Search This Blog

Showing posts with label DeFi. Show all posts

DeFiChain: DeFi Boosts with Decentralized Assets

 

Decentralized Finance (DeFi), based on Blockchain and Cryptocurrency, has emerged as a prominent technology. It has grown to become an alternative to the traditional centralized system that relies on financial intermediaries like banks for exchanges or financial transactions. It uses ‘Smart Contracts’ on Blockchain-based technology, allowing users a new way to invest, trade, sell, loan or exchange. 

Limitation of Decentralized Finance (DiFi)

Operating as a small financial system in an emerging global movement, DeFi has become visibly popular in the past few months. Decentralized Finance, via Blockchain, has led to an increase in financial security and transparency for users. From lending and borrowing platforms to stablecoins and tokenized BTC, the DeFi ecosystem has been able to launch a network of integrated protocols and financial instruments, that are now worth over $13 billion of value locked in Ethereum Smart Contracts. 

However, along with its advantages, there are some limitations of Decentralized Finance. DeFi being a decentralized system does not allow centralized assets to interact, such as stock options, commodities, and indices. 

What is DefiChain?

DeFiChain comes as a rescue for Decentralized Finance. DeFiChain is a Blockchain system specifically dedicated to Decentralized financial applications by introducing decentralized assets, it bridges the gap with the centralized assets without compromising their DeFi platform with centralism. 

A decentralized asset, also termed as dAsset or dToken, is a token on the DeFiChain blockchain that provides you a price exposure to real-world stocks. For instance, for the stocks, TSLA, APPL, FB, there exist dTSLA, dAPPL, dFB, each of which attempts to mirror the price of the real stock. 

These creations can thus allow the DeFiChain user to buy decentralized assets, so now the user is provided with a method of trading stocks on a decentralized system. DeFiChain has now become a groundbreaking system for investors. While a traditional investor, after buying stocks, will only be able to make money once he has earned profit from the stocks. Once a user buys one of their dToken assets, they will be able to put that into a liquidity mining pool. This will not only enable the investor to make a profit from their dToken when it goes up in value, but also make passive income from their dAssets. 
 
DeFiChain, with the introduction of decentralized assets (dAssets), has changed the game for Decentralized finance. With incredible user benefits, be it the decentralization of assets or making incredible passive income, DeFiChain is emerging as a prominent blockchain ecosystem.

FBI: Hackers use DeFi Bugs to Steal Cryptocurrency

 


Investors are being warned by the FBI that hackers are increasingly using Decentralized Finance (DeFi) platform security flaws to steal cryptocurrency.

According to the PSA, which was posted on the FBI's Internet Crime Complaint Center (IC3) today, nearly 97% of the $1.3 billion in bitcoin that was stolen between January and March 2022 came via DeFi sites. This represents a big increase from 72% in 2021 and roughly 30% in 2020, according to projections by the FBI.

The FBI urges people to be aware of the hazards, seek professional assistance if they are unsure, and research the security and general business practices of DeFi providers. Additionally, we all refer to DeFi providers as exchanges, markets, and other websites where you may buy, sell, trade, and borrow bitcoins and other digital assets.

The FBI's warning is due to a Chainalysis analysis from April that revealed how, per Q1 2022 statistics, DeFi cryptocurrency platforms are currently more targeted than ever.

In the majority of occurrences, the hackers rely on using security flaws in their platform's code or unauthorized access to drain cryptocurrency to addresses under their command.

According to Chainalysis, the threat actors responsible for these attacks used dangerous laundering services, like unlawful exchanges and coin tumblers on the dark web, to re-launder the majority of the stolen funds in 2022.

The FBI's alert provides investors with guidance that begins with basic cautions about performing due diligence before investing and then suggests the following:

Before investing, research DeFi platforms, protocols, and smart contracts and be aware of the dangers associated with DeFi investments.

Verify whether the DeFi investment platform has undergone one or more code audits done by impartial auditors. A code audit normally entails carefully examining and studying the platform's underlying code to find any flaws or vulnerabilities that might impair the platform's functionality.

Be wary of DeFi investment pools with short join windows and quick smart contract rollouts, especially if they don't perform the advised code audit.

Be mindful of the potential risks crowdsourced solutions pose for finding and patching vulnerabilities. Open source code repositories give anyone, even those with malicious intent, unauthorized access.

This year, no DeFi-taken monies have been reimbursed, indicating that attackers are less interested in protecting their stolen assets than they were in 2021 when almost 25% of all cryptocurrency stolen via DeFi platforms was eventually recovered and given to the victims.

The FBI established a link between the Lazarus and BlueNorOff (also known as APT38) North Korean threat organizations and the April attack of Axie Infinity's Ronin network bridge, now the largest crypto hack ever.

The $611 million breach of the decentralized merge protocols and network Poly System in August 2021 was the most significant cryptocurrency theft to date.




MM.Finance, a DeFi platform, Had More Than $2 Million Stolen

 

In a Domain Name System (DNS) attack, hackers decided to retrieve $2 million worth of digital assets, as per MM.Finance. It is a DeFi ecosystem with the largest decentralized exchange on the Cronos blockchain. 

Hackers target the reliability or integrity of a network's DNS service in these attacks. The attacker could "inject a malicious contract address into the frontend code," as per the team behind MM.Finance, which bills itself as the world's largest decentralized finance ecosystem on the Cronos blockchain. "Attacker changed the network contract address in our hosted files via a DNS vulnerability." In a Medium post-mortem, the business claimed, "We understand that some of you have suffered considerable sums and are filled with anxieties and despair." 

After completing swaps or adding and deleting liquidity on the MM.Finance site starting on May 4, users lost money. "The malicious router kicked in and the LPs were withdrawn to the attacker's address when victims navigated to mm. finance to remove liquidity," the company revealed. MM.Finance has offered the attacker 48 hours to refund 90% of the stolen funds, warning that if the deadline is not met, it will notify the FBI. 

The attacker made off with more than $2 million in cryptocurrencies before laundering it all through Tornado Cash, a service that allows users to hide the source of their payments. The company is forming a compensation fund for anyone affected, and the platform's creators have stated that they will forego its part of trading revenue to pay the losses. The reward pool will be open for 45 days, with a procedure in place to reimburse individuals that participate. 

The company said it linked the seized assets to the OKX exchange in follow-up postings on Twitter, threatening to contact the FBI if the funds were not restored. OKX's CEO stated that the company is looking into the matter. According to DeFi Llama data, liquidity is still strong, with $804 million in total worth locked up (TVL).

Hackers in Dprk use Trojanized DeFi Wallet App to Steal Bitcoin

 

North Korean government-linked hackers have now been circulating a trojanized version of a DeFi Wallet for holding bitcoin assets to obtain access to cryptocurrency users' and investors' systems.

Securing economic benefits is one of the primary motives for the Lazarus threat actor, with a focus on the cryptocurrency industry. The Lazarus group's targeting of the financial industry is increasing as the price of cryptocurrencies rises and the appeal of the non-fungible asset (NFT) and decentralized finance (DeFi) enterprises grows.

In this attack, the threat actor used web servers in South Korea to distribute malware and communicate with the implants that had been placed. Kaspersky Lab researchers recently identified a malicious version of the DeFi Wallet software that installed both the legal app and a backdoor disguised as a Google Chrome web browser executable. When the trojanized DeFi application was launched on the machine, it introduced a full-featured backdoor with a compilation date of November 2021. It's unknown how the hackers spread the word, but phishing emails or contacting victims through social media are both possibilities. 

Although it's not clear how the threat actor persuaded the victim to run the Trojanized program (0b9f4612cdfe763b3d8c8a956157474a), it is believed they used a spear-phishing email or social media to contact the victim. The Trojanized application initiates the previously unknown infection technique. This installation package masquerades as DeFi Wallet software, but it actually contains a legal binary that has been packed with the installer. 

The virus installed in this manner, as per the researchers, has "sufficient capabilities to manage" the target host by issuing Windows commands, uninstalling, starting or killing processes, enumerating files and related information, or connecting the computer to a particular IP address. 

The malware operator can also collect relevant data (IP, name, OS, CPU architecture) and the discs (kind, free space available), files from the command and control server (C2), and retrieve a list of files stored in a specified area using additional functionalities. According to Japan CERT, the CookieTime malware group known as LCPDot has been linked to the DPRK operation Dream Job, which enticed victims with phony job offers from well-known firms. 

Google's Threat Analysis Group (TAG) revealed recent activity related to Dream Job earlier this month, finding North Korean threat actors used a loophole for a zero-day, remote code execution bug in Chrome to aim at people working for media, IT companies, cryptocurrency, and fintech companies. "The CookieTime cluster has linkages with the Manuscrypt and ThreatNeedle clusters, which are also attributed to the Lazarus organization," Kaspersky adds. 

The links between the current trojanized DeFiWallet software and other malware attributed to North Korean hackers go beyond the virus code to the C2 scripts, which overlap many functions and variable names. It's worth mentioning that Lazarus is the umbrella name for all state-sponsored North Korean threat operations. Within the DPRK, however, several threat groups are operating under different institutions/departments of the country's intelligence establishment. 

Mandiant analysts prepared an evaluation of the DPRK's cyber program structure using data collected over 16 months from its digital activity tracking for the entire country, OSINT monitoring, defector reporting, and imaging analysis. Targeting bitcoin heists is certainly within the scope of financially motivated units inside the country's Reconnaissance General Bureau's 3rd Bureau (Foreign Intelligence), according to their map (RGB).   

According to Chainalysis, Around $2.2 Billion was Stolen from DeFi Protocols in 2021

 

Chainalysis, a blockchain data platform, has issued a new report on cryptocurrency crime patterns, revealing that $14 billion in cryptocurrency was sent to unlawful addresses in 2021, nearly doubling the level observed in 2020. However, those figures do not tell the entire story. 

The use of cryptocurrencies is increasing quicker than ever before. Total transaction volume across all cryptocurrencies tracked by Chainalysis increased to $15.8 trillion in 2021, up 567% from totals in 2020. It's no surprise that more fraudsters are utilising cryptocurrency, given its rapid adoption. 

According to Chainalysis data, around $2.2 billion was directly stolen from DeFi protocols in 2021. Chainalysis projected that illegitimate addresses presently possess at least $10 billion in cryptocurrency as of 2022, with the majority owned by wallets involved in cryptocurrency theft, darknet markets, and frauds.  

Researchers at Chainalysis discovered that cybercriminals made 82% more money via scamming last year, raking in $7.8 billion in cryptocurrencies from victims. Chainalysis uncovered $2.8 billion from a scam known as "rug pulls" among the $7.8 billion. Developers in these scams construct seemingly genuine cryptocurrency ventures before stealing investor funds and disappearing. 

"We believe rug pulls are common in DeFi for two related reasons. One is the hype around the space. DeFi transaction volume grew 912% in 2021, and the incredible returns on decentralized tokens like Shiba Inu have many excited to speculate on DeFi tokens," Chainalysis said. "At the same time, it's very easy for those with the right technical skills to create new DeFi tokens and get them listed on exchanges, even without a code audit. Many investors could likely have avoided losing funds to rug pulls if they'd stuck to DeFi projects that have undergone a code audit – or if DEXes required code audits before listing tokens." 

Many of the high-profile attacks on DeFi exchanges in the previous year, according to Chainalysis, "may be linked back to errors in the smart contract code governing those protocols, which hackers exploit to steal funds." 

The end-of-year attack on DeFi protocol Grim Finance rounded off a tumultuous year for DeFi hacks. More than $77 million was stolen from AscendEX a week before the attack on Grim Finance. A few days before, the blockchain gaming startup Vulcan Forged said that over $140 million had been stolen from their users. 

Cybercriminals stole over $120 million from the DeFi platform Badger in November. Other 2021 incidents include the theft of about $600 million from Poly in August and $34 million from Cream Finance in September. Around $200 million was taken from the PancakeBunny platform in May.

The Hacker who Stole $16 Million of Indexed Finance, Gets Identified

 

Indexed Finance, decentralized finance (DeFi) technology that enables token holders to monitor market indices, has identified the attacker who stole their $16 million. 

On Thursday, October 14th, the DeFi protocol stated that it had been the victim of a flash loan attack in which the attacker stole $16 million. The attacker reportedly created new tokens valued for millions after overloading the system with fresh assets and causing price fluctuations. 

The Indexed team stated in a post-attack statement that the breach "was a pretty devastating one" and damaged the DEFI5 and CC10 indexes. The address utilized to take the cash, according to the investigation report, was 0xba5ed1488be60ba2facc6b66c6d6f0befba22ebe. 

Indexed Finance urged the attacker to retain 10% of the cash and refund the remainder within hours after the attack. However, once this deadline passed and an ultimatum to refund 100 percent of the stolen monies passed, the team stated that it had established connections that identified the hacker.

The team went on to explain that, while the attack was initially overlooked, investigations revealed that the attacker funded their wallet with accounts at crypto exchanges FTX and Kraken. Both exchanges required users to perform know your customer checks, which Indexed Finance was able to examine to identify the person behind the $16 million crime. 

"In the minutes before the deadline elapsed, @ZetaZeroes made changes to his accounts that have made us realize at the last minute that the attacker is significantly younger than we thought," the protocol wrote. 

Until the hacker's identity has been determined, Indexed Finance has placed a "hold" on disclosing any more information whereas an internal discussion on how best to proceed considering the hacker's age takes place. 

Nevertheless, the NDX coin is still under pressure in the marketplace, having dropped by 7% in the last week due to the attack. Currently, the token was trading at roughly $2.65 per US dollar with a -2.11% drop.