Tag: security breach

Could Twitter Bitcoin Hack Have Been Prevented? Twitter Faces Heat From SEC

There is ongoing speculation that the massive Bitcoin hack that overtook Twitter on July 15 could have been prevented if Twitter CEO Jack Dorsey and his multi-billion dollar social networking company had taken matters into their own hands and addressed the security concerns outlined by the Securities and Exchange Commission (SEC) in 2015. 

SEC Warns Twitter About Security Breaches

When detailing Twitter’s 10-K annual report in 2015, the SEC had warned of a potential attack breakout if security concerns were not addressed and fixed by Dorsey and co. Under the “Risk Factors” section of the report, it read: 

“Our security measures may also be breached due to employee error, malfeasance, or otherwise. Additionally, outside parties may attempt to fraudulently induce employees, users or advertisers to disclose sensitive information in order to gain access to our data or our users’ or advertisers’ data or accounts, or may otherwise obtain access to such data or accounts.” 

Twitter Employees Get The Inside Scoop 

In the past, many of Twitter Inc.’s employees and contractors have had exclusive access to the confidential side of the social networking company.

Many possessed the admin information that enabled them to bypass security parameters set by Twitter. Consequently,Twitter employees were able to reset Twitter users’ accounts and override their security settings, a problem that CEO Jack Dorsey and his board of directors were warned about multiple times. 

Former Employees Confirm Twitter Breaches 

Former employees of Twitter have spoken up on the matter and confirmed the security concerns.They have said that there are over 1,500 workers at Twitter Inc. who can reset user accounts, review user breaches and respond to potential content violations for the social platform’s 186 million daily users.

Though the breadth of personal data most of these workers could access is still relatively limited, this is usually the starting point if one wished to snoop or hack an account. 

Following Beyonce’s Twitter Trail

Two former employees came forward and said that at some point in 2017-2018, the security controls were so porous that contractors would make “a kind of game out of creating bogus help-desk inquiries that allowed them to peek into celebrity accounts, including Beyonce’s, to track the stars’ personal data including their approximate locations gleaned from their devices’ IP addresses.” 

CEO Dorsey Shoots Himself In The Foot

To make matters worse, when commenting on the massive Bitcoin hack that took over Twitter a few weeks ago, CEO Jack Dorsey and his team have said that the huge security breach may have been an inside job, and that an employee might have enabled the Bitcoin cybercriminals to gain access to high-security internal admin for Twitter.

This was one of the hypotheses that could explain the successful hack, with Bitcoin scam artists taking control of celebrity verified accounts, that included but were not restricted to the platforms of Elon Musk, Kanye West, Bill Gates, Barack Obama, Kim Kardashian, Wiz Khalifa, Joe Biden, Warren Buffett, Jeff Bezos, Mike Bloomberg, among many others.

Twitter had said that this might just be the biggest hack that it has experienced in its history. When issuing a report on their platform to appease Twitter users, they said: 

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.” 

Binance, Kraken, Gemini, Coinbase Also Involved

The Bitcoin heist generated a sum of more than $100, 000 worth of Bitcoin. The accounts of high-profile coin exchanges were also compromised. When speaking up about the Twitter mass attack, CEO of Kraken Jesse Powell expressed through writing: 

“This hack shows that security is about layers of protection. Somebody has to be watching the admins and setting up alerts to watch for these vulnerabilities.” 

Twitter Works on Tracking Down Offenders

Investigations are still ongoing at the time of writing to uncover the identities of the Bitcoin thieves.

Twitter CEO has said that it will post updates regarding investigations, as the social networking company is working in collaboration with law enforcement to track down the cyber culprits. 

‘Big Four’ Tech Amazon, Google, Apple & Facebook Grilled During US Antitrust Hearing

In an antitrust hearing with the Judiciary Committee of US Congress, the CEOs of Amazon, Apple, Facebook and Google testified, as a continuation of an unfinished legal conversation with lawmakers. 

Shots Fired By US Congress 

Topics that were discussed ranged from data privacy breaches to investigations of the companies’ treatment of their competitors.  

The CEO tech moguls have been on the watchlist of Capitol Hill for quite some time, as US law enforcement has been hoping to update regulatory policies revolving around the technology industry. The ‘Big Four’ tech firms have also been taking heat from US officials for a litany of legal concerns, that range from consumer privacy breaches to a failure to adequately regulating the content on their platforms. 

Because of the ever-shifting nature of the tech sector and the heap of documents and interviews gathered to build this case, the interrogation played over the course of 6 hours.  The CEOs were interrogated virtually due to the current pandemic and the logistics involved with it. The anti-trust hearing was deemed a rare occasion by many, making it one of the most anticipated tech-policy hearings of all times.  

Lawsuits Against Tech Empires Pile Up

Commonly referred to as the “Big Four” in the tech industry, Amazon, Apple, Facebook and Google have been faced with heat from Capitol Hill on more than one occasion.  In fact, US lawmakers have been looking to build a case pertaining to antitrust issues against them for quite some time.

The amount of lawsuits faced by the four tech multi-billion dollar companies have been heaping up and Congress can therefore no longer turn a blind eye. Complaints and lawsuits range from cryptocurrency ad breaches to abuse of their monopoly when dealing with competitors to putting their own personal gain over platform users’ rights. Earlier in the hearing, to defend his Facebook Company, CEO Mark Zuckerberg said: 

“We compete hard. We compete fairly. We try to be the best.” 

Facebook and Google Slapped With $600M Lawsuit 

Earlier this month, Facebook and Google were served with a $600 million class-action lawsuit pertaining to a 2018 cryptocurrency ad ban. The lawsuit was filed by a group of cryptocurrency companies and individuals who claimed that the ban placed by these social media behemoths were hurting their businesses. 

The lawsuit, which is a no-win-no-fee case, is currently awaiting funding for official filing as the companies and individuals that are allegedly affected are said to be expecting more firms to join their ranks in the legal battle.  

Facebook Admitted to Regulatory Issues in 2019 

This is just the first of many cases of regulatory issues that Facebook has encountered as it keeps on building its tech empire. Previously, when instilling Libra as a digital currency of their own, powered by a Facebook-created version of blockchain, the social media company had admitted that there were regulatory issues that needed to be addressed and that were preventing the progress of launching Libra officially.  

In Facebook’s previous appeal with the US Securities and Exchange Commission, it mentioned that “there can be no assurance that Libra or our associated products and services will be made available in a timely manner.” 

Amazon Admits  

As for Amazon, the American multinational tech company has been accused of favoring their own products over that of third sellers on their website. They also faced accusations of misleading the committee.

Previously, the e-commerce behemoth had told law enforcement officials that it did not tap data from third-party sellers to boost their own products’ performance on the site. However, reports were brought up by Democratic Republican Pramila Jayapal that indicated the contrary. 

This prompted Bezos to admit potential fault. It was reported that this was the first time he had ever testified in front of Congress. He said: 

“What I can tell you is we have a policy against using seller-specific data to aid our private label business. But I can’t guarantee you that policy has never been violated.”

Apple Packs Less Heat 

As for CEO of Apple, Tim Cook, the business mogul faced less heat than his counterparts. However, he was grilled on how his company handled its App Store. Lawmakers repeatedly brought up Apple’s policy that enables them to get a 30 percent commission on its in-app sales and subscriptions, a fee that has negatively impacted Spotify.  

Teenage Twitter Hacker Could Use Bitcoin to Post $725,000 Bail

The mastermind behind Twitter’s recent massive hack attack has finally been arrested after a nationwide investigation by the FBI, and bail for him has been set at $725,000. The 17-year-old teenager is alleged to have more than 300 Bitcoin (BTC) in his possession, that could potentially be used to make bail. This translates to $3 million.  

Twitter Hacker Not A First-Time Offender

As the 17-year-old offender is currently facing 30 criminal charges, the bail is set at $725,000. The teenager is not only charged with the massive Twitter attack that overtook the verified accounts for famous celebrities, tech moguls, and high-profile politicians, but he is also charged with counts of communications fraud, of fraudulent use of personal information, of organized fraud, and for accessing an electronic device without authority. 

In his recent offense, the minor seized the verified accounts of high-profile figures such as Bill Gates, Elon Musk, Barack Obama, Joe Biden, and many more. He then tweeted the same message across all platforms, that promised that “all Bitcoin sent to our address below will be sent back to you doubled!” 

The massive Bitcoin scam generated approximately $100,000 worth of BTC. 

The minor is to be tried in Hillsborough County and is facing state charges, as he is a juvenile. As for his other two accomplices, they are facing federal charges in the Northern District of California. 

Law Regulators Argue on BTC Legitimacy

During his court hearing, it was revealed by the American teenager’s attorney that the “Bitcoin mastermind” had 300 Bitcoin in his possession. Prosecutors argued that the 300 Bitcoin held by the culprit should not be eligible for making bail payments, stipulating that every penny obtained by the teenager was through malicious and devious means.  

This is not the first offense of the Twitter hacker, as his attorney disclosed that the minor was the subject of yet another criminal investigation, that happened last year. The FBI and Department of Justice had obtained a search warrant then and had seized 400 BTC in the minor’s possession at the time, in addition to $15,000 in cash.  

However, back in April, the prosecutors declined to charge the hacker and returned the cash and 300 Bitcoin back to the minor. Defense attorney David Weisbrod then argued that this legitimizes the digital assets owned by his client. He said: 

“I can think of no greater indication of legitimacy than law enforcement giving the money back.”   

He then asked the judge to set bail at $20,000. 

Twitter Hack Causes Many Repercussions

The offenses that the Twitter hacker faces are many and his recent offense impacted numerous big-names, including Jeff Bezos, Mike Bloomberg, Warren Buffett, Bill Gates, and extended to major coin exchanges such as Gemini and Binance. Companies such as Uber and Apple were also hit.  

This is arguably the biggest hack Twitter has experienced in its history, and Twitter CEO Jack Dorsey has publicly apologized for the massive information breach that put in question the security of his social network company. 

Oracle Confirms Partnership with TikTok, President Trump Still Needs to Approve Deal

Oracle, the tech company that was said to have acquired TikTok’s US operations, has finally commented on the partnership and confirmed it.

Just yesterday, Oracle publicly stated that it has indeed struck a deal with TikTok’s parent company, ByteDance. The Chinese company had been subject to a lot of backlash from the Trump administration. Previously, US President Donald Trump has decreed that it wanted TikTok services to be banned from the country by September 15, under allegations that the popular video content app was used as a tool by the Chinese government to spy on American users. Trump had publicly condemned TikTok, saying that it illicitly collected personal data of over 80 million Americans. In a heated moment, Trump had said:

“As far as TikTok is concerned, we’re banning them from the United States.”

Trump administration comments on the deal

Despite all, multinational computer tech company Oracle tech firm had managed to nab the US operations of TikTok, overtaking Microsoft’s initial plans to make a move on the trendy video-sharing platform. Though the partnership with ByteDance has been secured and confirmed, Oracle, along with TikTok, still require the US government’s approval before moving forward. Addressing the deal, US Secretary of the Treasury Department Steve Mnuchin had disclosed to CNBC:

“I will just say that from our standpoint, we’ll need to make sure that the code is, one, secure, Americans’ data is secure, that the phones are secure and we’ll be looking to have discussions with Oracle over the next few days with our technical teams.”

Microsoft leaves, Walmart wants to stay

Microsoft had previously tried to secure TikTok US operations, along with Walmart’s help; however, ByteDance seemed to be more satisfied with Oracle as a tech partner. While Microsoft has withdrawn its offer, Walmart has been reported to still be interested in investing in TikTok.

With Oracle’s collaboration, the billion-dollar video content platform will most likely go through a restructuring, in order to offer better security and privacy protection.

Will Oracle be able to appease President Trump?

Furthermore, better data protection will be essential in appeasing President Trump’s fears of privacy breaches, especially with the United States being currently entangled in a cold tech war with China and the presidential elections approaching.

To offer more security, blockchain is a viable solution for TikTok. There are indications that parent company ByteDance is already familiar with the industry, as reported by Blockchain.news last December. ByteDance had been reported to have taken an interest in blockchain, as it had started investing in the decentralized ledger technology along with other Chinese companies.

Will blockchain solve TikTok’s privacy issues?

If blockchain was implemented on TikTok, this could secure the data of millions of users, and offer scalability solutions. Also, privacy breaches would be prevented with blockchain.

Checkpoint Research had published a list of things at the beginning of the year that detailed the issues that needed to be fixed on TikTok’s part. The vulnerabilities included hacking of TikTok user accounts and manipulating content; deleting videos; uploading unauthorized videos; making private ‘hidden’ videos public, and revealing personal information saved on the account such as private email addresses.

Currently, regulatory approval is awaited from the Trump administration for the Oracle-ByteDance deal, and Congress is expected to reach a conclusion sometime this week.

What Does Oracle's TikTok Deal Mean for the US? ByteDance Confident President Trump Will Approve Deal

TikTok’s parent company, ByteDance, is confident that its deal with Oracle tech giant for TikTok’s US operations will be approved by both Chinese and American regulators.

Oracle secures TikTok

The deal for TikTok US operations was confirmed by Oracle this week and in order for the video-sharing app to remain active in the United States, it still needs to pass approval from the Trump administration. A set decision is rumored to be rolled out by the end of the week.

TikTok, previously shunned by US President Trump who accused the video-sharing company of illegitimate data collection and security breaches that harmed American users, appears to now have found a way to remain operational in the US. Previously under Microsoft’s bucket list for things to buy, it has been swept up by Oracle tech company.

ByteDance refuses to sell its TikTok algorithms

The recent development is that Walmart may also have a stake in the tech company, along with other American investors. However, the proposal dictates that most of TikTok’s shares will still be owned by parent company ByteDance.

Furthermore, it has been disclosed that ByteDance is unwilling to sell the prized algorithms behind the video content sharing app and cede ownership of them to Oracle tech company. After all, the social media app gained so much popularity worldwide that it has grown to be a direct challenger of other tech giants, such as Facebook and Google.

So what does acquiring TikTok shares mean for Oracle?

Under the new partnership, Oracle’s ruling power will extend to software review and monitoring of TikTok US services. It will be able to analyze the source code behind TikTok’s digital network. However, as shared by Bloomberg, ByteDance will still hold the proprietary rights of TikTok, despite American investors owning partial TikTok equities.

The green light has yet to be given by the Trump administration. Previously, President Trump had said that the app was a national security threat and a means that the Chinese government used to spy on the US. Trump had vehemently stipulated on many counts that he wanted TikTok banned from the US and that he did not want the platform’s Chinese parent company, ByteDance to retain majority control. Addressing the issue, US Secretary of the Treasury Department, Steven Mnuchin had said on behalf of the US government:

“I will just say that we’ll need to make sure that the code is secure, Americans’ data is secure, that the phones are secure and we’ll be looking to have discussions with Oracle over the next few days with our technical teams.”

China likely to okay the deal, under one condition

ByteDance and Oracle are currently awaiting approval from Chinese and US regulators. ByteDance is confident that China will approve the deal. An inside source that is familiar with the talks had disclosed that Beijing “is likely to greenlight the deal as long as it doesn’t involve the transfer of the artificial intelligence algorithms that drive Tiktok’s service.

Furthermore, they added that that needs to remain true even if ByteDance parent company were to cede majority control of TikTok over to American investors.

How can Oracle and ByteDance gain Trump’s approval?

As for Donald Trump, it appears that the US President will only be appeased if his fears of Chinese spyware were attenuated. On top of it, as mentioned by Bloomberg, the United States president will likely want US companies to retain majority control of TikTok, instead of ByteDance.

In order to provide security and dispel data breaching threats, blockchain technology could be an interesting alternative for TikTok to explore. It has been disclosed that ByteDance had strongly invested in blockchain technology, along with other Chinese companies in the past.

TikTok can benefit from blockchain technology

Blockchain technology may be a viable solution for TikTok to adopt so that the protection and security of the personal information of millions of influencers and content creators leveraging the app are ensured. Furthermore, the adoption of a decentralized ledger technology by TikTok can be beneficial to entertainers who are paid for the videos and content they upload onto social media.

Currently, the Oracle-ByteDance deal is awaiting the Trump administration’s seal of approval, as well as the okay from Chinese regulators. A decision is to be made by the end of this week.

KuCoin Loses $150 Million Due to Security Breach But Compensation to Follow

KuCoin, a Singapore-based crypto exchange, has disclosed the suspicious withdrawal of large amounts of Bitcoin, ERC-20, and Ether from its hot wallets worth about $150 million. Nevertheless, the security breach did not affect its cold wallets as they remained unharmed and safe. 

Abnormalities detected

The crypto exchange revealed that its internal risk-monitoring system raised the red flag after noticing abnormalities on September 26. More alerts about abnormal transfers from its hot wallets kept trickling in, and this was a clear indication that something was amiss. As per the announcement:

“According to the latest internal security audit report, part of Bitcoin, ERC-20 and other tokens in KuCoin’s hot wallets were transferred out of the exchange, which contained few parts of our total assets holdings.”

On the other hand, users had started complaining about difficulties withdrawing their assets from the crypto exchange across various social media platforms. Nevertheless, they were assured that their funds were safe. 

Insurance fund compensation

In a subsequent live stream, Johnny Lyu, KuCoin CEO, asserted that the company’s insurance fund could entirely cover the hacked funds. He also noted that the lost investments were nothing to worry about because they represented a small part of the firm’s total assets holdings. 

Lyu confessed that at least one hacker stole its hot wallets’ private keys, but this was not the case with the cold wallets as they are not connected to the internet. KuCoin was also in touch with the authorities to help with investigations. 

The company did not stop there because it contacted other crypto exchanges like Huobi Global, BitMex, OKEx, Binance, and Bitfinex to assist with inquiries by flagging down the hackers’ wallet address.

According to leading blockchain tracking and analytics provider Whale Alert, scammers have been on a stealing spree as they have made away with Bitcoin worth $24 million in the first half of 2020. 

Image source: Unsplash

Algorand Wallets Hacked Again

Algorand-based wallets have been hit by security breaches in recent weeks, with MyAlgo and Algodex both experiencing hacks. MyAlgo urged users to withdraw their assets or rekey their funds after a February security breach that resulted in losses of around $9.2 million. In the past week, a targeted attack was carried out against a group of high-profile MyAlgo accounts. The cause of the breach is unknown, and the wallet provider has encouraged users to take precautionary measures to protect their assets. Meanwhile, Algodex revealed that a malicious actor infiltrated a company wallet on March 5, similar to what is happening in the Algorand ecosystem. Algodex moved the bulk of its USD Coin (USDC) and native Algodex (ALGX) tokens to secure locations, but the infiltrated wallet was responsible for providing extra liquidity to the ALGX token. The exchange confirmed that $25,000 in ALGX tokens allocated to provide liquidity rewards were taken, but it would replace this in full. The total loss from the theft was less than $55,000, and Algodex users and the liquidity of ALGX were not affected.

The Algorand Foundation’s chief technology officer, John Wood, confirmed that around 25 accounts were affected by the MyAlgo exploit, and it was not the result of an underlying issue with the Algorand protocol or software development kit (SDK). The foundation is responsible for the development and governance of the Algorand ecosystem, which aims to create a secure and decentralized platform for digital assets and applications. Algorand uses a pure proof-of-stake consensus algorithm that is designed to be energy-efficient and secure against attacks. The protocol has been adopted by a range of projects and companies in the blockchain space, including Circle, the issuer of USDC stablecoin, and the International Blockchain Monetary Reserve, a non-profit organization that aims to provide financial services to underserved communities.

The recent hacks on Algorand-based wallets highlight the importance of securing digital assets and using trusted and reputable service providers. Users should also be aware of the risks associated with storing assets on centralized platforms, which can be vulnerable to attacks and hacks. The Algorand Foundation has been working on enhancing the security of the protocol and its ecosystem by partnering with leading security firms and auditing companies. The foundation also offers grants and support to developers and projects building on the Algorand platform, with a focus on security, scalability, and usability. The foundation’s latest initiative is the Algorand Improvement Proposal (AIP) process, which allows stakeholders and developers to propose and discuss changes to the protocol and its governance. The AIP process is designed to be transparent, collaborative, and community-driven, ensuring that the Algorand ecosystem evolves in a responsible and inclusive way.

In addition to the Algorand Foundation’s efforts, users can take several measures to protect their digital assets and minimize the risks of hacks and breaches. One of the most important steps is to use strong and unique passwords for each account and to enable two-factor authentication (2FA) whenever possible. Users should also avoid sharing sensitive information online or with unknown parties, and to verify the authenticity of emails, messages, and websites before providing any information or making any transactions. Another best practice is to store digital assets in hardware wallets, which are offline devices that offer enhanced security and privacy compared to software wallets and exchanges.

As the adoption of blockchain and digital assets continues to grow, the security and resilience of the underlying infrastructure become even more critical. Algorand and other blockchain platforms must continue to invest in research, development, and education to address the evolving threats and challenges in the digital asset space. Users and stakeholders also have a role to play in promoting best practices, transparency, and accountability in the ecosystem, ensuring that the benefits of blockchain technology are realized in a safe and sustainable way.

USD Coin Chief Strategy Officer Twitter Account Hacked

In a security breach, the Twitter account of Circle’s USD Coin (USDC) stablecoin chief strategy officer Dante Disparte has been compromised. The hack resulted in the promotion of fake loyalty rewards for long-time USDC users, which was tweeted from Disparte’s account and later deleted. Prior to the incident, the account had been tweeting about the regulatory developments of the firm and its participation in Paris Blockchain Week.

The security breach comes less than a month after the USDC briefly depegged due to reserve deposits left in the custody of defunct American tech bank Silicon Valley Bank. However, the incident was resolved, and the USDC has repegged, although there is still a slight variance with the stablecoin’s peg at the time of publication.

Circle’s USDC stablecoin is a regulated cryptocurrency that is backed by US dollars on a one-to-one basis. The stablecoin has been gaining popularity as a means of conducting transactions on cryptocurrency exchanges due to its stability compared to other cryptocurrencies, which are known for their volatility.

Hacking incidents have been prevalent in the cryptocurrency industry, with high-profile cases including the 2014 Mt. Gox hack, which resulted in the loss of around 850,000 bitcoins. In response to the incident, Circle has not provided any further details about the security breach or the steps it has taken to mitigate the damage caused by the hack. However, it is likely that the company will conduct a thorough investigation to determine the extent of the breach and prevent similar incidents from occurring in the future.

The security of cryptocurrencies and their related infrastructure is a pressing concern for regulators and market participants alike. In response to these concerns, regulatory bodies around the world have been implementing new measures to safeguard cryptocurrency exchanges and other digital asset platforms. The recent hack of Circle’s USDC stablecoin chief strategy officer’s Twitter account highlights the need for increased security measures and greater vigilance in the cryptocurrency industry.

Alphapo Hot Wallets Drained of Over $23M in BTC, ETH and TRON

Alphapo, a payment processor for various gambling services, reported a breach of their hot wallets today, July 23, 2023. The breach resulted in a loss of over $23 million in Ethereum (ETH), TRON (TRX), and Bitcoin (BTC) cryptocurrencies. The exact amount of BTC stolen remains unclear.

Alphapo is known for processing payments for several gambling services, including HypeDrop, Bovada, and Ignition. Following the incident, HypeDrop, one of Alphapo’s customers, had to disable withdrawals.

The stolen funds on Ethereum were swapped for ETH and then bridged to Avalanche and Bitcoin. The addresses involved in the breach include:

0x040a96659fd7118259ebcd547771f6ecb9580d17
0x6d2e8a20b8afa88d92406d315b67822c01e53c38
TKSitnfTLVMRbJsF1i2UH5hNUeHLDrXDiY
TDoNAZHa7WxarUAFbQUhiijTGtd7EpbzRh
TJF7mdFxDuHB4tb9hoyR4SCpKxk7gr23ym1

In response to a query about the deposit and withdrawal issues, HypeDrop stated, “Our provider is currently working to solve some recent issues from their side, they are facing problems specifically related to withdrawals of BTC, ETH, and TRX, as well as deposits for ETH and TRX. We are actively monitoring the situation with them and will provide you with an update when more information is available. Be assured that if your payment has been affected, your funds are secure 🙂”.

The incident has sparked questions regarding Alphapo’s security protocols and the subsequent effects on its clientele. Observers are keenly following the situation, with further developments anticipated as the inquiry unfolds.

In a related development, a user has raised concerns about HypeDrop’s operations. The user alleges that HypeDrop, managed by an individual named Killian, operates several unregulated online casinos. The user claims that large winners are immediately subjected to a Know Your Customer (KYC) process, which allegedly has been leaked in the past, particularly with their influencers. The user also alleges that the KYC process is never approved. Furthermore, the user criticizes HypeDrop’s policy on their CSGO gambling sites, which allows crypto deposits but not withdrawals, a privilege only granted to influencers and skin suppliers.

Mixin Network Suffers $200 Million Hack

Key Takeaways

Mixin Network’s cloud service provider database was attacked on September 23, 2023, resulting in a loss of approximately $200 million.

Blockchain security firm SlowMist is assisting in the ongoing investigation.

Deposit and withdrawal services on Mixin Network have been temporarily suspended.

Security Breach and Financial Impact

In a significant security breach, Mixin Network’s cloud service provider database was compromised on September 23, 2023, Hong Kong time. The attack led to the loss of assets on the mainnet, with the funds involved estimated to be around $200 million. The announcement was made on September 25, 2023, via Mixin’s official Twitter account, which has garnered significant attention, accumulating over 140K views.

Investigation and Immediate Actions

Mixin Network has enlisted the help of blockchain security company SlowMist to assist in the investigation. SlowMist has also issued a security alert regarding the incident. In addition to SlowMist, Mixin Network has contacted Google for further assistance. Deposit and withdrawal services on the network have been temporarily suspended until vulnerabilities are confirmed and fixed. However, transfers between accounts remain unaffected during this period.

Community Reactions and Previous Incidents

The crypto community has expressed concern and frustration over the incident, especially considering the recent hacks involving Stake, CoinEX, and Remitano exchanges. Crypto detective ZachXBT highlighted the alarming frequency of these nine-figure hacks, stating, “Wtf another 9 figure hack (all liquid assets).

Upcoming Announcements

Mixin founder Feng Xiaodong is scheduled to explain the incident in a public Mandarin livestream at 13:00 HKT on September 25, 2023. The Mixin team will later summarize the content in English for broader dissemination. Plans on how to deal with the lost assets will be announced subsequently.

Disclaimer & Copyright Notice: The content of this article is for informational purposes only and is not intended as financial advice. Always consult with a professional before making any financial decisions. This material is the exclusive property of Blockchain.News. Unauthorized use, duplication, or distribution without express permission is prohibited. Proper credit and direction to the original content are required for any permitted use.

Exit mobile version