Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label DeFi Platforms. Show all posts

Hackers Steal Assets Worth $484,000 in Ledger Security Breach


Threat actors responsible for attacking Ledger’s connector library have stolen assets valued at approximately $484,000. This information was given by the blockchain analysis platform Lookonchain. Ledger has said that the security breach might have a large effect, possibly totalling hundreds of thousands of dollars, even if they are yet to confirm the actual valuation. 

Direct Impact of the Hack

According to a report by Cryptopolitan, the breach happened when malicious code was added to Ledger's Github repository for Connect Kit, an essential component that is required by several DeFi protocols in order to communicate with hardware wallets for cryptocurrencies. Every application that used the Connect Kit had issues with its front end due to the malicious code. Notable protocols affected by this security flaw were Sushi, Lido, Metamask, and Coinbase.

In regards to the incident, Ledger informed that one of its employees had fallen victim to a phishing attack, resulting in the unauthorized leak of a compromised version of the Ledger Connect Kit. The leaked code revealed the name and email address of the former employees. It is important to note that the developer was first believed to be behind the exploit by the cryptocurrency community. Ledger subsequently stated, nevertheless, that the incident was the consequence of a former employee falling for a phishing scheme.

Ledger, after acknowledging the incident, identified and removed the exploited version of the software. However, despite the swift response, the damage was already done, since the software was left vulnerable for at least two hours, in the course of which the threat actors had already drained the funds. 

The company acted promptly, identifying and removing the harmful version of the software. However, despite Ledger’s quick response, the damage had already been done in approximately two hours, during which the hackers drained funds.

Broader Implications for the DeFi Community

This incident has raised major concerns regarding the security infrastructure of decentralized applications. DeFi protocols frequently rely on code from multiple software providers, including Ledger, which leaves them vulnerable to multiple potential points of failure.

This incident has further highlighted the significance of boosting security protocols across the DeFi ecosystem.

The victims who were directly affected by the attack included users of services such as revoke.cash. Also, the service normally used in withdrawing permissions from DeFi protocols following security breaches was compromised. Users who were trying to protect their assets were unintentionally sent to a fraudulent token drainer, which increased the extent of the theft.  

BitBrowser Hackers Launder 70.6% of Stolen Funds

Hackers were able to transfer a remarkable 70.6% of the stolen BitBrowser cash through the eXch crypto mixer in a recent cyber robbery that startled the cryptocurrency world. Concerns regarding the security of digital assets and the increasing sophistication of thieves have been sparked by this bold action.

The attack, which targeted BitBrowser, a decentralized finance (DeFi) platform, first came to light when users reported unauthorized transactions and missing funds. The hackers managed to siphon off a substantial amount of cryptocurrency before the breach was discovered. According to reports, the stolen funds included 236 ETH (Ethereum), which were promptly moved through the eXch crypto mixer to obfuscate their origins.

The eXch crypto mixer, known for its privacy-centric features, allows users to mix their cryptocurrencies with those of other users, making it difficult to trace the source of the funds. This tool has become increasingly popular among hackers looking to launder stolen digital assets.

The BitBrowser hack and subsequent use of the eXch crypto mixer highlight the ongoing battle between cybersecurity experts and cybercriminals. As blockchain technology and cryptocurrencies gain mainstream adoption, they also attract malicious actors seeking to exploit vulnerabilities.

Cybersecurity experts and law enforcement agencies are working tirelessly to track the stolen funds and identify the hackers responsible. However, the use of crypto mixers and other privacy-enhancing tools complicates these efforts. These tools are not inherently illegal, as they also serve legitimate purposes, such as protecting user privacy and enhancing fungibility in cryptocurrencies.

This incident underscores the importance of robust security measures for cryptocurrency platforms and the need for continued innovation in the field of blockchain forensics. Blockchain analysis companies are developing advanced techniques to trace the flow of cryptocurrencies through mixers and dark web marketplaces, but it remains a challenging endeavor.

Cryptocurrency exchanges and DeFi platforms must prioritize security and invest in state-of-the-art cybersecurity measures to protect their users' assets. Additionally, regulatory bodies around the world are tightening their grip on cryptocurrency-related activities to prevent money laundering and illegal financial activities.


DeFiChain: DeFi Boosts with Decentralized Assets

 

Decentralized Finance (DeFi), based on Blockchain and Cryptocurrency, has emerged as a prominent technology. It has grown to become an alternative to the traditional centralized system that relies on financial intermediaries like banks for exchanges or financial transactions. It uses ‘Smart Contracts’ on Blockchain-based technology, allowing users a new way to invest, trade, sell, loan or exchange. 

Limitation of Decentralized Finance (DiFi)

Operating as a small financial system in an emerging global movement, DeFi has become visibly popular in the past few months. Decentralized Finance, via Blockchain, has led to an increase in financial security and transparency for users. From lending and borrowing platforms to stablecoins and tokenized BTC, the DeFi ecosystem has been able to launch a network of integrated protocols and financial instruments, that are now worth over $13 billion of value locked in Ethereum Smart Contracts. 

However, along with its advantages, there are some limitations of Decentralized Finance. DeFi being a decentralized system does not allow centralized assets to interact, such as stock options, commodities, and indices. 

What is DefiChain?

DeFiChain comes as a rescue for Decentralized Finance. DeFiChain is a Blockchain system specifically dedicated to Decentralized financial applications by introducing decentralized assets, it bridges the gap with the centralized assets without compromising their DeFi platform with centralism. 

A decentralized asset, also termed as dAsset or dToken, is a token on the DeFiChain blockchain that provides you a price exposure to real-world stocks. For instance, for the stocks, TSLA, APPL, FB, there exist dTSLA, dAPPL, dFB, each of which attempts to mirror the price of the real stock. 

These creations can thus allow the DeFiChain user to buy decentralized assets, so now the user is provided with a method of trading stocks on a decentralized system. DeFiChain has now become a groundbreaking system for investors. While a traditional investor, after buying stocks, will only be able to make money once he has earned profit from the stocks. Once a user buys one of their dToken assets, they will be able to put that into a liquidity mining pool. This will not only enable the investor to make a profit from their dToken when it goes up in value, but also make passive income from their dAssets. 
 
DeFiChain, with the introduction of decentralized assets (dAssets), has changed the game for Decentralized finance. With incredible user benefits, be it the decentralization of assets or making incredible passive income, DeFiChain is emerging as a prominent blockchain ecosystem.

FBI Alerts of Rise in Attacks Targeting DeFi Platforms

 

The FBI is alerting of an increase in cryptocurrency theft attacks on decentralised finance (DeFi) platforms.

According to the agency, criminals are exploiting the increased interest in cryptocurrency, as well as the complex functionality and open-source nature of DeFi platforms, to carry out nefarious activities.

According to the FBI, cybercriminals are stealing virtual currency and causing investors to lose money by utilising security flaws in the smart contracts that govern DeFi platforms. Smart contracts, defined as self-executing contracts containing the terms of an agreement between a buyer and a seller within their lines of code, are present throughout the decentralised blockchain network.

DeFi platforms accounted for roughly 97% of the $1.3 billion in cryptocurrencies stolen by cybercriminals between January and March 2022, an increase from 72% in 2021 and 30% in 2020.

According to the FBI, cybercriminals have also initiated flash loans to trigger an exploit in the DeFi platform's smart contracts (resulting in $3 million in cryptocurrency losses), exploited a signature verification bug in a DeFi platform's token bridge (resulting in $3 million in cryptocurrency losses), and tampered cryptocurrency price pairs (to steal $35 million in cryptocurrency).

Before investing, investors should research DeFi platforms, protocols, and smart contracts to identify potential risks and ensure that the DeFi investment platform's code has been audited at least once.

Furthermore, they should be cautious of DeFi investment pools with short timeframes for joining and rapid deployment of smart contracts, as well as the dangers posed by crowdsourced solutions in terms of bug hunting and patching.

According to the FBI, DeFi platforms should implement real-time analytics, monitoring, and code testing to address vulnerabilities and possibly shady activity, as well as an incident response plan that includes informing investors of any suspicious activity, including smart contract exploitation.

DeFi Protocol Cream Finance Suffers a $130 Million Hack

 

Cream Finance, an Ethereum-based lending and borrowing protocol, has suffered a loan flash assault, losing over $130 million worth of ether and ERC-20 tokens. 

According to Peckshield, a block security firm, threat actors exploited a security loophole in the platform’s flash loan feature, then transferred the stolen funds to a wallet under their possession before splitting them through other wallets.

Following the assault, the value of the Cream LP tokens witnessed a substantial decline of 27 percent and is currently priced at around $111 (roughly Rs. 8,300), as per CoinGecko. The protocol that has over 72,000 followers on Twitter confirmed the attack and revealed that an investigation into the case is underway. 

Additionally, the Cream Finance group is trying to negotiate with the hackers, offering to present them 10% of all of the tokens that had been lost. This is a known strategy that has paid off for some protocols which were exploited in the past. 

Unfortunately, this is the third time Cream Finance suffered a loan flash attack this year, in August threat actors stole $29 million and another $37 million were stolen in February. However, this latest hack is the third-largest Defi hack in history. 

According to a recent report released by CipherTrace, DeFi assaults are becoming very profitable for cybercriminals. The attacks accounted for 76% of all major hacks in 2021 and earned a profit of 361 million.

“By July 2021, DeFi-related hacks total $361 million, already making up three-quarters of the total hack volume this year—a 2.7x increase from 2020. DeFi-related fraud continues to rise, as well. At the time of this report, DeFi-related fraud accounted for 54% of major crypto fraud volume, whereas last year DeFi-related fraud only made up 3% of the year’s total,” states CipherTrace. 

“The three hacks that Cream Finance has experienced are all related to flash loans, and the hackers from the [August attack] returned [most of] the stolen funds,” Sun Huang, general manager and vice president for security development operations at XREX Inc. stated. “This time we can expect the hacker to return as well, especially when the tracking technology for blockchain has become more mature and many could catch the hints and chase down attackers.”

DeFi Platforms PancakeSwap, Cream Finance hit by DNS Attack

 

DeFi platforms PancakeSwap and Cream Finance cautioned clients on Monday that they were hit by domain name system (DNS) hijackings. The strong alerts were given via social media in an offer to hold clients back from succumbing to dual schemes to collect private keys or seed phrases from would-be victims. Such data obtained by this sort of phishing plan would then permit a hacker to then steal funds from affected users. 

As of press time, PancakeSwap has said that it has recovered admittance to its DNS. Cream Finance seemed, by all accounts, to be currently looking for DNS access, guiding clients to an alternative address in the meantime. A DNS hijacking permits an attacker to introduce a false web portal to visiting users, regularly aimed toward gathering individual data - for this situation, the private keys needed to steal their funds. The U.S. government and private security firms have given alerts as of late about such assaults, as noted in a 2019 report by Krebs on Security. 

Exact technical details regarding how attackers figured out how to modify DNS records for the two sites are still shrouded in mystery, but as security researcher MalwareHunterTeam brought up recently, the two organizations dealt with their DNS records through web facilitating organization GoDaddy. While there is the likelihood that the attackers compromised web hosting accounts for both companies in separate incidents, there is likewise the likelihood that attackers may have compromised a GoDaddy employee’s account to change DNS server records and execute the attack. 

The latter scenario happened twice before last year, in March and November 2020, with assailants executing a phishing assault against GoDaddy employees to gather their work credentials and afterward utilize official GoDaddy accounts to alter DNS records for multiple cryptocurrencies and domain hosting-related sites. Casualties of the past assaults incorporated any semblance of Escrow.com, Liquid.com, NiceHash.com, Bibox.com, Celsius. network, and Wirex.app. Phishing assaults focusing on web facilitating accounts have become common since the beginning of 2019 when FireEye uncovered an Iranian state-sponsored hacking group behind a global DNS hijacking campaign. 

The campaign included the Iranian hackers phishing their targets for web facilitating related accounts and afterward utilizing a DNS hijack attack to divert traffic for email servers through infrastructure constrained by the attackers, permitting them to phish employees and read their emails.