TronWeekly

Crypto World News

You are here: Home / Archives for crypto heist

crypto heist

Crypto Heist Of $15M Exposes Google Authenticator Vulnerability

by

In a shocking turn of events, the renowned Chinese crypto blogger and journalist Colin Wu has revealed intricate details surrounding a recent crypto hack that has sent shockwaves through the digital currency industry. This audacious cyber attack targeted Fortress Trust, a prominent crypto custodian recently acquired by the blockchain giant Ripple.

The breach, unveiled through an investigation by software development firm Retool and reported by the hacker news, exposed a significant vulnerability in Fortress Trust’s security infrastructure. According to Colin Wu, the Achilles’ heel exploited by the hackers was linked to the additional security layer provided by a major authentication app.

Retool’s findings indicate that cybercriminals managed to infiltrate a staggering 27 accounts within the Fortress Trust crypto custody company. Their success hinged on a meticulously orchestrated SMS-based social engineering attack.

Crypto Security Alert Novel Attack Exposed in Google Sync

Fortress Trust confessed that the hackers leveraged a Google account cloud synchronization feature introduced earlier in the year. This San Francisco-based company, now under Ripple’s ownership, described this feature as a “dark pattern” that exacerbated the breach. Snir Kodesh, the head of engineering at Retool, referred to this form of synchronization as a “novel attack vector.”

Kodesh explained that the multi-factor authentication, once considered a robust defense, had been reduced to a single factor due to a critical update by the internet search giant in April. The attack unfolded on August 27, coinciding with Fortress Trust’s migration of logins to Okta.

The hackers cunningly posed as Fortress Trust IT team members, launching their SMS-phishing campaign. They lured unsuspecting recipients into following a seemingly legitimate link to resolve a payroll-related issue.

One unfortunate staff member took the bait, landing on a counterfeit webpage where they unwittingly divulged their login credentials. The hackers then took their deception to the next level by impersonating an IT team member, utilizing deep fake technology to alter their voice. They coerced the employee into revealing the multi-factor authentication (MFA) code.

Armed with this pivotal code, the hackers seamlessly integrated their device into the victim’s Okta account, enabling them to generate their personalized Multi-Factor Authentication (MFA) codes autonomously. This cunning maneuver granted them unmitigated access to all 27 compromised accounts.

In a final blow, the perpetrators altered the email addresses and passwords associated with these accounts, resulting in a staggering loss of $15 million worth of cryptocurrency assets. The methodology employed in this attack resembles the tactics used by a notorious hacker known as Scattered Spider, or UNC3944, renowned for their expertise in phishing attacks.

Related Reading:| Crypto Scams: NAB Implements Measures To Safeguard Customers

How did a $600M Hack of a Blockchain Bridge go unnoticed for almost a week?

by

Popular online game Axie infinity’s bridge called Ronin Network suffered an exploit losing more than half a billion funds in one of the biggest crypto attacks to date. The breach took place on March 23 but was discovered only on 30 March, Tuesday, according to the blog, published by Ronin detailing the incident.

So what exactly happened?

Blockchain bridge is software that enables cross-chain communication allowing tokens to be transferred. Attackers drained 173,600 Ether and 25.5 million USDC tokens from the network in two transactions. The stolen funds were siphoned off in two cryptocurrency exchanges, according to blockchain forensics firm Elliptic.

Ronin in its blog said it’s in contact with several cryptocurrency exchanges along with blockchain data analytic Chainalysis to monitor the movement of the stolen funds. The network also stated that it’s working with law enforcement agencies.

Following the incident, the price of Ronin’s token RON took a steep fall of 22%. AXS, of Axie Infinity, too reacted by losing as much as 11%, according to CoinMarketCap.  

Blockchain bridges have some major flaws

The attack highlights how bridges are susceptible to malicious actors. Experts say that these are run by unaudited computer codes, making them vulnerable to attackers. On top of that, the identities of validators/nodes, who run the transactions are not known, which makes it difficult to track suspects.

Expressing surprise, Wilfred Daye, head of Securitize Capital, the asset-management arm of Securitize Inc. said, “The fact that nobody notices for six days scream aloud that some structure should be in place to watch illicit transfers.” Another red flag, according to Tom Robinson, co-founder of Elliptic, is the bridge’s centralized architecture.

“In this case, the issue was that the bridge was highly centralized, the theft came as a result of someone hacking the ‘validator nodes’ of the Ronin Bridge. “Funds can be moved out of the bridge if five of the nine validators approve it. The hacker managed to get hold of the private cryptographic keys belonging to five of the validators so that was enough to steal the crypto assets.”

Kelvin Fichter, a developer felt that the Ronin was heavily dependent on validator-based bridges which he termed a “Fundamental error”. Fichter also pointed out that the network’s “minimal monitoring and alerting” system provided the hacker’s a solid ground to launch their attack.

Another Crypto heist: LCX Exchange hacked for $6.8M

by

In the latest crypto swindle hitting the weekend, Liechtenstein-based LCX Exchange suffered a security breach in one of its hot wallets that took place in the early hours of 9 January 2022. Announcing the same via Twitter, the trading platform has detailed the exploit in a series of threads and stated that Ethereum blockchain-based assets such as ETH, USDC, EURe, LCX, and other coins have been moved out to an unknown wallet. Further, the firm assured that security measures are being deployed to protect other wallets and assets.

Blockchain security firm PeckShield Inc has identified the estimated loss to the tune of $6.8 million and provided the breakdown of the lost funds for a clearer picture. Security breaches like these are not new in the crypto ecosystem, As crypto-assets gained increased adoption in 2021, so did such incidents of hacks across centralized exchanges and the DeFi sector.

Crypto heist in 2021

Previously on December 12, 2021, Singaporean cryptocurrency exchange AscendEX, suffered a major security attack with cyber security firm PeckShield stating, an estimated $77.7 million has been lost. The new year too didn’t fare well for the DeFi community, as the decentralized trading platform Tinyman built on the Algorand network was subjected to an exploit causing a loss of roughly $3 million on the 1st of January 2022, according to researchers at PeckShield.

As stated in the blog post, the attacker was able to take advantage of some loopholes in the network’s smart contracts protocol that provided illegal access to pools from which they could extract tokens.

Based on the data compiled by the consumer website Comparitech, five of the 10 largest crypto thefts of all time have occurred in 2021. And these incidents may only continue to grow due to increased cryptocurrency usage, as per financial tech experts. Rebecca Moody, head of research at Comparitech noted,

What’s clear from the majority of these attacks this year is that it’s often a vulnerability that’s being exploited. With the industry growing at an exponential rate and relying on open source technology, this leaves platforms open to exploitation when hackers are able to find a weakness in the code.