Analysis Crypto by Thebittimes.Com

Hackers and scammers are relentless in attacking crypto and non-fungible token traders and are now using new and old techniques to steal money and digital assets. In a shocking revelation, Kanye West, an American rapper, musician, and record producer, has revealed he rejected a $2 million offer to promote a cryptocurrency scam, which involved posting a fraudulent promotion and later claiming his account was hacked. Scam Trick Targeting NFT And Crypto Traders Revealed In a February 8 blog post, the American high-profile rapper revealed how an unidentified person proposed to him $2 million to defraud his community on X. Kanye West, better known as ‘Ye,’ is one of the most prominent figures in the hip-hop industry. He is known for his varying musical style and polarizing cultural and political commentary. He has more than 32.6 million followers on X, including millions of crypto and non-fungible token collectors. Kanye West exposing the celeb memecoin fraud wasn’t on ...

Private keys getting compromised took over $204 million across 14 security incidents in the third quarter of 2023. The third quarter of 2023 has been the “most financially damaging” quarter of the year, taking almost $700 million in digital assets across various security incidents, according to the quarterly report of blockchain security firm CertiK.  Within the report, CertiK highlighted that there was a total of 184 security incidents that happened in July, August and September 2023. The report highlighted that over $699 million in crypto assets were lost in the quarter , surpassing the first- quarter losses of $320 million and the second- quarter losses of $313 million. Within the types of exploits that led to the losses, private key compromises have been listed as the most damaging, taking over $204 million across 14 incidents. According to the report, the Multichain incident, where private keys were under the exclusive control of the project’s CEO, led to a loss of $125 mil...

Elliptic, a blockchain forensic firm, has disclosed that cyber-criminals responsible for the Mixin Network hack currently control more than 90% of the project’s USDT holdings . In a blog post on Tuesday, Sep. 26, Elliptic’s senior crypto threat analyst, Arda Akartuna, revealed that the London-based firm analyzed the stolen funds in relation to Mixin’s most recent financial statement from July 2023. It appears that hackers now control 93% of Mixin’s USDT ($23.6 million), 71% of its Ethereum ($95.3 million in ETH), and 9% of its Bitcoin ($23.7 million in BTC). The graph of value of crypto stolen from Mixin | Source: Elliptic You might also like: Although the stolen funds are yet to laundered, Elliptic says the hackers have sent the stolen USDT through Uniswap to exchange it to DAI, an algorithmic stablecoin. In a post on Wednesday, Sep. 27, Mixin did not directly address Elliptic’s findings but provided reassurance to users, stating that...

The total value locked in DeFi protocols remained below $50 billion after another week of exploits. Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you the most significant developments from the past week. The past week in DeFi was dominated by exploits and hacks, with three DeFi platforms losing nearly $39 million. Alphapo’s hot wallets were exploited for over $32 million, Era Lend was drained for $3.4 million, and the decentralized finance protocol Conic Finance was exploited for almost $3.5 million. In better news, the DeFi ecosystem was buzzing with development s in zero-knowledge- proof (ZK- proof ) scaling solutions as the layer-2 sector heats up despite the bear market. The exploits and bearish market condition took their toll on DeFi protocols, with the total value locked in DeFi protocols seeing a significant drop over the past week. Alphapo hot wallets hacked for over $31 million Crypto payme...

USB keystroke injection devices like the Diabolic Drive still pose a threat to unsuspecting users by installing malware to take over systems. The Diabolic Drive’s name sounds as ominous as its potential payload. The recently developed USB wireless keystroke injection tool is intended to stress test networks, but could it potentially be used as a means to steal crypto currency from unwitting users ? The new gadget is set to be used by cybersecurity experts to test networks and business infrastructure against threat s. As recent reviews highlight, the 64GB drive is Wi-Fi enabled once plugged into a system, allowing a user to access the connected device remotely. According to a hardware review by Geeky-gadgets, the Diabolic Drive can fire a payload of a hypothetical malicious script remotely and can even be pre-programmed to execute commands as soon as it is plugged into a device. These devices are impressive and scary. Amazing what can be built so easily and dangerous for those who are...

Hackers continue to create fake Web3-enabled websites to fleece unsuspecting victims’ browser-based wallets, with ETHDenver being the latest victim. A fake website of the popular Ethereum Denver conference is the latest phishing target of a red-flagged smart contract that has stolen over $300,000 worth of Ether (ETH). The popular conference saw its website duplicated by hackers this week in order to trick users into connecting their MetaMask wallets. According to Blockfence, which identified the fraudulent website, the smart contract has accessed more than 2,800 wallets and stolen over $300,000 over the past six months. Another day, another scam. This time the scammer targeted the @EthereumDenver website. Blockfence is here to protect you and fight scammers together: The scam contract was marked as "High Risk" by our ML algorithm and our partners at @GoplusSecurity pic.twitter.com/Jdtoz2Bgu4 — Blockfence (@blockfence_io) February 20, 2023 ETHDenver also issued a not...

After amassing $120 million in tokens through an infinite minting glitch, hackers reportedly only cashed out around $1 million due to a lack of liquidity on BonqDAO. According to Blockchain security firm CertiK, the damage caused to decentralized protocol BonqDAO on Feb. 1 may have been much less than initially thought.  As told by CertiK, the attacker first borrowed 100 million BEUR, a euro stablecoin, with less than $1,000 in collateral due to a lack of controls on the collateralization ratio. If users set the parameter to zero, then the platform defaults to returning the "maximum value of uint256," allowing an astronomical sum of loans to be issued. However, CertiK said that despite the attacker borrowing 100 million BEUR (around $120 million at the time of attack), the hacker only managed to withdraw around $1 million due to a lack of liquidity on the platform. Previously, blockchain security firms such as PeckSheild stated that around $120 million was lost during the ...

The main vulnerability behind the attack was within GLP oracle and how it conducts its price. Arbitrum-based lending protocol Lodestar Finance was exploit ed in a flash loan attack on Dec. 10. According to Lodestar, the attack er manipulated the price of the plvGLP token before borrowing all platform liquidity using the inflated token. In a Twitter thread, Lodestar explained the attack flow. The attacker first manipulated the exchange rate of the plvGLP contract to 1.83 GLP per plvGLP, "an exploit that by itself would be unprofitable", said the company. Then, the attack er supplied plvGLP collateral to Lodestar and borrowed all available liquidity, cashing out part of the funds "until the collateralization ratio mechanism prevented a full liquidation of the plvGLP." Following the hack, "several plvGLP holders also took advantage of the opportunity and also cashed out at 1.83 glp per plvGLP." The hacker was able to burn a little over 3 million in GLP, m...