Immunefi Report: 112% Surge in Crypto Hacks and Frauds in Q2 2024 🚨💰

Immunefi’s latest report reveals a shocking 112% increase in crypto hacks and frauds for Q2 2024, totaling $572.7 million in losses. 💸🔒
Key Highlights:
- **Ethereum Most Targeted:** Ethereum faced 34 incidents (46.6% of total losses), while BNB was second with 18 incidents (24.7%). 🛡️
- CeFi Takes the Hit: Centralized finance (CeFi) suffered 70% of the losses, with DeFi platforms accounting for 30%. 📉
- **Major Breaches:** DMM Bitcoin lost $305 million, and BtcTurk lost $55 million. 🏦💥
Recovery Efforts:
Some recoveries were noted, like ALEX Lab retrieving $3.9 million and the Gala Games hacker returning $21 million in stolen ETH. 🔄💎
Fraud vs. Hacks:
Fraud losses fell 81%, but hacks soared 155%. Overall, $920.9 million has been lost YTD across 135 incidents. 📉
Conclusion:
The surge in crypto attacks underscores the need for stronger security. Stay vigilant and use only trusted platforms. 🔐🚀

#Fraud_alert #FraudPreventionPartnership #HackerNews $USDC

💰#HackerNews purchased $40 million worth of cryptocurrency during a market crash.

💎 This hacker, who stole $200 million in cryptocurrency in 2022, invested $40 million in the #DAICOIN stablecoin to acquire nearly 17,000 ETH when the price of ether fell below $2,200 on the morning of August 5.

🔒 He became famous for hacking the Nomad blockchain bridge, which was one of the largest attacks in terms of damage caused in the cryptocurrency world. The incident itself took place exactly two years ago, on August 2, 2022.

⚠️ July Crypto Hacks Reach $266M, WazirX Takes Biggest Hit

🌐 July saw $266 million stolen from the crypto ecosystem through 16 separate attacks. The Indian exchange WazirX suffered the largest loss, with North Korean hackers reportedly stealing over $230 million (86.4% of the total). Other significant victims included Compound Finance ($24M), Li.Fi protocol ($10M), and Bittensor and Rho Markets ($8M each).

❗️Centralized finance (CeFi) entities remain the primary targets for hackers, though attacks on smart contract-based projects are also increasing. Many hackers used Tornado Cash to obscure their tracks after the thefts.

These hacks underscore the persistent security challenges in the crypto space. It's crucial to stay informed about security best practices and remain cautious when interacting with both centralized and decentralized platforms. Always prioritize the safety of your digital assets.

#wazirX #HackerNews #WazirXIndia #WazirXHacked $BTC

“Binance did nothing even though it knew of the theft and frequent cross-trading. Hackers manipulated accounts for over an hour, causing extremely abnormal transactions in multiple currency pairs without any risk control; Binance failed to freeze the funds of the obvious hacker’s single account in the platform on time.”
#binance #HackerNews

Crypto Mailing Vendors List Was Hacked; CEO of Tether Warns

[Due to a serious security breach, a prominent vendor that maintained email lists for cryptocurrency companies was hacked, which resulted in the dissemination of phony emails promising airdrops.]

It has been verified that a significant vendor in charge of email lists for different cryptocurrency organizations has been compromised, which is a worrying development for the bitcoin ecosystem. Sensitive information may have been compromised by this incident, which could have sparked a surge of phony emails offering cryptocurrency airdrops. Because unscrupulous actors may use the exposed data to trick consumers and spread frauds, the hack poses a serious danger to the security and confidence of the cryptocurrency sector.

[The CEO of Tether's Reaction and Suggestions]

The CEO of Tether, Paolo Ardoino, commented on the situation, stating that they have heard from two separate sources indicating that a well-known vendor that cryptocurrency companies employ to maintain their mailing lists may have been compromised. Ardoino warned the community to be very wary of such cryptocurrency scams, but he declined to name the vendor until the inquiry was over.

Ardoino said, "Please be cautious of any emails suggesting crypto-airdrops received since 24 hours ago." He stressed the significance of closely examining any unsolicited emails and cautioned against opening attachments or clicking on links from unidentified senders. The management of Tether is pushing for stricter security measures throughout the sector and is acting proactively to reduce the risks this incident poses.

[Greater Effect and Preventive Actions]

Bobby Ong, co-founder of CoinGecko, provided more information on the issue, confirming that an email newsletter provider is in fact the target of an ongoing supply chain email breach assault. These bogus email blasts touting fictitious token launches might have an impact on a number of cryptocurrency firms.
#Bitcoin❗ #HackerNews

🚨 London Arrest: 'Pump Fun' Crypto Hacker Reveals Risks in Ethereum (ETH) Trading Security🚨

The crypto world is buzzing as the hacker behind Pump Fun's $1.9 million attack breaks his silence, shedding light on critical security risks in Ethereum (ETH) trading. 🕵️‍♂️💥

🔍 Key Developments:
- Hacker Speaks Out: The hacker, known as Jarett Dunn or StaccOverflow, shared details about his arrest on social media, revealing new information about the attack. 💬
- Arrest and Bail:After his arrest in London, Dunn was unexpectedly granted bail and accused the Pump Fun team of even more serious offences. This twist adds a layer of complexity to the case, blending legal and ethical concerns. ⚖️

💡 Deeper Issues Uncovered:
Pump Fun, a Solana-based memecoin trading platform, suffered a major breach on May 16, resulting in nearly $2 million in losses. This incident has spotlighted the security vulnerabilities of meme coin platforms and their susceptibility to internal threats. 🛡️

🚨 Hacker's Allegations:
Dunn accused the platform of operating as an unregistered securities exchange and lacking proper KYC and AML procedures. If proven, these claims could have significant legal implications for similar platforms across the crypto industry. 🔐

🌐 Broader Implications:
The Pump Fun case underscores the complex nature of insider threats within the cryptocurrency sector. Employees with access to critical systems can pose substantial risks, highlighting the need for robust security measures and regulatory oversight. This incident also illustrates the challenges regulators face in ensuring compliance in the fast-evolving digital asset landscape. 🌪️

🚀 Looking Ahead:
As the crypto community watches closely, the Pump Fun saga serves as a stark reminder of the importance of security and regulatory compliance in protecting digital assets.

$BTC $ETH #CryptoSecurity #PumpFun #HackerNews #RegulationMatters #DigitalAssets

#HackerNews Holograph, an omnichain tokenization protocol, has been exploited by malicious actors on Thursday, draining 1 billion native HLG token. The crypto fell nearly 80% in value, following the hack.

In yet another staggering hack, perpetrators mined 1 billion HLG tokens and absconded with tokens worth $14.4 million. The platform posted on X that the team has “patched the initial exploit” and is working to freeze exploiters’ accounts.

breaking news 😥📢📢🚨🚨INDIA biggest exchange hacked $BTC $ETH $BNB Indian cryptocurrency exchange WazirX claimed that it was “taking all necessary steps to protect the customer assets,” after a cyber-attack against one of its wallets resulted in the loss of more than $230 million.

#wazirX #HackerNews #ETH_ETF_Approval_23July #cryptocurrency #ScamAware

Hackers Recovered $3 Million Worth Wallet Password.🙉

In a fascinating turn of events that could easily be part of a Hollywood movie script, a bitcoin owner found themselves locked out of their wallet containing a substantial 43.6 BTC, worth just under $3 million. The plot thickened as the owner sought help from none other than a renowned hacker named Joe Grand, also known as Kingpin in the hacking community.

The intriguing saga, first brought to light by Kim Zetter for Wired, unfolded when the wallet owner, known only as Michael, reached out to Joe Grand in 2022. Joe Grand has gained notoriety for his knack for recovering lost bitcoin from inaccessible wallets. While Grand typically declines such requests due to his primary role as a consultant helping developers secure their systems, the intricate circumstances of Michael's case caught his attention.

The issue was a complex password generated using the RoboForm password manager, encrypted with TrueCrypt. However, a twist of fate led to the encrypted password file getting corrupted with no backup in place. Michael's reluctance to store the password in RoboForm for fear of potential hacking ironically contributed to the predicament.
After meticulous months of work, Grand and his team unearthed a security flaw in an outdated version of RoboForm's password generation mechanism. By exploiting this flaw, they were able to narrow down the search to the password generated on May 15, 2013.
Despite challenges and dead ends, perseverance paid off, leading to the successful recovery of the password. The revelation sparked a significant moment for Michael, allowing access to his bitcoin reserves. Subsequently, Michael cashed out some of the bitcoin, leaving him with 30 BTC to potentially capitalize on the cryptocurrency market's fluctuations.
The tale emphasizes the importance of secure password management and highlights the remarkable skill set of individuals like Joe.
#Megadrop #ETHETFsApproved #MtGox #HackerNews #btc70k

🚨🚨📌 WazirX Emergency Update ‼️⚠️🚨

WazirX Hack: Lessons Learned and Crypto Regulation Impact

*Breaking News:* WazirX, one of India's top exchanges, has been hacked, resulting in a loss of $230M+

*Impact on Crypto Regulation:*

- Stricter regulations expected in India
- Clampdown on crypto industry may affect Indian traders

*Lessons Learned:*

1️⃣ *No exchange is completely safe*: Avoid keeping long-term funds on exchanges, no matter how big they are.

2️⃣ *FIU compliance doesn't guarantee security*: Even with compliance, exchanges can still be vulnerable to hacks.

3️⃣ *Indian exchanges lag behind foreign exchanges*: In terms of security, liquidity, and trust, Indian exchanges still have a long way to catch up.

*Current Status:* Withdrawals suspended on WazirX. Hoping the team finds a solution to return customers' funds.

🔔 Stay informed with Kaleem's Crypto Mehfil !
KCM: Connecting Crypto Minds, Har Roz! 🔗

✅ Like 👍 | Comment 💬 | Retweet 🔁 |

Follow me for more updates! 👉 @Kaleem Crypto Mehfil KCM

Let's keep the conversation going! 💬

#KaleemsCryptoMehfilKCM #wazirX #exchange #HackerNews #BinanceTournament $WRX

🚨👀Crypto Hack news

1. **Atomic Wallet Hack**: Atomic Wallet, a popular decentralized wallet, recently experienced a significant breach leading to the theft of over $35 million in various cryptocurrencies. The exact method of the hack is still under investigation, but users are advised to transfer their funds to secure wallets and avoid using the compromised application .

2. **Balancer Protocol Exploit**: The Balancer decentralized finance (DeFi) protocol was exploited for approximately $900,000 due to a vulnerability in its code. The Balancer team is working on mitigating the impact and compensating affected users .

3. **Bancor Protocol Vulnerability**: Another DeFi platform, Bancor, suffered an attack where the attacker exploited a vulnerability in its smart contract, resulting in a loss of $1.5 million. Bancor has since paused its operations and is collaborating with security experts to address the issue and recover the stolen funds .

These incidents highlight ongoing security challenges within the cryptocurrency space, emphasizing the need for robust security measures and vigilant monitoring.$BTC #HackerNews #CryptoCrashAlert

🚨 WAZIR X🚨

⚠️ Indian exchange WazirX, from which hackers stole 45% of all assets, has proposed a "Loss Socialization Program" to all users✔️ Under this program, the debt will be evenly "spread" across all customers, and their assets will be divided in the proportion of "55%/45%" (55% in crypto, 45% in USDT, locked until the situation is resolved). #wazirX #HackerNews #WazirXIndia #WazirXHacked

🚨🚨 Security vulnerability attack on Loopring smart wallets.

Loopring smart wallets, especially those using #Loopring's Guardian, targeted by hacker. Hacker reset ownership and withdraw assets by impersonating wallet owner.

#CyberSafety #attack #Loopring #HackerNews

$XRP $BTC $SOL

🔥🔥🔥 North Korean hackers responsible for $235 million theft from Indian crypto exchange WazirX, says Cyfirma 😱😱😱

More than a week after $230 million was stolen from the Indian crypto exchange WazirX, it has been identified that the North Korean hacker group Lazarus Group was behind this massive theft.

According to Cyfirma, the state-sponsored attack is linked to North Korea's Reconnaissance General Bureau (RGB), a primary intelligence service. CYFIRMA’s researchers' analysis revealed that close to $235 million in crypto assets were lost due to the breach.

This included over 200 different assets, such as approximately $96.7 million of Shiba Inu, $52.6 million of Ether, $11 million of Matic, and $7.6 million of Pepe.

The threat actor has already swapped a number of these tokens for Ether using a variety of decentralized services, an expected initial step in a typical laundering process, the firm said.

The attacks were carried out by two subgroups of the Lazarus Group, namely APT38 and Blue Noroff. Lazarus mainly targets crypto exchanges and financial institutions worldwide.

Who are these two groups?

APT38 primarily focuses on financial crimes, including attacks on banks and cryptocurrency exchanges. They are known for orchestrating large-scale heists and have been linked to several high-profile attacks on Asian financial institutions and crypto exchanges.

APT38 uses sophisticated techniques such as custom malware, spear-phishing campaigns, and exploiting software vulnerabilities to infiltrate and steal funds. BlueNoroff is focused on targeting financial institutions and cryptocurrency exchanges.

Cyfirma said the group has been implicated in various attacks on crypto exchanges in Asia, employing tactics such as phishing, malware deployment, and social engineering to compromise their targets.
#ETH_ETFs_Trading_Today #Bitcoin_Coneference_2024 #BinanceTurns7 #WazirXIndia #HackerNews