Analysis News TheBitTimes.com

Summary ⚈ Monero’s market cap surged by $2 billion following a suspicious hack-related rally. ⚈ Crypto investigator ZachXBT flagged a $330 million Bitcoin transfer linked to the hack. ⚈ Monero prices are expected to quickly fall back to pre-hack levels. Monero (XMR) has seen a sharp, sudden, and suspicious increase in both trading volume and price over the past 24 hours.  As of press time on April 28, XMR is changing hands at a price of $263.81, and is up 15.57% on the daily chart. However, the token reached an intraday high of $347.72, some 31.80% higher than current prices. XMR price 1-day chart. Source: Finbold The move to the upside was so significant that it even saw Monero reach a market capitalization of $6.23 billion, up from $4.21 billion before the sudden rally. Unfortunately for XMR bulls, the development seems to be the result of a hack, and likely won’t last. Crypto detective flags Monero hack ZachXBT, an on-chain investigat...

A cryptocurrency trading account that purports to be an artificial intelligence (AI) agent called ‘aixbt’ has apparently been hacked for approximately 55.5 ether (ETH), worth approximately $100,000. The account seemed to note that it “got baited into sending 55.5 ETH to anon” and described it as a “hard-learned lesson about automating high-value txns.” It’s not clear how this account could remove automations and remain an AI agent. The so-called agent also seemed to falsely claim that the total amount lost was only “30 ETH.” X user “rxbt” who is affiliated with aixbt disagrees with the AI agent and claims that this was “not a widespread vulnerability or a result of our AI agent getting tricked.” rxbt instead blames the attack on “unauthorized access to a part of our infra.” It appears as if @aixbt_agent was tricked by @0xhungusman (account now deleted) into sending 55.50 eth t...

The decentralized finance (DeFi) sector often proves to be a minefield for those seeking out the latest opportunities; a fact that was illustrated perfectly by a trio of incidents that occurred over the weekend. Friday saw Ethereum-based lending platform Dough Finance lose almost $2 million to a series of flash loan-powered hacks. Peckshield raised the alarm before further attack transactions were identified by ExVul, bringing the total loss to $1.96 million. Hi @DoughFina, you may want to a look (w/ $1.8m) pic.twitter.com/OSAKG45ACr — PeckShield Inc. (@peckshield) July 12, 2024 Read more: CertiK returns funds on its own terms after hacking Kraken for $3M  The vulnerability was identified as a lack of validation of flash loan ‘callback’ data, according to crypto auditing firms Ancilia and CertiK. A flash loan allows a user to access vast amounts of crypto, provided the amount is paid back within the same transaction. Peckshield followed the flow of funds, demonstrating the...

A Chinese trader claims that Binance ignored “extremely abnormal transactions” and failed to freeze funds belonging to an “obvious hacker,” leading to them losing their $1 million life savings via a promotional Google plugin. The trader, who goes by the name ‘CryptoNakamao’ on social media, reportedly used the Aggr plugin to access trading data. However, it actually allowed hackers to find a way around password and two-factor authentication (2FA) protection to gain access to their Binance account. Once into their account, CryptoNakamao explains that the Hack er bought several tokens in the Tether trading pair — which had abundant liquidity – and placed sell orders in Bitcoin, USD Coin, and other trading pairs — which had scarce liquidity. Then, despite not being able to withdraw funds directly , the Hack er was able to open leveraged positions, buy a large amount in excess, and complete their cross-trading. The trader says they noticed their account trading randomly on ...

With memecoins regularly outperforming more established crypto projects, there’s plenty of evidence to back up the assertion that the cryptosphere often rewards attention over innovation. From crypto influencers dumping on their followers to SocialFi projects such as FriendTech, social media following can act as a proxy for value, especially for projects without their own token. Even crypto security auditors, supposedly behind-the-scenes players, are keen to try their hand at the social media game. Sometimes, at the expense of their credibility. Peckshield’s classic “you may want to take a look” has caused many a heart to sink over the years, typically accompanied by a transaction hash in which hackers have extracted millions of dollars of crypto-assets. Hi @MIM_Spell, you may want to take a look (w/ $6.49M Loss) pic.twitter.com/uHs0JweuoM — PeckShield Inc. (@peckshield) January 30, 2024 Read more: Magic Internet Money loses its sparkle as DeFi platform hacked for $6...

There is growing concern about the number of crypto hackers using centralized exchanges to fund their attacks. In order to pay the transaction fees necessary to carry out attacks, hackers must first fund their wallets. However, given the transparency of a public ledger, they have to carefully consider how to do this without linking themselves to the crime. Tornado Cash used to be the industry standard for covering one’s tracks, used by hackers and privacy advocates alike. Now, it appears that in many cases, Hack ers simply opt to skirt their way around exchange s’ know-your-customer (KYC) procedures when funding their accounts. Blockchain monitoring firm Forta Network’s analysis of funding sources for recent attacks shows that the hacker’s favourite Tornado Cash now represents just under half the hacks studied , with funds coming from centralized exchanges (CEXs) in a third of cases. Other funding methods included novel privacy tool Railgun and ‘middleware operat...

Prosecutors say the now-defunct crypto exchange FTX lost over $400m in crypto due to a SIM-swap hack orchestrated by three individuals. Crypto exchange FTX lost nearly half a billion dollars worth of crypto shortly after filing for bankruptcy due to a SIM-swap attack , Bloomberg has learned, citing an indictment filed in federal court in Washington by the U.S. Department of Justice. According to prosecutors, three individuals —Robert Powell, Emily Hernandez, and Carter Rohn — participated in a SIM-swapping ring targeting FTX for two years. The indictment alleges that the trio gathered personal data from numerous victims, leveraging this information to persuade cell phone providers to transfer the victims’ phone numbers to a fraudulent device under their control. Subsequently, the group could intercept text messages, including multifactor authentication codes. You might also like: Larry David admits losing ‘a lot’ in crypto, calls himself ‘idiot’ after FTX collapse W...

On-chain sleuth ZachXBT noted 213 million XRP tokens moved through almost a dozen addresses to centralized exchanges in an apparent Ripple hack. The XRP tokens worth roughly $112.5 million started moving on Jan. 30 before being laundered on platforms like Binance, Gate, HTX, HitBTC, Kraken, and OKX, according to ZachXBT’s investigation.  Shortly after ZachXBT reported the incident, Ripple co -founder and executive chairman Chris Larsen said there was unauthorized access to some of his personal XRP accounts.  Larsen stressed that the tokens were not controlled by Ripple as a company, adding that exchanges and law enforcement had been informed about what may be a hack. Yesterday, there was unauthorized access to a few of my personal XRP accounts (not @Ripple) – we were quickly able to catch the problem and notify exchanges to freeze the affected addresses. Law enforcement is already involved. https://t.co/T3HtKSlzLg — Chris Larsen (@chrislarsensf) January 31, 2024 You ...

U.S. Securities and Exchange (SEC) Chair Gary Gensler confirms there have been no additional breach es after an unauthorized party accessed the SEC’s X account. In a Jan. 12 statement, Gensler assured that there is no current evidence suggesting further breaches following the unauthorized access to the SEC’s X account on Jan. 9. The incident, which involved an unauthorized party gaining control over the SEC’s X handle, has raised significant concerns about the security of the agency’s digital infrastructure. However, Gensler, in his statement, emphasized that the breach was contained and that no other systems, data, devices, or social media accounts appear to have been compromised. The SEC is actively evaluating the impact of this security breach , particularly its implications for other governmental agencies, as well as cryptocurrency investors and marketplaces. The incident has also sparked discussions about the safety protocols surrounding the agency’s social m...

The DeFi Kingdoms X page has apparently been hacked promoting what appears to be a phishing website. In an X post on Jan. 9, an account for DFK Chain, an Avalanche Subnet crafted for DeFi Kingdoms, said that the play-to-earn game’s X account fell victim to a hacker attack, leading to the publishing of phishing links. DFK TWITTER @DeFiKingdoms IS COMPROMISED. PLEASE DO NOT FOLLOW ANY LINKS FROM THE DFK TWITTER. We are working on a resolution. — DFK Chain (@dfkchain) January 8, 2024 While the exact method of compromising the account remains unclear, @DreamerDFK, the president of Kingdom Studios, disclosed in a separate post that the security breach was related to an X security issue, distinct from DFK Chain and its Discord. You might also like: Code4arena X account compromised, used for Paradigm endorsed phishing scam It’s just Twitter, no source code, discord, or other channels have been compromised , this is an X security issue, not #DFK related. — ...

The hard wallet maker said a former employee fell victim to a phishing scam, which allowed a hacker to access the library and steal $480,000 in crypto. Ledger’s chairman and CEO, Pascal Gauthier, attested to an exploit on Ledger Connect Kit, a Javascript library to connect Web sites to wallets on several defi platforms. Gauthier’s letter said the incident was isolated to third-party applications and stressed that Ledger’s hard wallet products remained unaffected. The standard practice at Ledger is that no single person can deploy code without review by multiple parties. We have strong access controls, internal reviews, and multi-signature code when it comes to most parts of our development. This is the case in 99% of our internal systems. Any employee who leaves the company has their access revoked from every Ledger system. Pascal Gauthier, chairman and CEO, Ledger However, Gauthier confirmed that an ex -staff was hacked by a phishing scammer who then used compromised acc...

Malicious actors have started targeting crypto victims on Telegram, luring them to believe they’re dealing with venture capital investors. Crypto scammers are distributing a malicious software impersonating legitimate venture capital (VC) investors on Telegram. In an X post on Monday, Dec. 4, 2023, Alexandre Masmejean, CEO of Showtime, a crypto marketplace for creators, said he was contacted by FBI agents from the Los Angeles department by phone, who strongly encouraged him to “turn off my WiFi, rotate my wallets, change all my passwords, move my files to a hard drive and entirely wipe out my compromised MacBook.” My experience with the FBI: a wake-up call to public-facing crypto people. “Hey, are you Alexandre Masmejean, CEO of Showtime Technologies, Inc? This is the FBI calling in from Los Angeles.” Last week I had a very strange call that surprised me so much I didn’t know whether I… pic.twitter.com/5TgkCcKfgr — Alex Masmej 🪙 (@AlexMasmej) December ...

Cryptocurrency exchange HTX promised to ‘gradually resume ’ crypto services on Nov. 23, but customers say no updates have been made so far. Crypto exchange HTX (formerly Huobi) announced in an X post on Nov. 23 it would resume deposit and withdrawal services “within 24 hours,” but reports on the social network indicate no progress has been made since the announcement. #HTX 预计将于今天16:00 (UTC+8) 逐步恢复TRON、BTC、ETH 链充币业务。随后稍晚将逐步开放提币业务。 公告详情https://t.co/2QXGpgMflI pic.twitter.com/aWijb8mTK3 — 火币HTX (@HuobiGlobal) November 24, 2023 In an X post on Nov. 24, the Seychelles-headquartered crypto exchange issued another announcement, saying it would “gradually resume ” deposit operations on Nov. 24 at 16:00 (UTC+8). However, multiple reports on X indicate the exchange has failed to resume operations by its own deadline. Outgoing transactions from HTX-related addresses | Source: Arkham Intel According to data from Arkham Intel, a bounty marketp...

A crypto wallet lost $27 million in USDT following a hack. The funds were later transferred to Bitcoin via THORChain. On-chain analyst ZachXBT first noticed the breach. The hacker promptly converted the stolen Tether coins into Ethereum (ETH). Later, they were transferred through FixedFloat, ChangeNow, and other services. Ultimately, the funds were transferred to Bitcoin (BTC) using the THORChain protocol. It appears someone had 27M USDT stolen yesterday. 0x0f2183c8e415e61b4ad7774bf1097019eb2d5b85798a2a229070495131d60321 USDT was quickly swapped for ETH, then transferred to a number of services (FixedFloat, ChangeNow, etc), and bridged to Bitcoin via THORChain. pic.twitter.com/SgEBwyZZSc — ZachXBT (@zachxbt) November 12, 2023 A week ago, funds were withdrawn from the Binance exchange to the hacked wallet , ZachXBT notes. In May 2019, the address also received funds from the mentioned cryptocurrency platform. A week earlier, an unknown hacker attacked the Poloniex cryptocur...

The platform found itself ensnared in a cunning phishing ploy that directed unsuspecting users to a website, siphoning their financial resources once they unwittingly authorized a transaction. Galxe , in a remarkable display of commitment, is making amends by reimbursing affected users with a generous 110% compensation following a recent security breach, as officially declared on the 10th of October. “We wish to express our profound gratitude to those steadfast individuals who stand by our side during these challenging times,” the company conveyed. The restitution process is set to unfold automatically on the 16th of October, channeling the funds back to their original wallet addresses, unless, of course, an alternative course of action is preferred by the affected users . As a gesture of goodwill, the reimbursement will be disbursed in Tether, with the valuation determined as of 10:00 am UTC on the 9th of October. The impact of the security breach was felt most acutely...