Shapella Upgrade, Privacy Concerns, Hacks, and Financial Inclusion

The DeFi space had a busy week with several significant developments. The highly anticipated Shapella upgrade on Ethereum’s mainnet was successfully completed, allowing validators to withdraw their staked Ether after three years. However, only 253 validators have signed up to fully exit their staked Ether position, with analytics firm Glassnode predicting that less than 1% of the staked ETH will be withdrawn.

In addition to the Shapella upgrade, an Ethereum researcher revealed that staking Ether could become a privacy concern. The researcher found that staking Ether shows a user’s IP address information, which could lead to privacy issues. This discovery raised concerns within the cryptocurrency community.

A DeFi hack also occurred during the week, where a hacker exploited an old Yearn.finance contract and minted 1 quadrillion Yearn Tether (yUSDT). The hacker then swapped the yUSDT to other stablecoins, allowing them to take hold of $11.6 million worth of stablecoins.

However, the week also had positive news regarding financial inclusion in Africa. Fonbnk, a Web3 on-ramp that allows Africans to obtain cryptocurrency assets by exchanging their airtime credits, partnered with Tanda, a merchant network platform in East Africa, to launch an airtime trading marketplace across Tanda’s network of agents. This partnership aims to increase liquidity and earning opportunities for African micro-entrepreneurs.

Finally, the top 100 DeFi tokens had a bullish week, thanks to a late surge in the crypto market after Ethereum’s much-awaited upgrade. Most DeFi tokens traded in the green along with the rest of the market.

In conclusion, the DeFi space had a busy week with several significant developments, including the successful Shapella upgrade, privacy concerns related to staking, a major DeFi hack, and a partnership to increase financial inclusion in Africa. The top 100 DeFi tokens had a bullish week, and Glassnode predicted only a small percentage of staked ETH would be withdrawn.

Source

Tagged : / / / / / / / / / /

DeFi Platform DFX Finance Says it Has Been Hacked for $7.5M

DFX Finance, a stablecoin trading platform that is backed by Polychain Capital and True Ventures has confirmed that it has been hacked for $7.5 million.

HACK2.jpg

The trading platform said the exploit started around 7:21 PM UTC on Thursday and that it was notified of the exploits about 20 – 30 minutes after the first transaction was initiated.

DFX Finance said it took a proactive stance to halt the operations of its smart contracts in order to contain the attack. By reason of its intervention, the hacked protocol said the attacker was unable to move all of the stolen funds as an MEV bot intercepted as much as $3.2 million of the funds.

The hacker however bolted with some funds which were sent to Tornado Cash, the crypto-mixing service that was sanctioned by the United States Treasury Department. The DFX Finance attacker was able to get his hands on the funds based on a vulnerability in its flash loan protocol.

As detailed by BlockSec researchers, the attacker borrowed funds from DFX Finance on the Ethereum blockchain and immediately deposited the funds back using an “insecure callback function.” This tricked the protocol to think the funds have been paid when indeed they had not. 

“When a user borrows money, the protocol should not allow any function calls that can change the balance of the DFX protocol,” BlockSec CEO Yajin Zhou told The Block.

The attacker succeeded in carting away 2,963 ETH (worth about $3.8 million) and some $500,000. DFX Finance said its Polygon pool was not impacted, however, the protocol said once it opened withdrawals, all should try to take advantage of the allowance to get out their funds.

For the umpteenth time, a DeFi protocol has been hacked again, underscoring the call for caution amongst investors and proper security provisions across the board.

Image source: Shutterstock

Source

Tagged : / / / /

FTX Users Lose Millions due to API Exploit

On Saturday, several crypto traders suffered massive losses after hackers stole millions of dollars worth of digital assets from their FTX accounts by exploiting an API linked to their trading accounts.

An FTX user was shocked when he realized that his account using the 3Commas API traded the Governance (DMG) token more than 5,000 times, resulting in a loss of about $1.6 million worth of assets, including Bitcoin, Ether, and FTX tokens.

3Commas is a crypto trading platform that allows users to build automated trading bots on FTX and many other exchanges.

The report confirmed that this was not an isolated incident, as there were three other victims who suffered the loss. The second victim of the FTX exploits disclosed that he lost $1.5 million to the incident, which occurred on October 21. While he said malicious players had traded DMG via his account on October 18th and 19th, he questioned why FTX had not put in place risk control measures to guard against illegal trading activities.

An investigation conducted by trading-bot platform 3Commas and crypto exchange FTX showed that API keys linked to 3Commas were used to carry out unauthorized trades for DMG trading pairs on FTX. Both FTX and 3Commas identified that hackers used new 3Commas accounts to perform the DMG trades, as “the API keys were not taken from 3Commas but from outside of the 3Commas platform.”

The investigation showed that fraudulent websites identifying themselves as 3Commas were used to phish API keys as users linked FTX accounts to fraudulent web interfaces. The fake websites’ API keys were then stored and later used to put the unauthorized trades on the DMG trading pairs on FTX.  3Commas further suspected that hackers used third-party browser extensions and malware to steal the API keys from users.

The duo identified suspicious accounts based on user activity and, as a result, suspended the API keys to avoid further losses. FTX users who linked their accounts with 3Commas, therefore, received a message concerning their API as being “invalid” or “requires updating” and now are expected to create new API keys.

3Commas and FTX are currently working with the victims to provide assistance and garner more information about the hacking incident.

Why Crypto Hacks Are Surging

2022 has been identified as the worst year in terms of crypto hacks, according to Chainalysis research firm. October is recognized as the worst-ever month for crypto-related crimes, with more than $718 million in overall losses. Funds were stolen from various DeFi protocols during 11 different attacks.

This year is expected to surpass 2021 as the most prolific year for hacking on record, with 125 hacks that have led to over $3 billion worth of funds stolen so far. $325 million attack on cross-chain service Wormhole, a $625 million attack on Axie Infinity’s Ronin bridge, a $200 million attack on the Nomad bridge, a $100 million hack on Binance, and many more took place this year.

Poorly protected protocols and unaudited decentralized apps are easy pickings for hackers who take advantage of their highly vulnerable locks.

Image source: Shutterstock

Source

Tagged : / / / / /

$8.4m Exploit Breached from DeFi Lending Protocol Moola Markets

Another exploit hits the crypto industry with roughly $8.4 million stolen from Moola Markets, a non-custodial liquidity and lending protocol built on the mobile-first Celo blockchain.

hacking_1200.jpg

According to Research director Igor Igamberdiev, the attacker exploited the protocol by using 243,000 CELO tokens deposited from Binance and, in turn, loaned 60,000 CELO to Moola protocol to borrow 1.8 million MOO for use as collateral. 

With the remaining CELO, the exploiter increased the MOO token price and used the borrowed MOO token as collateral to borrow more tokens across a series of other DeFi lending protocols.

Using all of these strategies, the exploiter made away with 8.8 million CELO ($6.5 million), 765,000 cEUR ($700,000), 1.8 million MOO ($600,000), and 644,000 cUSD ($600,000).

Currently, Moola Markets has paused all operations on its platform due to the latest exploit. And according to an update on its Twitter page, the platform advises users not to trade mTokens as the team is actively investigating the exploit.

“We are actively investigating an incident on @Moola_Market. All activity on Moola has been paused. Please do not trade mTokens,” said Moola Markets in its Twitter update.

The team added that they have contacted law enforcement and taken steps to make it difficult for the exploiter to liquidate the funds. And in addition, they are ready to negotiate a bounty payment in exchange for the attacker returning the funds within the next 24 hours.

This month has been a month of exploitation like never seen in the industry. According to new data from Chainanalysis, 2022 is most likely to surpass 2021 in terms of the biggest year for hacking on record.

Last week, trading and lending platform Mango Markets got hit by a $100 million exploit. As reported by Blockchain.News, the attacker, manipulated the price of Mango Market’s native MANGO token via an oracle.

Image source: Shutterstock

Source

Tagged : / / / / /

Transit Finance Convinces Hacker to Return $2m to Protocol

Earlier this month, Transit Finance, a Decentralized Finance (DeFi) protocol, unveiled it was hacked for $21 million, marking the sheet as one of the latest protocols to suffer exploitation this year.

ATT2.jpg

In an unusual turn of events, the protocol has come out to announce that from its conversation with the biggest hacker, there is an agreement to return a significant portion of the funds.

With Transit Finance ready to take the hacking event as a White Hat, the protocol said its main hacker would return 6,500 BNB in the first tranche and return another 3,500 BNB when the protocol has come through with the payment reward promised.

“After friendly communication with white hat #1 (the biggest hacker), we have both reached a consensus. White hat #1 stated that he would refund the users’ 6,500BNB as soon as possible today and promised to refund another 3,500BNB when TransitFinance Official initiates the second phase of refunds. Ultimately white hat #1 will keep 2,500 BNB as a bounty for this event,” the protocol said in a Monday announcement. “TransitFinance Official expresses its gratitude to white hat #1 for the refund and promises that if white hat #1 returns the remaining 3500BNB as agreed, TransitFinance Official will no longer hold him any legal responsibility.”

The DeFi protocol said it has filed for legal proceedings, and while it will make good on its promise not to launch a lawsuit against Whitehat #1, the protocol said it would not hesitate if other hackers do not return the funds stolen.

Relying on whitehat-hinged refunds is not something that is uncommon and was made popular when the hacker who stole over $610 million from the interoperability network Poly Network returned the complete funds stolen last year.

When Poly Whitehat refunded the cash stolen, many protocols started appealing to the hackers, and a few, like Transit Finance, has recorded success in their moves.

Image source: Shutterstock

Source

Tagged : / / / /

Hacker Steals $950,000 from Crypto Vanity Address as Exploits Continue

According to PeckShield, a blockchain security firm, a hacker has stolen $950,000 in Ether (ETH) from an Ethereum “vanity address” generated with a tool known as Profanity. The matter was reported on Monday.

The hacker stole 732 Ethereum on September 25 and sent it to the authorized digital currency blending administration Cyclone Money, as indicated by on-chain data from PeckShield. Here the funds were blended in with other cryptocurrencies and removed to the programmer’s own wallet.

The hack was done through weaknesses associated with the popular Profanity vanity address generator. While vanity addresses are made through an instrument called Obscenity, this strategy for generating such addresses makes them simpler to penetrate through a beast force assault. The penetration requires a ton of processing power and may be counterbalanced by how much cryptographic money is in the wallet.

In the aftermath of the attacks, the developers’ team behind Profanity took steps to ensure that no one continued using the tool.

The exploit was done in a similar way Wintermute was exploited last week. On Tuesday, September 20, the U.K.-based algorithmic crypto market maker Wintermute was hacked and lost $162.2 million in DeFi operations. A vulnerable private key generated by the Profanity app was attacked in the Wintermute hack.

The Profanity vulnerability has been known since January. Still, the decentralized exchange 1inch Network disclosed the apparent risk on September 13 and warned Twitter crypto community members about the risks facing the Profanity wallets.

Last week on September 18, attackers executed a similar hack that saw $3.3 million worth of cryptocurrencies stolen from users of a vanity Ethereum wallet. The hacker managed to steal the tokens from a number of Ethereum addresses that were generated with the Profanity tool.

According to Certik blockchain cybersecurity company, about $273.9 million has been lost this year because of compromised private keys, making the method one of the largest attack vectors.

Image source: Shutterstock

Source

Tagged : / / / / / /

American Actor Bill Murray Losses $185,000 in NFT Hack

Hackers have drained around $185,000 in Ethereum cryptocurrency from Bill Murray’s Ethereum wallet. In July, Bill Murray, a famous American actor, and comedian launched an Ethereum NFT project featuring artwork and stories from his life and career.

The hacking incident took place hours after the completion of the “Beer with Bill Murray” NFT’s auction. Fortune media reported the matter on Friday September 2.

On 31st August, the Beer with Bill Murray NFT was sold for $185K in an auction hosted on the Coinbase cryptocurrency exchange, with its proceeds planned to be donated to the “Chives Charity” initiative.

However, hours after its sale, hackers stole 109 Wrapped Ethereum (WETH), a cryptocurrency based on Ethereum’s ERC-20 protocol, by making two unauthorized transactions on the Ethereum wallet associated with Bill Murray.

The fraudsters further attempted to steal the 800 NFTs from the Bill Murray 1000 collection, but their efforts were spoiled by the Project Venkman team, who promptly ran a script to move the NFTs to safehouse wallets.

Murray’s team revealed that the hacker sent the stolen funds to a wallet address tied to the crypto exchange Binance by swapping them through 1inch and transferring them to an 0xada wallet.

In response, Murray’s team said they have filed the matter to police officers and are working with crypto analytics firm Chainalysis to bring the attacker to justice.

Bill Murray is an actor who has made a lot from his nearly five-decade entertainment career, including films like “Ghostbusters” and “Caddyshack,” as well as his relationships with fellow comedic legends.

Since July 15, some of his stories and others became available for purchase as NFTs via The Bill Murray 1,000, an Ethereum project from comedy and entertainment website The Chive, and blockchain startup Project Venkman. The project offers up 1,000 NFT collectibles based on 100 stories from Murray’s career.

NFT thefts are becoming more frequent than ever and more profitable. In May this year, a renowned American actor, Seth Green, lost his four NFTs through a phishing attack.

He was the owner of four NFTs worth over $US300,000, from Opensea, Doodle, BoredApeYC, and Yugalabs, but lost a handsome amount due to a breach in his private space.

Much has occurred in the NFT landscape as millions of dollars have been stolen while celebrities’ adoption continues.

Several prominent names of celebrities are part of the NFT community, including Eminem, Neymar, Serena Williams, and others.

However, the overall number of NFT thefts has significantly increased especially this year, a contrast to a declining number of crypto hacks.

Image source: Shutterstock

Source

Tagged : / / / /

Hacker Steals $265,000 in User Funds from KyberSwap

KyberSwap announced that $265,000 in user funds were stolen after a hacker exploited the multichain DEX aggregator’s front end.

hacking_1200.jpg

The company confirmed the hacking incident, followed by announcing that compensation would be made to the victims of the attack. A 15% bounty will be released for the hacker if all the funds are returned and if the hacker speaks directly with the KyberSwap team.

According to the details released from KyberSwap, the hacker exploited the code initially at approximately 2:30 am EST. “We identified a malicious code in our Google Tag Manager (GTM) which inserted a false approval, allowing a hacker to transfer a user’s funds to his address,” the company said in its official notice.

The notice further explained that the hacker had discreetly injected the script to target whale wallets with large amounts specifically.

Following investigations, the company was able to neutralize the exploit within two hours.

The company has also urged users to proceed with using its platform with caution for the time being.

However, the attack on KyberSwap was comparatively smaller than other recent attacks on DeFi projects, which have seen numerous multimillion-dollar thefts of users’ funds.

However, it does highlight the wide range of ways DeFi users are vulnerable to attacks.

Image source: Shutterstock

Source

Tagged : / / / / /

Brazilian Crypto Lender BlueBenx Halts Withdrawals after Suffering Hack of $32M

Brazilian crypto lending platform BlueBenx is currently under scrutiny after it halted its users’ withdrawals.

HACK2.jpg

Per the email shared by the embattled startup to its customers, it claimed that the withdrawal halt was due to the fact that it was hacked to the tune of $32 million.

“Last week, we suffered an extremely aggressive hack in our liquidity pools on the cryptocurrency network after incessant attempts at resolution. Today we started our security protocol with the immediate suspension of operations of BlueBenx Finance products, including withdrawals, redemptions, deposits, and transfers,” the BlueBenx email shared to its customers reads.

While this story was confirmed by the platform’s lawyer, Assuramaya Kuthumi, most of the platform’s customers did not really believe the account of the platform as the core details of the supposed hack was not really made known. In response to the hack, BlueBenx suspended quite a number of its staff, as reported by the local media platform Portal do Bitcoin

“I think there’s a high probability of it being a scam because this whole hacker attack story seems like a lot of bullshit, something they invented,” a BlueBenx investor revealed to Portal do Bitcoin.

Crypto lending as an offshoot of Decentralized Finance (DeFi) has come under intense scrutiny in recent times as most platforms, even the very big and established ones, have been unable to meet customers’ demands. Most have since halted withdrawals on their platform, and BlueBenx users believe the exchange fabricated this story in part because it could not meet up with its bogus promises.

The BlueBenx platform promises investors as much as 66% in returns on specialized offerings on the platform. Lending platforms like the Celsius Network, Vauld Group, Babel Finance, and even BlockFi that offers a relatively lower rate of return have crumbled in the face of the current liquidity pressures that the crypto winter of the first half of the year ushered in.

It is unclear what will happen to BlueBenx investors following the halt of the withdrawals. The exchange has not yet declared a viable way forward.

 

Image source: Shutterstock

Source

Tagged : / / / /

Brazilian Crypto Lender BlueBenx Halts Withdrawals after Suffering $32M of Hack

Brazilian crypto lending platform BlueBenx is currently under scrutiny after it halted its users’ withdrawals.

HACK2.jpg

Per the email shared by the embattled startup to its customers, it claimed that the withdrawal halt was due to the fact that it was hacked to the tune of $32 million.

“Last week, we suffered an extremely aggressive hack in our liquidity pools on the cryptocurrency network after incessant attempts at resolution. Today we started our security protocol with the immediate suspension of operations of BlueBenx Finance products, including withdrawals, redemptions, deposits, and transfers,” the BlueBenx email shared to its customers reads.

While this story was confirmed by the platform’s lawyer, Assuramaya Kuthumi, most of the platform’s customers did not really believe the account of the platform as the core details of the supposed hack was not really made known. In response to the hack, BlueBenx suspended quite a number of its staff, as reported by the local media platform Portal do Bitcoin

“I think there’s a high probability of it being a scam because this whole hacker attack story seems like a lot of bullshit, something they invented,” a BlueBenx investor revealed to Portal do Bitcoin.

Crypto lending as an offshoot of Decentralized Finance (DeFi) has come under intense scrutiny in recent times as most platforms, even the very big and established ones, have been unable to meet customers’ demands. Most have since halted withdrawals on their platform, and BlueBenx users believe the exchange fabricated this story in part because it could not meet up with its bogus promises.

The BlueBenx platform promises investors as much as 66% in returns on specialized offerings on the platform. Lending platforms like the Celsius Network, Vauld Group, Babel Finance, and even BlockFi that offers a relatively lower rate of return have crumbled in the face of the current liquidity pressures that the crypto winter of the first half of the year ushered in.

It is unclear what will happen to BlueBenx investors following the halt of the withdrawals. The exchange has not yet declared a viable way forward.

 

Image source: Shutterstock

Source

Tagged : / / / /
Bitcoin (BTC) $ 25,778.91 3.95%
Ethereum (ETH) $ 1,816.35 3.01%
Litecoin (LTC) $ 87.59 6.16%
Bitcoin Cash (BCH) $ 109.40 4.16%