TronWeekly

Crypto World News

You are here: Home / Archives for Hacker

Hacker

Li Finance Loses Over $600,000 as a Hacker Exploits a Bug

by

At Li Finance, 29 users lost roughly $600,000 in what looks to be a smart contract exploitation. The vulnerability was carried out in a single transaction at 02:51 AM +UTC by hackers.

All swap methods were deactivated as soon as the team was aware of the exploit, while they worked on a patch for the flaw.

Li Finance users lost hundreds of thousands of dollars

The hacker was able to take 205 ETH from 29 different wallets. USDC, MATIC, RPL, GNO, USDT, MVI, AUDIO, AAVE, JRT, and DAI are among the stolen assets.

The attacker converted all tokens to ETH and transported them to his wallet after the breach.

The team contacted the hacker and requested that the cash be returned, but no response has yet been received.

“If you are reading this, we would be glad if you could offer a big bounty, and we would promise not to reveal any information about your identity.”

How did it happen?

The pre-bridge switch functionality of Li Finance was used in the hack. A caller can pass an array of multiple swaps using any address with any call data to its smart contract.

This approach allowed the most freedom in terms of what DEXs and methods. This allowed anybody, not only DEXs, to call other contracts. The contract double-checks if the outcome of the swap or swaps is enough tokens to keep the bridging operation going.

The attacker began by making a genuine small-amount exchange, then made many direct calls to various token contracts.

The Li finance team uncovered the exploit 12 hours after the assault and promptly disabled all switching functionalities.

They’ve already compensated 26 of the 29 wallets, but they wanted to do something extra for the others. The remaining three wallets are estimated to be worth $397,000.

They offered to convert the missing funds into an angel investment to mitigate the treasury harm. They did stress, however, that the users’ final decision to accept or reject the offer is up to them.

Exploits like these serve as a reminder to everyone of the significances of better security. Because the finances and assets of thousands of people are at risk, it is critical to maintaining them secure.

However, as we can see, as security improves, hackers are scrambling to locate even the slightest crack through which they can launch their attack.

94,643.29 Stolen BTC from 2016 Bitfinex hack moved

by

According to the reports by Whale alert, large amounts of BTC, which were stolen during the 2016 Bitfinex hack, started moving to an unknown wallet. The hackers carried out the first transaction on (Tue, 01 Feb 2022 04:14:24 UTC). Initially, they moved 1 BTC to the anonymous wallet. As of now, 26 transactions have been carried out on the anonymous wallet. The wallet holds 94643.29 BTC at the time of writing.

Whale alerts is a transparent platform for tracking and analyzing millions of transactions every day. They reported the incident on Twitter, providing the details of the move.

History of the 2016 Bitfinex BTC hack

In August 2016, almost 120,000 bitcoins – now worth roughly $4.6 billion – were stolen from the famous crypto exchange Bitfinex. The hackers may have felt that the challenging portion of their crime was over. However, barely 21 percent of the stolen bitcoins have been transferred after five years, and just 4 percent have been laundered or swapped.

The 119,756 bitcoins stolen from Bitfinex were first transmitted to a single wallet, and 79 percent of them remain there to this day. After a rush of transactions in early 2017, there were very few outflows from the wallet until 2020, when there was a significant rise in activity. In April 2021, 12,241 BTC of the stolen assets were relocated, having a value at the time of $774 million. This rise was presumably spurred by the surging Bitcoin price, which rose more than 700 percent during the prior year.

Elliptic said the hackers laundered the money through darknet markets like Hydra and privacy-focused Wasabi wallet. These marketplaces provide cash-out services with drugs, hacking equipment, and bogus IDs. These allow Bitcoin to be exchanged into gift cards, prepaid debit cards, or actual cash. Software wallets like Wasabi assist in avoiding blockchain tracing, employing a kind of transaction known as a “coinjoin”. It is estimated that over 13 percent of the profits of crime in bitcoin are laundered using private wallets.

The inability of the hackers to move the fund tells a story about the crypto industry’s maturation and how law enforcement capabilities, regulation, and blockchain analytics have combined to make crypto crimes extremely difficult. But to date, they were unable to trace back to the hackers who committed this monstrous loot.

Hacker exploits Qubit Finance and steals $80 million

by

The latest victim to the hacking spree is Qubit Finance. Qubit is a decentralized money market platform. In a recent tweet, the announcement was made public confirming the hack:

image 6

Qubit added in the tweet that the hacker, borrowed on BSC, minted unlimited xETH. The team is currently working with security and network partners on the next steps. At the time of writing, the exploiter address currently holds 206,809.5 BNB valued at $80,264,866.

Qubit went out and tweeted about the latest updates regarding the hack. “The team continues to track the exploiter and monitor affected assets.” They also mentioned that the team had contacted the exploiter to offer the maximum bounty.

Largest De-Fi hacks

According to Halborn, De-Fi hacks accounted for the most major hacking in 2021. The ten significant hacks include Pancakebunny ($45 million), uranium finance ($50 million), belt finance ($50 million), bzx ($55 million), easyfi ($59 million), badger ($120 million), paid network ($127 million), cream finance ($130 million), compound finance ($147 million) and poly network ($610 million). Qubit’s recent hack of $80 million was added to the list.

A full stop for the hacks?

The hackers have come a long way from hacking crypto exchanges to trezor wallets. Even though the security measures increase to secure the funds, the hackers find a loophole to get through it. Then a question arises about how to safeguard your funds.

The risk to your digital assets is mostly through cryptocurrency wallets (digital wallets) or exchange companies. A crypto wallet does not store your digital money but instead contains a private key, which allows you to exchange crypto online. This private key is your digital identification to the cryptocurrency market, and anyone who gets hold of this can make fraudulent transactions or steal your cryptocurrencies.

Cybercriminals utilize advanced tactics to hack digital wallets and steal/transfer crypto assets without the user’s awareness. Securing your wallet is vital when it comes to securing your digital money against hacks. Avoid falling for scams, phishing, and constantly changing your password to secure your funds. If you use a cold wallet, write down your key and safeguard it.