A massive security breach recently occurred on the DeFi platform known as Raft, which resulted in the theft of around $3.3 million worth of Ether (ETH). The fact that the hacker was able to effectively remove 1,577 ETH from the network demonstrates the continued difficulties with security that exist inside the DeFi ecosystem.
The hacker did something quite unusual and transferred 1,570 ETH to a burn address, which basically rendered the bulk of the stolen assets useless. In sharp contrast to the significant sum that had been stolen in the beginning, the attacker was left with just seven ETH after this. This peculiar behavior led to the hacker suffering a loss, despite the fact that he or she had previously been paid 18 ETH by means of a crypto mixer service in order to allegedly finance the assault.
After the assault, the value of the dollar-pegged stablecoin known as Raft’s R plummeted dramatically, falling by fifty percent relative to its previous level. After some time had passed, it had partly recovered to around 70 cents. Raft’s co-founder, David Garai, has said that the assault and its consequences for the platform are true. Raft is now concentrating its efforts on compensating impacted users by using the sDAI that is controlled by the protocol inside the Peg Stability Module. This move was made in an attempt to limit the extent of the harm.
The issue with the Raft is not an uncommon occurrence in the crypto space. A number of high-profile assaults on Defiant platforms have taken place during the last several months. For example, a well-known cryptocurrency exchange called Poloniex had its hot wallet compromised, resulting in a loss of around $114 million in bitcoin. A breach that cost CoinEx $54 million, a heist that cost HTX (previously Huobi Global) $7.9 million, and the Mixin Network suffering the greatest DeFi hack of 2023 with an estimated loss of $200 million owing to stolen private keys are some of the other noteworthy instances that have occurred.
As a result of these occurrences, there is a heightened awareness of the critical need for DeFi platforms to strengthen the security frameworks they have in place. Trust must be maintained within the ecosystem of decentralized finance, and one of the most important ways to do this is by protecting the user money. This episode should serve as a wake-up call for improved security processes and more diligent monitoring systems in order to forestall future occurrences of events of a similar kind.
The Ronin Network has suffered what is being tagged as the largest hack in the history of Decentralized Finance (DeFi), which funds in excess of $625 million carted away by the hackers.
The Ronin Network’s official blog post shared that the hackers perpetrated the attack on March 23, even though it is just being discovered.
Ronin Network is an Ethereum sidechain that was created with Axie Infinity’s community in mind. It is the product of the search by the Axie Infinity team for a fast, cheap, and reliable network resident on the Ethereum blockchain. As detailed in the Ronin Network blog post, a total of “173,600 Ethereum and 25.5M USDC drained from the Ronin bridge in two transactions.”
“The attacker used hacked private keys in order to forge fake withdrawals. We discovered the attack this morning after a report from a user being unable to withdraw 5k ETH from the bridge,” the blog post reads.
As detailed by Ronin Network, a transaction can only be recognized by at least 5 out of the 9 validators’ signatures the protocol has. The network said the hackers “managed to get control over Sky Mavis’s four Ronin Validators and a third-party validator run by Axie DAO.”
The Ronin Network also explained that the “validator key scheme is set up to be decentralized so that it limits an attack vector, similar to this one, but the attacker found a backdoor through our gas-free RPC node, which they abused to get the signature for the Axie DAO validator.”
The address of the hackers is a relatively new one. Fortunately, the majority of the funds stolen are still existing, minus the 6,250 ETH that has been sent to various other addresses. As confirmed in the blog post, transactions on the Ronin Network and the Katana Decentralized Exchange have been halted to allow joint investigation with relevant agencies.
Prior to this Ronin Network hack, interoperability blockchain, Poly Network ranked as having the largest hacked funds in DeFi history, however, the entire $610 million hacked was completely returned after a bout of interactions between the hacker and the Poly Network team.
The Department of Justice has established a task force to tackle ransomware attacks.
The attackers behind the recent Colonial Pipeline incident reportedly received their $5 million ransom in cryptocurrency.
Critics have claimed that cryptocurrencies have enabled ransomware attacks.
Share this article
A senior Department of Justice official has revealed that the U.S. will give similar priority to ransomware attacks as terrorism, according to a Reuters report. The news comes after the major cyber-attacks affecting Colonial Pipeline.
Ransomware Damages Cost Billions
The Department of Justice (DoJ) will give ransomware attacks a similar level of priority as terrorism, according to reports.
In documents obtained by Reuters, the U.S. government department explained how attorney generals across the U.S. will be asked to cooperate on ransomware attacks with a newly created task force in Washington. The force will be headed by DoJ principal associate deputy general John Carlin. All ransomware cases will be now be tracked on a national level, said Carlin.
Cyber-attacks have become increasingly common in recent years and can often cause billions of dollars worth of damages. In May, a cybercriminal group called Dark Side proceeded to lock Colonial Pipeline’s systems. It caused a shutdown that lasted several days and led to a surge in gas prices across the U.S. The cyber-attack was stopped when Colonial Pipeline paid $5 million to the hackers to regain access to their systems. Authorities has since stated that Dark Side is based in Russia.
The White House announced that President Joe Biden had led a strategic review of the incident, resulting in the creation of the new DoJ task force. The President has also announced that he will discuss the issue with Russia’s President, Vladimir Putin, during their in-person meeting this month.
Crypto’s Role in Cyber-Attacks
Anonymous sources told Bloomberg that the Colonial Pipeline ransom was paid in a “difficult-to-trace cryptocurrency.” Privacy coins like Monero and Zcash are popular examples of cryptocurrencies that could be classified as “difficult-to-trace.” After Colonial Pipeline paid the ransom, the company resumed fuel distribution across America. The incident has led to a debate about the link between ransomware and cryptocurrencies.
A recent FBI report showed that 2020 saw nearly 2,500 cases of ransomware attacks, a 66% increase over the previous year. Some have suggested banning cryptocurrencies to stifle ransomware attacks. The author suggests that ransomware can’t succeed without cryptocurrency, as it is often the preferred payment method for hackers.
However, while ransomware might be gaining popularity, cyberattacks have been extremely destructive even before the birth of cryptocurrencies. According to Investopedia, 8 of the 10 most costly cyber attacks happened before 2008. The whitepaper for the first cryptocurrency, Bitcoin, was released in October 2008.
Additionally, while cryptocurrency gets a bad reputation for being linked to criminal activity, Chainalysis’ 2021 report showed that the volume of transactions linked to criminal activity on the blockchain has fallen to less than 0.5%. On the other hand, the United Nations estimates that between 2%-5% of all global financial transactions are linked to criminal activity or money laundering.
Disclaimer: The author held ETH and several other cryptocurrencies at the time of writing.
Share this article
The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.
You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.
See full terms and conditions.
400 US Hospitals in Danger of Unprecedented Bitcoin Ransomware Attack
The FBI and Department of Homeland Security are among the U.S. authorities warning of a coordinated Bitcoin ransomware attack on the nation’s healthcare system. Ransomware Attack Cripples American Hospitals Following…
What is Polygon (MATIC): Ethereum’s Internet of Blockchains
In terms of both decentralized app (DApp) development and adoption, no blockchain has been more successful than Ethereum (ETH). But despite its relative success, the Ethereum network still contains several…
Binance Faces Investigation from IRS and DoJ
Binance is currently being investigated by the U.S. Department of Justice (DoJ) and the Internal Revenue Service (IRS), according to a recent report from Bloomberg. Bloomberg Reports Binance Investigation Individuals…
$242 Million in Bitcoin Flee BitMEX Following Criminal Charges
BitMEX’s trading volume and balance plummeted to yearly lows as users run for the exit after the exchange faced criminal and civil charges from American authorities. An Exodus from BitMEX …
Hotbit is temporarily shutting down following a cyber attack that paralyzed a number of its central services.
In astatement, the Chinese crypto exchange reveals that it suffered a security breach at about 8 PM UTC (1 PM PST) on Friday. The hackers also attempted to hack into Hotbit’s wallets, but the attack was identified and stopped by the platform’s risk control system.
Hotbit says it is suspending all its services to conduct an investigation. It is also completely rebuilding its entire suite of servers to ensure heightened security.
ADVERTISEMENT
While Hotbit backs up all data, they are unsure of the extent of the damages caused by the attack.
“The attacker maliciously deleted the user database after failing to obtain assets. Although the database is routinely backed up, we are still uncertain whether the attacker has polluted data or not before the attack. Therefore, we also need to conduct a comprehensive inspection of the overall data. Once any anomaly is detected, we will perform an accurate reconstruction to ensure that all user data is accurate.”
The exchange assures its nearly two million users that their assets, passwords, and two-factor identifications (2FAs) are safe. Still, it warns that the hackers have control over the database and may send fake communication purporting to be from the Hotbit team. It also admits that the attackers may leak compromised phone numbers, email addresses and other user data.
The crypto exchange expects the maintenance to last between seven and 14 days. Hotbit says it will take full responsibility for losses on leveraged exchange-traded funds (ETF) during the period. To avoid trading losses, it is also canceling all open orders until the system is restored.
As for the daily routine income distributions, such as investment products, the firm says the payouts will occur after the maintenance is completed.
Don’t Miss a Beat – Subscribe to get crypto email alerts delivered directly to your inbox
Follow us on Twitter, Facebook and Telegram
Surf The Daily Hodl Mix
ADVERTISEMENT
ADVERTISEMENT
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any loses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Featured Image: Shutterstock/KDdesignphoto/Africa Studio
