The latest edition of the ISMG Security Report discusses how the profits of ransomware group Zeppelin have been smashed by security researchers, FTX again highlighting the risks of trading cryptocurrencies, and vendor Extrahop's newly appointed, high-profile president.
Bankrupt cryptocurrency exchange platform FTX says unsanctioned actors made off with customers' digital assets, causing a scramble to secure digital wallets. Estimates of the amount of stolen money are in the hundreds of millions. FTX filed for bankruptcy Friday after entering a liquidity crunch.
Decentralized finance exchange Mango Markets is set to pay $47 million as a bug bounty to the hacker who stole $117 million in digital assets on Wednesday, after 96% of the governance voted in favor of the deal. Mango Markets is a trading platform riding on the Solana blockchain.
A hacker who stole cryptocurrency says he should walk away with the majority of his loot and put that plan up for a vote to the people from who he stole, using votes tied to the stolen cryptocurrency to vote yes. "Seriously though, wtf is wrong with our industry?" tweeted a web3 consultant.
Crypto exchange Binance restored operations on its BSC Token Hub smart contract early Friday, hours after a $568.6 million hack. It upgraded the vulnerable contract in a new version and shared plans for potential measures to address this incident and increase security measures.
Crypto exchange Binance paused its smart contract platform Binance Smart Chain after a hacker exploited an internal verification vulnerability to steal cryptocurrency from its cross-chain bridge. Binance has acknowledged a theft of at least $100 million; PeckShield says hackers stole $586 million.
A cryptocurrency thief is hacking into other scammers' fraudulent liquidity mining websites to reach directly into the digital wallets of victims. The threat actor, dubbed "Water Labbu" by Trend Micro, has so far filched 316,728 USDT and infected 45 fraudulent decentralized applications.
A hacker exploited a smart contract bug to steal about $29 million from DEX aggregator Transit Finance. Within hours of the theft, the attacker returned nearly $19 million - but not before keeping a $2 million "bug bounty" and losing $1.1 million to a bot theft.
The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
Whoever stole $160 million from Wintermute, the cryptocurrency trading firm's CEO, Evgeny Gaevoy, would like the money back, minus 10% that's on the house. A hack of the London-based crypto market maker rocked the company, which supplies liquidity to cryptocurrency trading.
A newly uncovered vulnerability in a wallet addressing tool may be the reason a hacker stole $160 million in digital assets from market maker Wintermute. The company's CEO tweeted that the company is solvent and will honor requests to repay lenders.
Ransomware gives cryptocurrency a bad name. U.S. federal regulators have noticed, publishing on Friday a slew of recommendations for ensuring that the blockchain world isn't a criminal haven. Among them are legislative proposals that would strengthen anti-money laundering statutes.
A thief stole $1.25 million worth of cryptocurrency from DeFi protocol New Free DAO in a flash loan attack and so far has cashed out nearly half of the funds. The attack resulted in a sharp drop in the platform's native token $NFD, whose value slumped more than 99% day-on-day on Thursday.
An attacker stole at least $370,000 worth of USDC stablecoins from a smart contract on the Avalanche blockchain in a flash loan attack, affecting liquidity providers. Victim Nereus Finance is enticing the thief to return the stolen funds for a 20% "no questions asked" white hat reward.
U.S. sanctions on Tornado Cash are driving North Korean hackers away from the cryptocurrency mixer. Chainalysis says hackers' use of ineffective obfuscation techniques allowed the blockchain analysis firm to participate in an operation that recovered $30 million stolen from the Ronin bridge.