Features News Daily TheBitTimes.com

The Taiwan-based crypto exchange WOO X still hasn’t lifted its temporary withdrawal ban after $14 million in crypto was stolen from users of the exchange via a phishing attack.  The exchange’s latest statement on X (formerly Twitter) said it would provide an update once it has reopened its withdrawal systems. It also revealed that a phishing attack targeting one of its employees gave way to the hack that stole from nine user accounts.  WOO X said that, despite its “many security measures” limiting the exploiters’ access, they were still given the time to “coordinate a series of withdrawals from the user accounts.”  However, six hours after this statement was released, no further update has been provided. The hacker also reportedly began requesting withdrawals at 13:50 UTC +8, until they were eventually halted almost 2 hours later.  Update 3: The exploit stemmed from a team member device being compromised in a targeted phishing attack, allowing the ...

While the frequency of once-common nine-figure hacks has waned in recent months, the decentralized finance (DeFi) sector remains a dangerous place. An $85 million scare and a $9.5 million hack have directly preceded the Ethereum Foundation’s show of confidence in DeFi, as it deposits $120 million of ether (ETH) into key protocols Aave, (Maker spin-off) Spark, and Compound Finance. However, just yesterday, users of DeFi protocol Liquity V2 were advised to withdraw their funds, after the team discovered a “potential issue” in the project’s Stability Pools. Liquity, the issuer of LUSD and BOLD stablecoins, is an immutable protocol and therefore unable to pause or upgrade the affected pools. In the event of a critical vulnerability, it would be up to users to be aware of the issue and withdraw any funds. The Liquity team was informed of a potential issue affecting Liquity V2 Stability Pools (“Earn”), and is currently investigating a potential impact. The team is currentl...

Dubai-based crypto exchange XT.com has suspended withdrawals after a hacker reportedly stole up to $1.7 million before converting it into ether (ETH).  A statement from XT this morning claims the exchange suffered an “abnormal transfer” of crypto from its platform wallet with the address 0xdb3ded7731c781224ec292e2163d9554c094fd7c. “The amount involved in this incident is approximately 1 million USDT across 12 different currencies,” XT claimed. However, the crypto security firm PeckShieldAlert reports that the exchange appears to have been hacked. It claims that the stolen funds were converted into 461.58 ETH, worth almost $1.7 million at the time of writing, and are sitting in an Ethereum address.  #PeckShieldAlert Our community member has detected that @XTexchange appears to have been hacked for ~$1.7 million worth of cryptos. The hacker has swapped the stolen funds for 461.58 $ETH & sit in 0xB43f…8F83 pic.twitter.com/bwINPguXlZ — PeckShieldA...

Singapore-based crypto exchange BingX has been hacked for approximately $43 million, forcing the platform to suspend withdrawals as it investigates the attack. Security analysts from PeckShield say that the funds were drained in multiple tranches. The stolen funds include $13.25 million in Ethereum , $2.3 million worth of Binance Coin (BNB), and $4.4 million in Tether (USDT). Hacker Used Popular DEXs To Swap The Funds For Mostly ETH And BNB The first hack saw around $26 million exit the exchange’s hot wallet. Just a few hours later, the hackers took an additional $16.5 million. A Google Doc shared on X by PeckShield shows that more than 360 different altcoins were drained from BingX. Most of the crypto was swapped for mostly ETH and BNB through decentralized swap platforms such as Uniswap and Kyberswap, according to Etherscan data . As of 2:48 a.m. EST, the wallet linked to the hackers holds over $2 million ETH valued at $5,205,221.39. The wallet also holds 136 tokens wit...

In what some have branded a ‘ governance attack ,’ controversial Proposal 289 passed a Compound Finance DAO vote yesterday, with a margin of 52% to 48%. The proposal grants 499,000 COMP tokens, worth $25 million at the time, to be sent to a goldCOMP vault created by a group known as the ‘Golden Boys.’ The price of COMP has dropped over 6% in the past 24 hours, according to data from CoinMarketCap. Potential governance attack on Compound seems to have passed.https://t.co/Uz2rteKvi6 — Michael Bentley (@euler_mab) July 28, 2024 Read more: Compound Finance and Celer Network websites compromised in ‘front-end’ attacks Compound is one of the longest-established lending platforms in the decentralized finance (DeFi) sector. Any decision about the running of the protocol must be made via on-chain governance, with votes being cast by owners of COMP tokens proportional to their holdings. While the proposal purports to be “an exciting new strategy designed to provide COMP hold...

A court in Finland has jailed the Hack er responsible for blackmailing 30,000 psychotherapy patient s for more than $500,000 in bitcoin , sentencing him to six years and nine months in prison.  Julius Kivimäki threatened to extort the Vastaamo psychotherapy center out of 40 bitcoins in 2018 after hacking into its database and stealing patient notes. He then blackmailed individual patients by threatening to release their notes unless a smaller bitcoin ransom was paid. Kivimäki denies the charges.   One suicide has reportedly been linked to Kivimäki’s extortion attempts while one victim told the BBC, “The main thing is that this absolutely empathy-lacking, ruthless criminal gets a prison sentence.” Did law enforcement in Finland crack Monero’s privacy technologies? Read more: Finnish police can’t find suspected bitcoin blackmailer they just released “After this, there rise thoughts about how short the conviction is when reflected against the n...

Gamers downloading cheats for the first-person shooter Call of Duty are reportedly being targeted by crypto-draining malware that has so far compromised the details of more than 4.9 million accounts. Call of Duty cheat provider Phantom Overlay was made aware of the malware campaign this week after users started to make unauthorized purchases. Phantom Overlay provides a marketplace for Call of Duty gamers to buy cheat s, such as aimbot and player detection behind walls. As reported by malware sleuth VX Underground, an unknown entity is using malware to steal the credentials of cheaters before publishing them online. The culprit has also infected users with crypto-draining malware capable of stealing bitcoin from Electrum wallets. Well, they're presumably stealing more than just their Call of Duty-related accounts. Being a cheater does not mean you should have your wallet drained. Or maybe some disagree ¯_(ツ)_/¯ — vx-underground (@vxunderground) March 28, 2024 Most users...

The LastPass hack claimed 25 victims on Oct. 25th, draining $4.4 million from several crypto wallets. The LastPass hack from earlier this year continues to incur significant losses for its users. On Oct. 25, around $4.4 million was drained from over 25 victims due to a vulnerability exploit in the LastPass password management system. Just on October 25, 2023 alone another ~$4.4M was drained from 25+ victims as a result of the LastPass hack. Cannot stress this enough, if you believe you may have ever stored your seed phrase or keys in LastPass migrate your crypto assets immediately. pic.twitter.com/26HsxrlnCb — ZachXBT (@zachxbt) October 27, 2023 The LastPass hack involved unauthorized access to user accounts, leading to significant financial losses for crypto owners who stored their wallet keys in the application. The cybercriminals behind the attack appear to have specifically targeted seed phrases and wallet keys, as crypto exfiltration seems to be their primary goal....

Users of Friend.tech — a decentralized social network — have recently been targeted by numerous hacker attacks. Jason Janowitz — founder of crypto news outlet Blockworks — described in an Oct. 8 tweet how someone tried to hijack his Friend.tech account. At first he received a message that posed as coming from Friend.tech’s automated assistance, pretending that the number associated with the account was being changed. “A number change has been requested for this account. Reply with YES to appprove this change, or NO to decline. If we do not receive a response within 2 hours, the change will proceed as requested.” The message is meant to cause someone to believe that a bad actor is trying to access his account and that he can prevent access by answering “no” to the message. What should make victims suspicious is that such a system is rather unlikely to automatically approve changes to the account if the user does not confirm the request. After Janowit...

The prevalence of cryptocurrency hack s is a well-known issue. There are consistently a considerable number of innocent investors falling prey to these unscrupulous individuals. These fraudulent activities often take the form of exchange hack s, wallet hack s, or phishing attacks. Additionally, unauthorized access to digital wallets or misleading direct messaging tactics also occur regularly. Also read: Shiba Inu Burn Rate Spikes by 61765%; 830,384,034 SHIB Burned Exchanges have been additionally bolstering their securities to find the tiniest bug that can weaken the security of the exchange. According to the latest details from a press release, the KuCoin exchange has launched a $1 million bug bounty program on HackenProof . Source: BusinessWire KuCoin launches biggest bounty program The bounty program is envisioned at strengthening security protection. The exchange has also launched a security landing page to assist users with tips to secure their own accounts. ...

SpiritSwap, a decentralized exchange (DEX) on Fantom, will cease operations from Sep.1, roughly 828 days after launching. The announcement follows the Multichain hack which depleted SpiritSwap’s treasury, making it impossible for the DEX to fund essential operations like costs, salaries, and marketing. End of an era as @Spirit_Swap calls it quits; the very first place I landed on #Fantom 828 days ago They're looking for a team to hand things to; otherwise operations will cease on September 1; a guide to help users withdraw $SPIRIT dregs as they unlock will be developed 🪦 pic.twitter.com/Syu2wqNlAY — The Fantom Ecologist (@ftm_ecologist) August 9, 2023 The SpiritSwap team intends to find a successor by Sep. 1. If a transfer of ownership doesn’t happen, the DEX will potentially close. SpiritSwap says it will assist the successor during the transition period. At peaks, SpiritSwap had a total value locked (TVL) of $374 million but currently rests at $2.87 ...

Arbitrum has gradually started making noise again within the crypto ecosystem. The on-chain metrics of the Ethereum scaling solution have been refined by leaps and bounds of late. Right from the number of daily transactions to the volumes settled on the chain, Arbitrum ’s numbers have been hovering around their peak lately. Leaving aside the positive strides made on the aforementioned fronts, it is worth noting that an algorithmic stablecoin project based on Arbitrum was hacked on Tuesday. The official Twitter handle of the project alleged that a Nigerian national had carried out the scam and asserted that he “claimed everything” from the Genesis Protocol. he claimed everything from the genesis protocol — Hope Finance (💙,🧡) (@Hope_fin) February 20, 2023 Also Read – Fact Check: Has ChatGPT Released Its Native Cryptocurrency Token? Crypto security firm CertiK alerted the community by tweeting about the ~$2 million scam. It was ...