Category: Hackers

Ledger Crisis: Users May Pursue a Lawsuit as They Receive Threatening Emails

Post author By Ibiam Wayas
Post date December 22, 2020

The security breach on Ledger, which led to the exposure of customers’ contact information, is currently causing a heavy shake of the company’s long-built reputation as the leading and secured hard wallet maker. On December 20, a hacker(s) dumped a database containing email addresses and physical contact information of Ledger customers, making them even more vulnerable to threats and phishing attacks – to a greater extent.

While the company says they are working to investigate the matter, customers are already displaying signs of pushing a class-action lawsuit against the hardware wallet provider.

Ledger Users are Already Receiving Threatening Messages via Email

The recent development on the Ledger hack was spurred after a database – probably stolen in the June attack – was dumped on RaidForms, a marketplace for trading stolen information. This resulted in the exposure of over one million email addresses subscribed to Ledgers’ newsletter, including the Emails, Physical Addresses, Phone numbers, and other identifying information of 272,000 Ledger buyers.

ALERT: Threat actor just dumped @Ledger's database which have been circling around for the past few months.

The database contains information such as Emails, Physical Addresses, Phone numbers and more information on 272,000 Ledger buyers and Emails of 1,000,000 additional users. pic.twitter.com/Sv9cQwhuNy
— Alon Gal (Under the Breach) (@UnderTheBreach) December 20, 2020

With this information in the wrong hands, many people feared that this is only the beginning of threats and phishing attacks on the customers. Already, the customers are receiving messages of physical threats, if they don’t pay about $500 in Bitcoin ransom, according to a Reddit user, u/elephants. The message sent to him/her reads precisely:

Hello (my name), I have recently become aware of your Cryptocurrency holdings, I also live in (my city), and I also know that you live at (my address). I’m not afraid to invade your home, I don’t want to make this any harder than it has to be. I’m offering you $500 (shouldn’t be much to you considering the recent pump) to leave you alone.
If not, I’m not afraid to show up when you least expect it and see how my wrench works against your face, or maybe even wait for you to leave your home and take your belongings whilst you’re not there to call the police. I’ll be waiting for the money, and watching you until then.

Lawsuits hovering

As Ledger customers seem not to be satisfied with the company’s response to the development, they are raising talks on pushing a class-action lawsuit against the wallet maker.

If any lawyers want to start a class action suit, I’m sure many of us will jump on board. This has just gotten 10,000x worse now.
— Ryan Olah (@RyanOlah2) December 20, 2020

Tags Ledger

DeFi Hackers

DeFi Platform Warp Finance Recovers 75 % Of $5.85M Stolen Funds

Post author By José Oramas
Post date December 21, 2020

Warp Finance announced the recovery of $5.85M, 75% of funds stolen on December 17 — when an attacker withdrew a $7.76m through a flash loan exploit.

The DeFi platform said the distribution and compensation of the stolen funds for the affected users will begin on December 21. The compensation is proportional to the number of W-DAI (DAI stablecoin) and W-USD (U.S. Dollar) held at the moment of the snapshot.

On December 20th, 2020 at 0216 UTC we successfully recovered the loan collateral from the exploit, in the form of ETH/DAI-LP tokens. The value is approximately $5.85m, which is ~75% of the $7.76m lost funds.

Full statement: https://t.co/SzrE3irylJ
— warp.finance (@warpfinance) December 20, 2020

While the hacker got away with nearly $8M, the DeFi firm managed to retrieve the loan collateral. White Hat hackers, which is slang for ethical hackers — helped to locate and secure the funds. Approximately 75% of users will get a reimbursement.

The attacker managed to hack Warp Finance by using several flash attacks, like multiple flash loans through dYdX protocols, flash swaps via Uniswap, and flash liquidity.

IOU Tokens For Compensation

Warp Finance plans to compensate for the remaining 25% loss with IOU tokens. According to the firm, the Portal IOU tokens will refund users in a near future, and even giving them a profit on their initial deposits.

While we are relieved that lost funds have been partially recovered, we see this only as a first step to making Warp Finance users whole. For this reason, we will issue Portal IOU tokens to every affected user. The end goal of the IOU token is to fully refund users and potentially even giving them a profit on what they initially deposited.
Stated the firm .

Cyber-crimes have seen a surge in 2020, with more than $100M stolen including recently 8M stolen from DeFi insurer CEO Ciphertrace, a cryptocurrency forensics and blockchain threat intelligence firm, reported on November 11 that 45% of all thefts in the first six months of 2020 were Defi hacks, equating to about $51.5M — 40% of volume for that period.

Tags Hack

Bitcoin Blockchain Crypto News Hackers

Bitcoin.org Hit By DDoS Attack

Post author By Cristian Lipciuc
Post date December 21, 2020

Although the Bitcoin blockchain itself was not affected, the official website that hosts a copy of Bitcoin Core open-source code for developers and any other interested party was. So far, an attack against a blockchain itself has never been executed.

DDoS Attacks Common In Similar Circumstances

According to Cobra – an anonymous dev who helps keep the website up and running – this sort of attack is not uncommon when Bitcoin is spiking high and markets are bullish. He also warned that this particular attack was probably not over just yet. Although the official Bitcoin site is up and running again, DDoS attacks happen in waves through coordinated botnets quite often.

“Basically, we got hit with a large DDoS, which is quite common around ATHs (all-time highs) and bull markets. It took us down for a while but for now, we’re back up, but we might go down on and off periodically depending on how long the attackers want to continue attacking.”

A Distributed Denial of Service (DDoS) attack is an attack in which many devices infected by malware are coordinated by a bad actor in order to overwhelm an IP address with web traffic, slowing down traffic for normal users – and often taking the site offline completely for certain periods of time.

For those eager to help host the source code until the DDoS attacks cease, crypto enthusiasts have set up a torrent where the code can be downloaded from and hosted.

https://t.co/klNYO046It is under DDOS attack. People will not be able to get BitcoinCore until the site is back up.
But you can help a bit if you download and keep sharing the torrent of Bitcoin Core 20.0.1 for people that need it to start a full node. https://t.co/NX29uvWArj
— zender 🟨⬛ Taproot by BIP8 (@zndtoshi) December 19, 2020

The attack is being led by mostly Russian IPs – although this does not necessarily mean the attack is coming from there, as bad actors nearly always use VPNs, allowing them to pretend to be from somewhere else.

In addition, infected devices carrying out the attack can belong to anyone, anywhere – and the owner of the device will almost certainly be unaware that their device is being used for nefarious purposes.

Australia Crypto News DeFi Hackers

Simon Green Warns About Escalating Cyberattacks Following The Australian Levitas Capital Hack

Post author By José Oramas
Post date November 30, 2020

Simon Green, the CEO of Palo Alto Networks JAPAC, stated that cyberattacks are a major threat to the digital transformation of businesses in the Australian economy, as well as global. This year, hackers have stolen more than $ 100 million in DeFi projects alone.

In an online interview with Skynews Australia, Green Addressed the dangers of the escalating amount of cyberattacks, in several companies related to fintech and finance in general — especially following this last week’s attack on the Sydney-based hedge fund Levitas Capital.

An escalation in cyber threats have been increasing as digital transformation continues to occur according to Palo Alto Network's President of Japan and Asia-Pacific Simon Green.https://t.co/KxpgbKimWN
— Sky News Australia (@SkyNewsAust) November 29, 2020

As more Australian businesses are forced to go digital, the growth of cyberattacks is becoming a major concern. Green believes that during the pandemic, these attacks have increased.

A rapid increase in cyber threats has been seen, particularly during the pandemic. The environment has changed dramatically, particularly over the last nine months. People are now sitting in their homes and spending a lot of time on digital means. Whether it is in personal or business means, cyber threat is becoming an increasingly large problem.
Stated Green for Skynews Australia

Levitas Capital, Victim of a Hack Spree

A fake Zoom invite link shut down the Australian hedge fund Levitas Capital, and cost it almost US$ 8,7 million in losses after a hacker sent fake invoices on behalf of the firm Australian Catholic Super — their major client, to withdraw its funds.

Levitas Capital is the latest victim of a cybercrime spree that affected almost 2000 other Australian businesses with similar hacks this year. This prompted an ongoing investigation by the Federal Police called “Operation Dolos”.

Fintech and Finance Platforms Targeted by Hackers

A lot of money is flying into the world of Decentralized Finance (DeFi), and hackers are taking advantage of the weak points of DeFi projects, using scams like flash loans through Smart Contracts.

This way, hackers have stolen more than US$ 100 million from several DeFi platforms this year alone. The most recent one is Pickle Finance — the cybercriminals hacked its protocol for US$ 19,7 million worth in DAI Stablecoin — and cybersecurity incidents cost Australian businesses around US$ 29 billion each year.

DeFi Hackers Industries

Pickle Finance Is The Latest DeFi Project To Be Beaten At Its Own Game

Post author By Cristian Lipciuc
Post date November 23, 2020

DeFi farming project Pickle Finance is the latest DeFi project to be hit hard by those who may share the same entrepreneurial spirit, if not the same methods.

Unlike the recent flashloan fiasco Value DeFi recently went through, the attack on Pickle Finance was a bona fide malicious attack, with none of the tongue-in-cheek humor.

Value DeFi has since switched to Chainlink, arguing that their system provides better protection from exploits.

Evil Jar Swap

Pickle Finance’s modus operandi was based on providing automatic solutions for transactions between various DeFi protocols.

However, in order to maximize profits Pickle Finance required users to deposit funds in compound for trading purposes.

This allowed the unknown bad actor to swap the funds between Pickle Finance’s cDAI jar and a copycat contract. The copycat contract had a similar interface to the legitimate one but was programmed to execute itself differently, allowing the bad actor to make a huge profit.

Confirmed 30 seconds later, the person behind the attack sent $20 million worth of funds from Pickle’s cDAI jar to his own “evil jar”.

Argh! No 😥 https://t.co/IqskGJsrxT pic.twitter.com/eXZbnDfnaF
— Emiliano Bonassi | emiliano.eth (@emilianobonassi) November 21, 2020

However, the DeFi company’s problems are not over, as their value has since plummeted by 58% within just a few hours – as proven by their current trending search on CoinGecko. The price has since slightly rebounded, making the loss of value closer to 52%.

Twitter users have been making light of the issue – with a user quipping that the new security audit will be to have proper insurance coverage, and others replying that they should start a security audit company for security audit companies.

Nevertheless, the past few weeks have seen several more DeFi projects, such as Akropolis, Harvest Finance, and Cheese Bank fall victim to bad actors.

There is a silver lining to all the trouble, however: new and existing DeFi companies will now probably start beefing up their security, spurring decentralized finance down the path to becoming a huge competitor for traditional finance.

Crypto News DeFi Hackers

Hacker Steals 2$ Million From Akropolis Savings Pools

Post author By José Oramas
Post date November 14, 2020

Akropolis (AKRO), the Crypto DeFi platform, recently tweeted on November 12 that their savings pools were hacked by the amount of 2$ million dollars worth in DAI, apparently, in a Flash Loan attack.

According to Akropolis, the hack was executed “across a body of smart contracts” in the savings pools. The firm added that their staking pools are “safe” — and the hack only affected CurveY and Curve sUSD savings pools.

In a statement, the firm noticed a “discrepancy in the APYs of our stablecoin pools”. Reports from the ETH blockchain show that the hackers were able to gather a total of $2,051,159 million in DAI. Later, the hacker sent the funds to a different address where they are currently held.

Now the entire Akropolis protocol is paused — its stablecoin pools remain suspended as the security team is currently working on several procedures in the affected areas. The firm informed major exchanges about the attack — and their security processes are under review as well.

Researcher Steven Zheng reported on Twitter about the hacker’s transaction. Zheng also stated that the hacker was executing batches of $50,000 attacks 7 hours later.

Seems like Akropolis got hacked.

Hacker took $2M in DAI. Exploit involved its Curve savings pools. pic.twitter.com/dmd0xNhKwX
— Steven (@Dogetoshi) November 12, 2020

Zheng, as well as many other crypto users, suggested that this hack was similar to the Harvest Finance project hack — a market price manipulation made with flash loans exploits. “This is not entirely true”, said Ana Andrianova, Akropolis founder, discarding Zheng’s suggestion about the attack being similar to Harvest Finance.

Harvest Finance was a DeFi project led by an anonymous team. The attack caused millions of dollars worth of FARM tokens stolen by hackers. As a result, its prices fell over 60% at press time.

While its users are now fearful about the future of their savings, the Akropolis team stated that “most funds are safe” and that they are exploring ways to refund the users affected by the hack.

“We are exploring ways to reimburse users for the loss in a way that is sustainable for the project, and will make a proposal to the community prior to any final decision being made.” As a sideline, the firm stated one of the next steps is a post-mortem publication with their analysis as soon as possible.