Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Crypto Theft. Show all posts
United States
Crypto Theft Cyber Crime DOJ Fraud Campaign United States

Crypto Crime Shocker: DOJ Charges 27 In $263 Million Crypto Theft

 

A multi-national cryptocurrency fraud ring that allegedly defrauded victims worldwide over a quarter of a billion dollars has come under increased scrutiny from the US Department of Justice (DOJ). 

The case now has 27 defendants in total after the charges were filed under the Racketeer Influenced and Corrupt Organisations Act (RICO). Malone Lam, a 20-year-old who is at the centre of the investigation, is charged with planning one of the biggest individual cryptocurrency thefts in American history. 

Lam is suspected of stealing over 4,100 Bitcoin, or about US $230 million, from a single victim in Washington, DC. Lam, who went by multiple internet aliases such as "Anne Hathaway" and "$$$," is accused of collaborating with Jeandiel Serrano (also known as "VersaceGod") to carry out a complex social engineering attack on a guy identified as an extremely wealthy early crypto investor. 

After bombarding the victim with phoney Google security warnings warning of unauthorised login attempts, Lam and Serrano are said to have called the guy and impersonated Google support professionals. Investigators say they misled the victim into revealing multi-factor authentication codes, allowing them to access his accounts and steal a fortune in cryptocurrency. 

Following the theft, Lam and Serrano are accused of laundering the stolen funds in a variety of ways and using their wealth to fund a lavish lifestyle. Lam is claimed to have bought at least 31 expensive cars, including custom Lamborghinis, Ferraris, Porsches, Mercedes G Waggons, a Rolls-Royce, and a McClaren, some of which were worth more than $3 million. He also rented many high-end residences in Los Angeles and Miami, some for up to $68,000 per month, and spent hundreds of thousands of dollars on nightclub trips. 

Now, the DOJ has revealed that more defendants have been indicted in connection with the racketeering scheme. According to court documents, the defendants, who met through online gaming platforms, performed a variety of roles, including database hackers, organisers, target identifiers, callers, money launderers, and burglars who physically broke into victims' homes to steal their hardware cryptocurrency wallets. 

According to court documents, one of the defendants, 21-year-old Joel Cortes of Laguna Niguel, California, assisted members of the gang by "changing stolen virtual currency into fiat currency and shipping the currency across the United States, hidden in squishmallow stuffed animals, each containing approximately $25,000 apiece.” 

When it came to drawing attention to themselves, other gang members allegedly adopted Lam's strategy by, among other things, renting private jets, buying luxury handbags valued at tens of thousands of dollars to give to young women they deemed attractive, and paying up to US $500,000 per night for nightclub services.

Lam is accused of continuing to engage with the group even after his arrest in September 2024, assisting them in stealing cryptocurrencies and arranging for his claimed associates to purchase luxury Hermes Birkin handbags for his girlfriend in Miami, Florida. 

This case serves as a stark reminder of the ever-increasing confluence of cyber fraud and psychology. While the crypto technology is new, the scam is old as time: acquire trust, play the long game, and walk away with the loot.
Read more »
Ransomware
Block Chain Crypto Theft Cyber Security North Korea Ransomware

North Korean Actors Behind $600M in Crypto Thefts: TRM Labs


North Korean Hackers

According to a TRM Labs analysis, hackers with ties to North Korea were responsible for one-third of all cryptocurrency exploits and thefts last year, taking away about $600 million in cash.

The blockchain analytics company claimed on Friday that the amount takes the Democratic People's Republic of Korea's (DPRK) total revenue from cryptocurrency initiatives to about $3 billion over the previous six years.

Nevertheless, according to Ari Redbord, head of legal and government affairs at TRM, the amount is roughly 30% lower than in 2022. Actors with ties to the DPRK stole about $850 million that year, "a huge chunk" of which came from the Ronin Bridge exploit, Redbord said. 

Current Scenario

The latter few months of 2023 saw the majority of the stolen money seized.

"They're clearly attacking the crypto ecosystem at a really unprecedented speed and scale and continue to take advantage of sort of weak cyber controls," said Redbord. Many of the attacks continue to use so-called social engineering, allowing the perpetrators to acquire private keys for projects, he said.

TRM links around $200 M in stolen funds to North Korea last year. The fact that the earnings of North Korean attacks go toward the development of WMDs raises worries about national security and sets them apart from other attacks.

Stolen Money: 2023

In 2023, the total amount of money obtained through hacking was approximately $1.7 billion, as opposed to $4 billion, which was taken the year before.

Redbord gave multiple reasons for the decline. Less significant hacks, such as the Ronin theft in 2022, have occurred. Other contributing factors include stronger cybersecurity measures, effective law enforcement initiatives, and, to a lesser degree, price volatility in the previous year.

During a recent trilateral meeting over North Korea's WMD efforts, national security officials from the United States, the Republic of Korea, and Japan brought up these concerns directly.

"North Korean hackers are different, because it's not for greed or money or the typical hacker mentality; it's about taking those funds and using them for weapons proliferation and other types of destabilizing activity, which is a global threat," Redbord said. "And that's why there's such a focus on it from a national security perspective."
Read more »
Orbit Chain
Crypto Hack Crypto Theft Cyber Crime Orbit Chain

Orbit Chain Loses $86M in Cross-Chain Bridge Hack

 

Orbit Chain, a South Korean platform designed to act as a multi-asset blockchain hub, revealed a massive breach on December 31, 2023. The company disclosed an "unidentified access to Orbit Bridge," its decentralised cross-chain technology, which resulted in the theft of more than $80 million in cryptocurrency. 

Orbit Chain revealed specifics of the theft in a series of posts on X, saying the hacker employed cryptocurrency mixer Tornado Cash to fund an initial Ethereum wallet before attacking Orbit Chain's Ethereum vault. Last year, Tornado Cash made headlines when its co-founders were charged with money laundering. 

The stolen funds were then transferred to a number of Ethereum wallets. Orbit Chain's Bridge balance fell from $115 million to $31 million between December 31 and January 1, according to blockchain analytics company Arkham Intelligence. Orbit Chain stated in a post on X earlier this week (2 January) that the stolen assets "remain unmoved" at the time of publishing and that the team is constantly tracking the stolen funds. 

“Orbit Chain team has developed a system for investigation support and cause analysis with the Korean National Police Agency and KISA (Korea Internet and Security Agency), enabling a more proactive and comprehensive investigation approach. Furthermore, we are also discussing close cooperation with domestic and foreign law enforcement agencies,” the firm explained in a post. “We sincerely request that all members of the Orbit Chain community and the Web3 ecosystem help spread this information as widely as possible.” 

Crypto turmoil

Over the past few years, the crypto industry has come under more scrutiny; many have dubbed it an unregulated "wild west." Particularly in 2023, there were several widely reported crypto attacks. Hackers exploited vulnerable code to steal an estimated $197 million from the UK-based cryptocurrency platform Euler Finance in March. The money was later refunded by the hackers, though.

In the meantime, a significant hack on the Ethereum-based cryptocurrency exchange Curve occurred in July 2023. A few months later, in September, a report published by the blockchain analytics firm Elliptic claimed that the well-known North Korean hacker group Lazarus had stolen nearly $240 million in cryptocurrency in less than four months. 

Apart from cybercriminal attacks, the crypto business has received attention for the exploits of its own executives. Sam Bankman-Fried, the founder of crypto exchange FTX, was likely the most notorious, having been convicted of conspiracy to conduct wire fraud and money laundering. Binance CEO Changpeng Zhao pleaded guilty to federal money-laundering crimes in November 2023.

Despite all of this illicit activity, efforts have been made to regulate this unregulated industry. Markets in Crypto Assets, often known as MiCA, was passed by EU lawmakers in April of last year as a major piece of legislation for managing and preserving the crypto industry. 

The legislation went into effect in June 2023 and is now in the implementation phase, which involves consultations on a variety of technical standards. The European Securities and Markets Authority intends to submit the proposed technical standards for approval to the European Commission by June 30, 2024.
Read more »
Harpie
Crypto scams Crypto Theft Cyber Security Harpie

Harpie Launches Proactive Mechanism to Stop Crypto Theft

 
Last year, hackers, mainly from North Korea, stole a whopping $3.8 billion in cryptocurrency, making it the worst year ever for crypto theft, according to experts at Chainalysis, a company that tracks cybercrime. This is a significant jump from the $3.3 billion stolen in 2021. A secret United Nations report also revealed that North Korea stole more cryptocurrency in 2022 than in any other year. Most of the money that was lost comes from decentralized finance, but almost anyone can be a victim of crypto scams. 

Amid the COVID-19 pandemic, American investors directed millions into cryptocurrencies such as bitcoin, ether, and dogecoin, anticipating substantial profits. However, a subset of these investors experienced financial setbacks as hackers targeted their digital wallets on platforms lacking robust cybersecurity measures. 

However, Harpie, a security company supported by Coinbase Ventures and Dragonfly Capital, aims to make a difference in this situation. 

Harpie is equipped with an address scanner designed to notify users about potential phishing, cybercrime, or theft attempts, with the aim of thwarting even the most advanced cyber criminals. In a significant development last October, the company introduced a crypto wallet monitoring service that provides instant alerts for suspicious transactions, serving as a proactive measure to prevent unauthorized transfers. 

Let’s Understand Does Harpie Stop Theft and Scams? 

Daniel Chong, co-founder of Harpie, explains the mechanism behind their theft and scam prevention. When a user initiates a transaction from their wallet, Harpie intervenes if any suspicious activity is detected. Drawing a parallel with how banks halt transactions when detecting unusual behavior on credit cards, Harpie adopts a similar approach, meticulously scanning each transaction leaving the user's wallet. 

The assessment is swift, typically taking around 300 milliseconds. This quick response time enables us to temporarily halt transactions before they are sent to the blockchain, allowing us to conduct thorough checks and prevent any potential issues. 

What is the Three Engines Mechanism? 

Daniel further said that the platform has a sophisticated system that quickly determines if a transaction seems suspicious or not by analyzing the information attached to it. Our advanced engine allows us to specifically block only transactions that appear to be malicious. This engine has two components: One identifies addresses that are confirmed to be good. Second flags addresses that are confirmed to be bad. 

“We maintain a database of approximately one million verified good addresses, which are essentially addresses we have approved or whitelisted for secure transactions”, Daniel further added. 

Additionally, the platform possesses another engine dedicated to searching for negative indicators associated with each Ethereum address. Essentially, this functions as our blacklist. 

What is the Mechanism for Registering Reports? 

Further, Denial reported that in terms of databases, the primary resources include the OFAC sanction lists, which we regularly consult. Additionally, we leverage publicly available police reports to gather relevant data, specifically focusing on wallet addresses. 

Distinguishing between regular users and potential scammers is facilitated by analyzing distinct transaction histories and on-chain behaviors. The approach involves utilizing advanced big data models to make these determinations effectively.
Read more »
Vulnerability and Exploits.
Credit Card Fraud Crypto Theft Cyber Fraud Hacktivism Law Enforcement Malicious actor Ransomware Attacks. Vulnerability and Exploits.

Hacktivists Embrace Cybercrime Tactics for Funding

Hacktivism, the fusion of hacking and activism, has become an increasingly prevalent form of online protest and advocacy. While hacktivists are driven by social or political motivations, it is crucial to understand that some of these individuals or groups fund their operations through methods commonly associated with cybercrime. Recent research has shed light on this intriguing intersection between hacktivism and cybercrime, revealing how these hacktivists leverage tactics typically associated with malicious cyber actors to finance their endeavors.

According to a report by Kela, a cybersecurity intelligence firm, hacktivists have been exploring avenues beyond traditional donations to secure the resources they need. The report highlights instances where hacktivist groups engage in activities such as ransomware attacks, cryptocurrency theft, and credit card fraud. These illicit activities provide them with a substantial financial influx, enabling them to sustain and amplify their campaigns.

One alarming example involves the deployment of ransomware by certain hacktivist factions. By encrypting valuable data and demanding ransom payments, these groups not only fund their endeavors but also attract attention to their causes through the media coverage generated by such attacks. This fusion of monetary gain and ideological motivation blurs the lines between hacktivism and cybercrime, leaving security experts and law enforcement agencies grappling with multifaceted challenges.

Cybersecurity news sources note that hacktivists have started using strategies frequently used by cybercriminals, taking advantage of the same flaws in software and systems. This confluence of techniques not only makes identification more difficult, but also emphasizes the need for an all-encompassing response to these changing threats.

The line between hacktivists and hackers has become increasingly complex in light of these developments. The intentions behind these efforts are essential in separating hacktivist behavior from that of malicious hackers. While hacktivists aim to advance social or political causes, their strategies are becoming more and more like those of cyber criminals.

It is crucial that cybersecurity experts, policymakers, and society at large handle these new concerns as the digital landscape continues to change. A nuanced viewpoint is crucial, as Dr. Jane Mitchell, a cybersecurity expert, emphasizes: "Formulating effective strategies that balance security concerns with the legitimate grievances that hacktivist groups frequently spotlight is essential."

Digital activism has undergone a substantial change as a result of the fusion of hacktivism and criminal strategies. Now using standard cybercrime techniques to fund their operations, hacktivist groups were largely concentrated on ideological campaigns. 

Read more »
Online Hack
Crypto Theft Crypto Wallet Cyber Crime North Korean Hackers Online Hack

Notorious Lazarus Hacking Outfit Linked to a $60 Million Alphapo Crypto Theft

 

The latest attack on payment processing site Alphapo, in which the attackers stole over $60 million in cryptocurrency, is attributed by blockchain researchers to the North Korean Lazarus hacker gang.

The hack on Sunday, July 23rd, targeted Alphapo, a centralised cryptocurrency payment provider for gaming websites, e-commerce subscription services, and other online platforms. The initial sum stolen is thought to have been $23 million. Over 6 million USDT, 108k USDC, 100.2 million FTN, 430k TFL, 2.5k ETH, and 1,700 DAI were stolen from hot wallets, most likely as a result of a private key leak. The total cash taken from Alphapo has already reached $60,000,000, according to data from Dune Analytics, which was also spotted by renowned crypto chain investigator "ZackXBT" earlier this week. 

Furthermore, ZackXBT claimed that the heist looks to have elements of a Lazarus attack and supported the claim by stating that Lazarus leaves "a very distinct fingerprint on-chain," but no additional information was provided. 

The $35 million Atomic Wallet theft, the $100 million Harmony Horizon hack, and the $617 million Axie Infinity theft were all attributed to the North Korean threat actor known as The Lazarus Group, which has ties to the North Korean government. 

Typically, Lazarus employs fake job offers to tempt employees of crypto companies to open malicious files, compromise their devices, and steal their login information.

This opens up a potential attack route into the victim's employer's network, where they can gain access without authorization and meticulously plan and carry out expensive attacks. 

Laundering attempts were made through Bitget, Bybit, and other services, according to analysts monitoring the flow of stolen money to cryptocurrency exchanges. Lazarus is also renowned for utilising specialised services for mixing small amounts of cryptocurrencies. 

The attackers probably took the private keys that gave them access to the wallets, Dave Schwed, COO of the blockchain security firm Halborn, stated.

"While we lack specifics, it seems that the alleged "hack" likely pertains to the theft of private keys. This inference comes from observing the movement of funds from independent hot wallets and the sudden halting of trading," he explained. "Moreover, the subsequent transactions have led ZachXBT, a renowned "on-chain sleuth", to surmise that North Korea's notorious Lazarus group is the perpetrator of this attack. Given their history of similar exploits, I find myself agreeing with this theory."
Read more »
Two Factor Authentication
Blockchain Crypto Crypto Crime Crypto Theft Data Breach. Developers Two Factor Authentication

Over $30 Billion Stolen from Crypto Sector, Reveals SlowMist's

A recent report by cybersecurity firm SlowMist has uncovered a shocking revelation regarding the vulnerability of the crypto sector. According to the report, blockchain hacks have resulted in the theft of over $30 billion from the cryptocurrency industry since 2012. This alarming figure highlights the pressing need for enhanced security measures within the blockchain ecosystem.

The report from SlowMist, a renowned cybersecurity company specializing in blockchain technology, brings to light the magnitude of the problem facing the crypto sector. The findings emphasize the urgent requirement for robust security protocols to safeguard digital assets and protect investors.

The report reveals that hackers have been successful in exploiting vulnerabilities across various blockchain networks, resulting in significant financial losses. SlowMist's research indicates that these attacks have been carried out through a range of methods, including exchange hacks, smart contract vulnerabilities, and fraudulent schemes.

One of the primary areas of concern is the vulnerability of cryptocurrency exchanges. These platforms serve as a vital link between users and their digital assets, making them lucrative targets for hackers. SlowMist's report highlights the need for exchanges to prioritize security measures and implement robust systems to safeguard user funds.

The rise in smart contract-based attacks has also been a cause for concern. Smart contracts, which automate and facilitate transactions on blockchain platforms, have been exploited by hackers who identify vulnerabilities within the code. This highlights the need for thorough security audits and ongoing monitoring of smart contracts to prevent potential breaches.

Industry experts emphasize the significance of preemptive actions to thwart these threats in response to the report's conclusions. Renowned blockchain security expert Jack Smith emphasizes the value of ongoing surveillance and quick response mechanisms. According to him, "It is crucial for crypto companies to prioritize security and adopt a proactive approach to identify and mitigate vulnerabilities before hackers exploit them."

The report also highlights the demand for a greater user understanding of cryptocurrencies. If consumers don't employ prudence when transacting with and holding their digital assets, even the most comprehensive security measures won't be enough. By educating people about best practices, like as using hardware wallets and turning on two-factor authentication, the danger of being a victim of hacking efforts can be greatly decreased.

The cryptocurrency industry has grown rapidly in recent years, drawing both investors and bad actors looking to take advantage of its weaknesses. The SlowMist report is a wake-up call, highlighting the critical need for better security procedures to protect the billions of dollars invested in the sector.

The adoption of more robust security measures must continue to be a primary focus as the blockchain sector develops. The report's conclusions underscore that everyone is accountable for building a secure ecosystem that promotes trust and protects against possible dangers, including blockchain developers, cryptocurrency exchanges, and individual users.



Read more »
Økokrim
Axie Infinity Hack Crypto heist Crypto Theft cryptocurrency Cyber Fraud Norwegian Authority Økokrim

Norwegian Authority Recovers Crypto Stolen in the North Korea Based Axie Heist


Civil authorities in Norway have announced this Thursday that they have recovered $5.9 million worth cryptocurrency. This enormous amount of crypto was apparently stolen in the Axie Infinity hack, largely believed to have been caused by the Lazarus Group, which as its ties to North Korea. 

According to the Norwegian National Authority of Investigation and Prosecution of Economic and Environmental Crime (Økokrim), this seizure is the largest-ever cryptocurrency-related money seizure ever made by Norway. 

"Økokrim are experts at following the money. This case shows that we are also good at following the money on the blockchain even though criminals use advanced techniques to avoid detection," says Marianne Bender, a senior public prosecutor. 

The firm added that that it would work in collaboration with Sky Mavis, owner of Axie Infinity game in order to get the funds back to its victims. 

Axie Infinity gives players the chance to win Ethereum. Its "flagship offering," according to Sky Mavis, is the "#1 game on Ethereum by daily, weekly, and monthly active players. 

Attackers who had access to five out of the nine private keys used by the transaction validators for Ronin Network, the Ethereum-based DeFi decentralized finance platform utilized by Sky Mavis, were able to steal $620 million in March 2022. The game, publisher describes its Ronin side chain as "a tool that allows game developers to deliver the benefits of blockchain to their players without any of the complications.

"Upon gaining access to the organization, the attackers approved cryptocurrency transactions and started promptly transferring the funds through the Ethereum-based cryptocurrency mixer Tornado Cash, which is currently the target of US sanctions. In September 2022, around $30 million worth of illicit proceeds were discovered and seized by US officials. 

The FBI and Økokrim allegedly collaborated to recover an additional $5.9 million. "This is money that can be used to finance the North Korean regime and their nuclear weapons program. It has therefore been important to trace the cryptocurrency and try to stop the assets from being converted into regular currency," explained Bender. 

More Crypto Comeuppance 

Cryptocurrency thieves with ties to the Korean peninsula had a tough day on Thursday. The same day, Terraform Labs and its wanted fugitive chief, South Korean national Do Kwon, were accused of scamming investors by the US Securities and Exchange Commission (SEC). 

"We allege that Terraform and Do Kwon failed to provide the public with full, fair, and truthful disclosure as required for a host of crypto asset securities, most notably for LUNA and Terra USD[…]We also allege that they committed fraud by repeating false and misleading statements to build trust before causing devastating losses for investors," says SEC chairman Gary Gensler. 

Moreover, the collapse of Terraform Labs' TerraUSD “stablecoin” and linked “Luna” tokens sparked the so called “crypto winter.” Since the cryptocurrency's value was tied to the US dollar, the crash was portrayed as being impossibly unlikely. But, that was not the case, and as a result, a lot of investors lost a loads of money. 

Apparently, Kwon has fled with the last known address in Singapore. While, the city-state claims he left the island in September 2022. His passport was revoked by the South Korean government and he has since been added to Interpol's Red Notice list. 

While this is going on, Terraform Labs continues announcing new findings as if it had not nearly brought about the end of the world. With its TerraLuna ecosystem, it introduced a decentralized automation layer function yesterday.  

Read more »
Subscribe to: Posts (Atom)