slowmist - Pwim.Net

185 Blockchain Hacking Incidents with $920M Loss Reported by SlowMist in First Half of 2023

SlowMist, a renowned blockchain security firm, has recently published its mid-2023 report on Blockchain Security and Anti-Money Laundering (AML). The report offers a comprehensive overview of the current global landscape of blockchain security and AML developments.

The first half of 2023 witnessed significant growth and increased security challenges in the blockchain sector. According to SlowMist’s Blockchain Hacked Incident Archive, there were 185 security breaches leading to a massive loss of $920 million. However, this figure represents a 54% decrease compared to the first half of 2022, which saw losses of around $2 billion.

The report categorizes the incidents into five sectors: DeFi/NFT/Bridge, Trading Platforms, Public Chain, Wallet, and Others. The DeFi, NFT, and Cross-chain Bridge sectors bore the brunt, with 131 incidents leading to losses of approximately $487 million. Despite fewer incidents in other categories, they still resulted in significant financial losses.

In a positive development, the first half of 2023 saw the successful recovery of stolen funds in 10 instances. Of the $232 million stolen, an impressive $219 million was reclaimed, including full refunds in three cases. This trend highlights the importance of robust security strategies and effective negotiations.

The report also underscores the intensifying global focus on Anti-Money Laundering. Regulatory bodies worldwide are reshaping the AML landscape, with notable actions taken by Tether, Circle, ChipMixer, the U.S. Treasury Department, Hong Kong, Indonesia, the United Kingdom, and France.

Mixing platforms such as Tornado Cash and eXch experienced significant user activity, being widely used for questionable transactions. Phishing scams, perpetrated by groups like Pink Drainer, Vemon Drainer, Monkey Drainer, Pussy Drainer, and Inferno Drainer, continue to pose a significant threat within the blockchain community.

The activities of hacking groups like the Lazarus Group highlight the escalating sophistication of threats within the blockchain ecosystem. These groups employ complex multi-chain paths and intricate transaction patterns to launder stolen assets and evade detection, necessitating advanced countermeasures and investigative methods.

SlowMist’s report aims to arm individuals and the broader blockchain industry with the knowledge needed to counter these evolving threats.

Over $30 Billion Lost to Blockchain Hacks, Reveals SlowMist Hacked Statistics

According to a research by SlowMist Hacked Statistics, the total amount of money that has been stolen from blockchains is an astounding $30,011,604,576.24. This information comes as a stunning surprise.

The data, which encompasses a total of 1,101 hack occurrences, highlights the mounting worries over the sector’s security as blockchain and cryptocurrencies continue to gain popularity.

The study includes a thorough analysis of the losses by category, showing the sectors that have been most impacted by the aforementioned security breaches.

The Exchange category is at the top of the list with 118 occurrences that resulted in losses of nearly $10.95 billion.

The ETH Ecosystem is next, which has had 217 occurrences and losses totalling more than $3.12 billion during the duration of its existence.

The 162 and 184 events, respectively, have resulted in significant losses for both the BSC Ecosystem and the Other category. Losses from both incidents have totaled around $10.95 billion and $1.45 billion, respectively.

It’s noteworthy to observe that these security vulnerabilities have not spared the recently flourishing NFT business.

The survey found that there were 85 instances in this category, resulting in losses of about $200 million.

These findings also bring to light the vulnerabilities that exist among a variety of blockchain ecosystems.

For example, the EOS Ecosystem has been subjected to 119 occurrences, which have ultimately resulted in losses of around $25.9 million.

This research provides as a sharp reminder of the security difficulties that the blockchain and cryptocurrency industry confronts and acts as an excellent resource for doing so.

The need of implementing comprehensive security policies and procedures is only going to increase as the industry continues its process of growth and development.

The figures raise concerns, but they also provide a chance for information security firms that concentrate on blockchain and cryptocurrency technologies.

As the industry strives to address the security concerns that have been highlighted, demand for more advanced security solutions is predicted to rise. This will provide new possibilities for growth and innovation in the area of cybersecurity.

Mixin Network Suffers $200 Million Hack

Key Takeaways

Mixin Network’s cloud service provider database was attacked on September 23, 2023, resulting in a loss of approximately $200 million.

Blockchain security firm SlowMist is assisting in the ongoing investigation.

Deposit and withdrawal services on Mixin Network have been temporarily suspended.

Security Breach and Financial Impact

In a significant security breach, Mixin Network’s cloud service provider database was compromised on September 23, 2023, Hong Kong time. The attack led to the loss of assets on the mainnet, with the funds involved estimated to be around $200 million. The announcement was made on September 25, 2023, via Mixin’s official Twitter account, which has garnered significant attention, accumulating over 140K views.

Investigation and Immediate Actions

Mixin Network has enlisted the help of blockchain security company SlowMist to assist in the investigation. SlowMist has also issued a security alert regarding the incident. In addition to SlowMist, Mixin Network has contacted Google for further assistance. Deposit and withdrawal services on the network have been temporarily suspended until vulnerabilities are confirmed and fixed. However, transfers between accounts remain unaffected during this period.

Community Reactions and Previous Incidents

The crypto community has expressed concern and frustration over the incident, especially considering the recent hacks involving Stake, CoinEX, and Remitano exchanges. Crypto detective ZachXBT highlighted the alarming frequency of these nine-figure hacks, stating, “Wtf another 9 figure hack (all liquid assets).

Upcoming Announcements

Mixin founder Feng Xiaodong is scheduled to explain the incident in a public Mandarin livestream at 13:00 HKT on September 25, 2023. The Mixin team will later summarize the content in English for broader dissemination. Plans on how to deal with the lost assets will be announced subsequently.

Disclaimer & Copyright Notice: The content of this article is for informational purposes only and is not intended as financial advice. Always consult with a professional before making any financial decisions. This material is the exclusive property of Blockchain.News. Unauthorized use, duplication, or distribution without express permission is prohibited. Proper credit and direction to the original content are required for any permitted use.

SlowMist Reports Surge in Diverse Crypto Security Incidents for the Week of September 17-23, 2023

Key Takeaways

Total security incidents reported: 7

Estimated financial loss: Approximately $380,600

Notable trend: Increase in phishing attacks and rug pull tactics

New attack methods: DNS hijacking, contract vulnerability, and phishing attempts

Breakdown of Incidents

Phishing Attacks:

Unimevbot users were targeted through malicious MEV bot codes on the website. The exact loss remains undisclosed, but funds were transferred to the hacker’s on-chain address.

Coinbase Wallet also fell victim to a phishing attack that exploited the Web3 messaging network protocol. The exact financial impact is yet to be reported.

Contract Vulnerabilities:

Linear Finance exposed its $LUSD token to an exploit attack due to a contract vulnerability. No specific loss has been reported.

Rug Pulls:

BNBpay and YZER were involved in rug pull incidents, with losses amounting to approximately $114,000 and $28,600, respectively, following significant liquidity removals.

DNS Hijacking:

Balancer was targeted in a DNS hijacking attack by a phishing group known as AngelDrainer, resulting in a loss of around $238,000.

Infrastructure Vulnerability:

An unspecified infrastructure vulnerability led to significant funding and team token loss for a project named “None.” The exact financial impact remains undisclosed.

Conclusion

The Slowmist report underscores the increasing complexity and diversity of attacks in the crypto and blockchain landscape. SlowMist urges users to remain vigilant and adopt comprehensive security strategies.

Mixin Network Urges Hacker to Return Funds, Offers $20M Bug Bounty

Key Takeaways

Mixin Network was hacked, resulting in a loss of $200 million in user assets.
The company has left a message for the hacker, offering a $20M bug bounty for the return of the assets.
The transaction was confirmed on block 18225451, with a timestamp of Sep-27-2023 06:55:59 AM +UTC.

Mixin Network, a Hong Kong-based decentralized cross-chain transfer protocol, suffered a significant security breach on September 23, 2023. The hack led to an estimated loss of $200 million in assets, primarily in Bitcoin. The company immediately suspended deposits and withdrawals but maintained that intra-network transfers would remain operational. Before the incident, Mixin had nearly $400 million across 48 chains locked in its protocol, according to data provided by DefiLlama.

The Message to the Hacker

In an unprecedented move, Mixin Network has communicated directly with the hacker via a transaction message. The message reads, “Most of our platform assets were users’, and we hope you can refund them. You can keep $20M of the assets as a BUG Bounty Reward for the BUG. Contact us via bug@mixin.one for the reward details.” The transaction was confirmed on block 18225451, with a timestamp of Sep-27-2023 06:55:59 AM +UTC. The transaction fee was a mere 0.00016736127846444 ETH, equivalent to $0.27.

Background Investigations and Exchange Involvement

Cybersecurity watchdog Cyvers Alerts has been investigating the incident and revealed that two hacker addresses received 51 ETH from an account that had previous interactions with major cryptocurrency exchanges Huobi Global and Binance. The watchdog has called on these exchanges to assist in identifying the account linked to the suspicious transactions. Blockchain security firm SlowMist has also been enlisted to assist in the ongoing investigation. The involvement of these major exchanges could be crucial in tracing the origins of the funds and possibly recovering some of the stolen assets.

Controversies and Community Reactions

The hack has sparked debates and controversies within the crypto community. Zhuoer Jiang, CEO of Bitcoin mining pool BTC.TOP, claimed that Bitcoin stored in the Mixin protocol “should have never been stolen in the first place” and should have been “kept in cold storage.” Mixin founder Xiaodong Feng announced that the company would compensate users “up to a maximum of 50%” for the stolen assets. The remainder would be distributed to users as “tokenized liability claims” that Mixin would eventually repurchase “with its future profits.”

The Larger Implications

The Mixin Network hack serves as a stark reminder of the vulnerabilities that exist within the cryptocurrency ecosystem. Cyvers Alerts emphasized the need to strengthen cybersecurity measures to prevent future incidents of this nature. The incident has sparked concern in the crypto community, given the recent spate of similar hacks.

SlowMist Report: 10 Crypto Incidents Unveiled

The blockchain and cryptocurrency domain continues to battle against a variety of security threats, as elucidated in the SlowMist Weekly Security Report for the period October 1 – October 7, 2023. The report sheds light on ten distinct security incidents impacting entities across the spectrum, from individual token ventures to large-scale platforms, underlining the financial toll exerted by these attacks.

Statistical Overview

Total Security Incidents: 10

Noteworthy Trend: A surge in DNS Hijacking Attacks and Discord compromises.

Severe Impact: Stars Arena bearing the brunt with a loss approximating $3,000,000.

Incident Breakdown

1. Galxe (2023-10-06): A case of unauthorized access via DNS hijacking led to the misappropriation of visitors’ funds, affecting 1,120 users, with a financial fallout of around $270,000.

2. MCT (2023-10-06): DNS domain hijacking unfolded, enabling the potential upload of private keys to a fraudulent domain. Though the loss remains undisclosed, precautionary actions were advised.

3. Fake CommEx token (2023-10-06): An orchestrated liquidity withdrawal in a rug pull scenario saw the deployer walking away with approximately $154,000.

4. Friend.tech (2023-10-05): Four users were subjected to SIM card swap attacks, resulting in a collective loss nearing $385,000.

5. Stars Arena (2023-10-05): A glaring security breach within the platform’s smart contract framework led to a heist of about $3,000,000.

6. DePay (2023-10-05): The platform endured a flash loan attack, albeit with a relatively minor loss of $827.

7. Metropolis World (2023-10-05): The compromise of the platform’s Discord server was reported, though the loss hasn’t been quantified.

8. GEMIE (2023-10-02): A hack on the Discord server led to the distribution of phishing links. The users were cautioned against interaction, with the loss yet to be specified.

9. VendX (2023-10-02): Similar to Metropolis World and GEMIE, VendX’s Discord server fell prey to compromising activities.

10. Fake EigenLayer Token (2023-10-01): An exit scam on a counterfeit token resulted in a windfall for the deployer, with losses accumulating to around $300,000.

Recommendations

In light of the persistent menace of social engineering and phishing forays, coupled with smart contract vulnerabilities, the crypto community is urged to exercise vigilance. The diverse nature of the attacks spotlighted this week emphasizes the indispensability of robust, multi-faceted security strategies. While certain entities suffered crushing financial setbacks, others showcased prompt response mechanisms to curb potential damages. The report accentuates that regular testing and updates, alongside cautious interaction with digital platforms, are cardinal in diluting security risks.

Stars Arena Tightens Security Following $3M Exploit

In the wake of a damaging security breach that saw a loss of nearly $3 million, Stars Arena, an Avalanche-based Web3 social media application, has taken significant steps to bolster its security infrastructure and restore users’ trust. Following the exploit on October 6, 2023, the company has moved its funds to a more secure multisig wallet, launched an extensive security audit, and employed a white hat team to assess and enhance the platform’s security measures.

On October 7, 2023, Stars Arena updated its followers on the remedial steps being taken post-exploit. The funds were transferred from the original fee wallet to a new Gnosis Safe multisig wallet, requiring three out of six signatures from the Stars Arena team members for transactions. This wallet, identified by the address 0xAc0388Fe24D65358f2fF063ebCbEfa321A2a091d, is part of the security infrastructure overhaul aimed at preventing future breaches.

Stars Arena has successfully secured resources to cover the financial void left by the exploit, which equated to a loss of 266,103 Avalanche (AVAX) tokens, translating to almost $3 million at the time. The disclosure about the financial cover-up and the introduction of a white hat team for a rapid security review were made on the social media platform X (formerly Twitter). The white hat team is expected to scrutinize the platform’s security before reopening the contract to the users.

Blockchain security firm SlowMist traced the hacker’s activities, establishing that the stolen AVAX tokens were transferred to the address (0xa2Eb…ad7A), and a portion of these tokens, 50.32 AVAX, was later moved to the Fixed Float crypto exchange on October 6. The tracking of the stolen funds and the hacker’s activities is ongoing as the community seeks to recover the lost funds and bring the perpetrator(s) to justice.

Amidst these developments, Stars Arena has advised users against depositing any new funds until the security audit is complete and the platform’s contract is reopened. The advisory underscores the platform’s commitment to securing users’ assets while the necessary security enhancements are being implemented.