the negotiation and the ideation stage. The exchange also has an ownership dispute with Binance. While Zanmai India operates WazirX, Zettai is Singapore-incorporated, and it has applied for a moratorium.
The exchange also explained that restructuring is not insolvency, liquidation or bankruptcy. It is a plan to distribute assets to users in a pro-rata, equitable way, and in crypto (not fiat); and it allows users who need liquidity urgently to withdraw crypto more quickly and not exit the restructuring.
Since Zanmai was not affected by the cyberattack, the platform reopened INR withdrawals up to a limit of 66 per cent. The remaining INR are frozen due to ongoing disputes, and investigations by various Indian Law Enforcement Agencies and will be made available for withdrawal as and when they are unfrozen, the crypto exchange informed.

The cryptocurrency industry has rapidly grown into a significant sector with the advancement of digital transformation and technology. However, this rapid growth has made it an attractive target for cyber attackers. Recently, a specific cyber attack targeting cryptocurrency companies has drawn attention, involving a group of hackers supported by the North Korean government.

North Korea-Backed Cyber Attacks:

According to reports by Reuters on July 20, a cyber attack group backed by the North Korean government successfully hacked an American IT management company called JumpCloud and used it as a starting point to target cryptocurrency companies.

JumpCloud, based in Louisville, Colorado, disclosed that the attackers gained unauthorized access to their systems in late June. The attackers then focused their efforts on targeting fewer than five of JumpCloud's customers. While the company did not disclose the identities of the affected customers, cybersecurity firms CrowdStrike Holdings and Mandiant confirmed that these attackers were interested in cryptocurrency theft.

Changing Cyber Attack Strategies:

This incident highlights a shift in the strategies of North Korean cyber spies. They have transitioned from targeting individual digital currency companies to supply chain attack strategies. By targeting a service provider like JumpCloud with multiple customers, the attackers managed to gain access to the information of multiple potential victims downstream. #hackers #JumpCloud

Attacker Groups and Names:

The cyber attacker group behind the attack was identified as "Labyrinth Chollima" by CrowdStrike. However, Mandiant labeled the attackers as the Reconnaissance General Bureau (RGB), which is North Korea's primary foreign intelligence agency. Labyrinth Chollima is known for its bold and disruptive cyber attacks. #cybersecurity

Cryptocurrency Thefts and Financial Losses:

The targeting of cryptocurrency companies resulted in significant financial losses, as reported by the blockchain analytics firm Chainalysis. It is estimated that approximately $1.7 billion worth of digital cash in cryptocurrencies was stolen in multiple hacks.

North Korea's Denial:

North Korea did not respond to requests from its mission to the UN in New York and has consistently denied its role in digital currency thefts. However, international reports and expert analyses confirm North Korea's involvement in cyber attacks. #northkorea #cyberattacks

In Summary:

North Korea-backed cyber attackers continue to draw attention with their changing tactics and bold attacks. The cryptocurrency sector must remain vigilant against constantly evolving threats and strengthen its security measures. Cybersecurity experts express concerns about the increasing prevalence of supply chain attacks and stress the need for the industry to remain alert to such threats. Cryptocurrency companies must take necessary steps to secure customer information and digital assets while continuously updating their security measures.

Hackers have reportedly struck PolyNetwork, a cross-chain protocol, for the second time, resulting in a significant offload of Shiba Inu (SHIB) According to blockchain analytics firm Lookonchain, the attackers sold 94 billion SHIB tokens in exchange for 360 Ether (ETH), along with other assets like 495 million COOK tokens and 15 million RFuel tokens. The firm also noted that the perpetrators are moving assets and Ethereum to new wallets, most likely in preparation for more sales. This is not the first time PolyNetwork has fallen victim to #cyberattacks . In 2021, hackers looted the platform for over $600 million, marking it as the largest heist in the history of decentralized finance (DeFi).The massive stolen amount was later returned, but the incident highlighted the persistent vulnerabilities in the nascent crypto space. Today's event further strains the platform's liquidity, with large amounts of #BNB and BUSD reportedly unable to be moved cross-chain at this time due to the attack. The BlockSec team identified the attack on PolyNetwork, outlining that the attackers locked a small number of tokens on the source chain before unlocking a greater number on the destination chain. Yu Xian, founder of SlowMist, a blockchain security company, assured users not to panic, stating that the $4.2 billion worth of assets stolen by the hackers are mostly "air" and will not materialize into actual assets. However, it remains clear that security concerns in the DeFi space persist, and the industry must continue to bolster its defenses against cyber threats.

WASHINGTON, Aug 10 - Donald #Trump's U.S. presidential campaign said on Saturday some of its internal communications were hacked and blamed the Iranian government, citing past hostilities between Trump and Iran without providing direct evidence.
The Republican's campaign statement came shortly after news website Politico reported it had begun receiving emails in July from an anonymous source offering authentic documents from inside Trump's operation, including a report about running mate JD Vance's "potential vulnerabilities."
"These documents were obtained illegally from foreign sources hostile to the United States, intended to interfere with the 2024 election and sow chaos throughout our Democratic process," Trump campaign spokesperson Steven Cheung said in a statement.
Late on Saturday, Trump posted on his Truth Social app that Microsoft (MSFT.O), opens new tab had just informed the campaign that Iran had hacked one of its websites. He cast blame on #Iran , adding they were "only able to get publicly available information." He did not elaborate further on the hack.
Reuters has not independently verified the identity of the alleged hackers or their motivation.
The Trump campaign referred to a Friday report from Microsoft researchers that said Iranian government-tied hackers tried breaking into the account of a "high-ranking official" on a U.S. presidential campaign in June. The hackers had taken over an account belonging to a former political advisor and then used it to target the official, the report said. That report did not provide further details on the targets' identities.
A Microsoft spokesperson declined to name the targeted officials or provide additional details after the report was published.
Iran's permanent mission to the United Nations in New York said in an email that "the Iranian government neither possesses nor harbors any intent or motive to interfere in the United States presidential election."
"We do not accord any credence to such reports," it added in response to the Trump campaign's allegations.
On Friday, in response to Microsoft's findings, Iran's U.N. mission told its cyber capabilities were "defensive and proportionate to the threats it faces," and that it had no plans to launch cyberattacks.
The former president had tense relations with Iran while in office. Under Trump, the United States killed Iranian military commander Qassem Soleimani in 2020 and withdrew from a multilateral Iran nuclear deal.

#MarketDownturn #Write2Earn! #cyberattacks