hackeralert
1.6M views
816 Discussing
Hot
Latest
The Hacker Who Phished... Himself 🫢🤦🏻
In an ironic twist of fate, a hacker who had successfully drained $26 million in ETH from the zkLend protocol in early 2025 lost it all almost immediately.
While attempting to "wash" the stolen funds through a privacy mixer, the hacker accidentally clicked on a phishing link. A second, presumably luckier hacker then stole the funds from the first hacker. #HackerAlert #WriteToEarnUpgrade
$ETH
In an ironic twist of fate, a hacker who had successfully drained $26 million in ETH from the zkLend protocol in early 2025 lost it all almost immediately.
While attempting to "wash" the stolen funds through a privacy mixer, the hacker accidentally clicked on a phishing link. A second, presumably luckier hacker then stole the funds from the first hacker. #HackerAlert #WriteToEarnUpgrade
$ETH
🚨🇰🇵 N. KOREAN HACKERS 💻 STOLE $2B IN CRYPTO IN 2025 💰
$CLO • $pippin • $GUN
Even with fewer attacks, their total haul hits $6.75B 😱
$GUNUSDT ⚡ 0.02379 +22.62% 🚀
#CryptoHeist
#HackerAlert
#DeFiNews
#BlockchainSecurity
#Crypto2026
$CLO • $pippin • $GUN
Even with fewer attacks, their total haul hits $6.75B 😱
$GUNUSDT ⚡ 0.02379 +22.62% 🚀
#CryptoHeist
#HackerAlert
#DeFiNews
#BlockchainSecurity
#Crypto2026
BREAKING:
🇹🇷 BTC-TURK HACK: $48M STOLEN $BTC
Turkish exchange BtcTurk lost ~$48 million in a hot wallet breach, marking its third major hack in two years. $ETH
Deposits and withdrawals are temporarily paused, but the broader market remains calm. $XRP
Binance has frozen $5.3M of stolen funds and is aiding the investigation.
Smart money stays bullish on BTC, with whales showing a 2.1 long/short ratio. Investors are reminded to prioritize self-custody and security.
#AltcoinSeasonComing? #FedRateCut25bps #BinanceAlphaAlert #USJobsData #HackerAlert
🇹🇷 BTC-TURK HACK: $48M STOLEN $BTC
Turkish exchange BtcTurk lost ~$48 million in a hot wallet breach, marking its third major hack in two years. $ETH
Deposits and withdrawals are temporarily paused, but the broader market remains calm. $XRP
Binance has frozen $5.3M of stolen funds and is aiding the investigation.
Smart money stays bullish on BTC, with whales showing a 2.1 long/short ratio. Investors are reminded to prioritize self-custody and security.
#AltcoinSeasonComing? #FedRateCut25bps #BinanceAlphaAlert #USJobsData #HackerAlert
⚠️ ALERT: Wrench attacks on crypto holders are rising and growing more violent, especially in Europe and Asia.
A wrench attack is when criminals use physical threats or force to steal crypto.
Reduce risk by staying private, avoiding wallet bragging, and using multisig or custody solutions.
$BTC #TradingSignals #BinanceAlphaAlert #tradingbycfai #HackerAlert
A wrench attack is when criminals use physical threats or force to steal crypto.
Reduce risk by staying private, avoiding wallet bragging, and using multisig or custody solutions.
$BTC #TradingSignals #BinanceAlphaAlert #tradingbycfai #HackerAlert
See original
how to make my account safer?, luckily my btc is in loan or else it would have been lost all haha, not joking, please #HackerAlert
Anomalibanjar:
lapor cs
See original
⚠️ ALERT: CARDANO USERS TARGETED BY PHISHING CAMPAIGN WITH FALSE ETERNL DESKTOP WALLET ⚠️
A sophisticated phishing campaign is targeting Cardano users, spreading false advertisements about "Eternl Desktop" to lure them into downloading malware.
The attackers send professional emails that mimic official communications, promising rewards in NIGHT and ATMA tokens through the Diffusion Staking Basket program, and urging downloads from download.eternldesktop.network.
The malicious MSI file contains LogMeIn Resolve (or GoTo Resolve), a remote control tool that installs unattended-updater.exe for persistent access without user interaction.
This allows for remote command execution, credential theft, and draining of crypto wallets, with connections to servers like devices-iot.console.gotoresolve.com.
The attack, active since late December 2025, exploits recent domains without digital signatures, evading antivirus.
Official Eternl is at eternl.io (browser extension/mobile), with no desktop version announced.
Protect yourself like this:
- Download wallets ONLY from eternl.io or official stores.
- Verify URLs, signatures, and announcements on Eternl channels.
- Use hardware wallets (Ledger/Trezor) for significant ADA amounts.
- Ignore unsolicited emails with links/downloads.
Be careful: better a false positive than losing funds.
#Cardano #ADA #alert #HackerAlert
A sophisticated phishing campaign is targeting Cardano users, spreading false advertisements about "Eternl Desktop" to lure them into downloading malware.
The attackers send professional emails that mimic official communications, promising rewards in NIGHT and ATMA tokens through the Diffusion Staking Basket program, and urging downloads from download.eternldesktop.network.
The malicious MSI file contains LogMeIn Resolve (or GoTo Resolve), a remote control tool that installs unattended-updater.exe for persistent access without user interaction.
This allows for remote command execution, credential theft, and draining of crypto wallets, with connections to servers like devices-iot.console.gotoresolve.com.
The attack, active since late December 2025, exploits recent domains without digital signatures, evading antivirus.
Official Eternl is at eternl.io (browser extension/mobile), with no desktop version announced.
Protect yourself like this:
- Download wallets ONLY from eternl.io or official stores.
- Verify URLs, signatures, and announcements on Eternl channels.
- Use hardware wallets (Ledger/Trezor) for significant ADA amounts.
- Ignore unsolicited emails with links/downloads.
Be careful: better a false positive than losing funds.
#Cardano #ADA #alert #HackerAlert
$4.5 BILLION BITFINEX HACKER WHO STOLE 120,000 $BTC HAS BEEN RELEASED FROM PRISON
#Bitfinex
#BTC
#HackerAlert
#Bitfinex
#BTC
#HackerAlert
EVM Wallets Drained in Stealth Holiday Attack: Over $107,000 Stolen, Cause Still Unknown
During the holiday season, a large-scale attack targeted hundreds of cryptocurrency wallets across Ethereum Virtual Machine (EVM) compatible networks such as Ethereum, BNB Chain, Polygon, Avalanche, and Arbitrum. Blockchain security investigator ZachXBT reported a series of thefts in which small amounts of funds — typically under $2,000 per wallet — were stolen, but the total loss has already surpassed $107,000.
Gradual, Yet Sophisticated Exploit
Instead of massive single hits, the attacker used a low-key method by draining small amounts from many wallets. According to on-chain data, these coordinated thefts began in late December, but the exact method remains unclear. All funds were funneled to the address starting with 0xAc2e…ad8Bf9bFB.
Where the Funds Ended Up
Blockchain tracking tools reveal the attacker has accumulated assets across more than 20 different blockchains. Most of the funds were stolen from Ethereum — approximately $54,655, making up 51% of the total. BNB Chain followed with $25,545, then Base ($8,688), Arbitrum ($6,273), Polygon ($3,498), Optimism ($1,480), Zora ($994), Linea ($909), and Avalanche ($386).
Suspected Phishing via Fake MetaMask Emails & Trust Wallet Exploit
Some crypto users speculated that phishing emails mimicking MetaMask were used to trick investors into handing over their seed phrases.
However, an in-depth analysis by Nansen pointed to a supply chain attack targeting Trust Wallet’s Chrome extension (v2.68). This incident began on December 24, when a malicious update was released, allowing attackers to steal wallet recovery phrases.
Compromised GitHub Access and Backdoored Extension
Trust Wallet later confirmed that the attacker gained access to its source code and Chrome Web Store API keys via leaked developer data on GitHub. This allowed them to upload a malicious version of the extension without going through the company’s approval process. A fake domain, metrics-trustwallet[.]com, was also registered to distribute the backdoored extension capable of exfiltrating mnemonic phrases.
About 1 million users of the Trust Wallet Chrome extension were later prompted to update to version 2.69 after the compromised update went live.
Shai-Hulud 3.0: A More Sophisticated Malware Version
Researchers at Upwind described the malware as a stealthier evolution called “Shai-Hulud 3.0,” featuring enhanced string obfuscation, improved error handling, and Windows compatibility. Its goal wasn’t new attack techniques, but rather to prolong the campaign's lifespan undetected.
Expected Token Movements: Tornado Cash, THORChain & Others
Stolen tokens are expected to be laundered via platforms such as Tornado Cash, Railgun, THORChain, Debridge, eXch, and other OTC/mixing services to hide the origin of the assets.
Christmas 2025: A Record Season for Crypto Scams
This holiday season marked an all-time high in cybercrime targeting crypto users. In early December, the FBI’s Internet Crime Complaint Center warned Americans about scam and phishing emails, estimating more than $785 million in losses due to holiday-related non-payment and non-delivery scams — with another $199 million lost to credit card fraud.
A Year of Record-Breaking Crypto Heists
2025 is now the worst year on record for crypto theft. According to Chainalysis and TRM Labs, cybercriminals stole $2.7 billion worth of crypto — the highest annual total to date. The biggest heist was the $1.4 billion exploit on Dubai-based exchange Bybit.
That incident surpassed previous notorious hacks like the $624 million Ronin bridge breach and $611 million Poly Network hack in 2022.
North Korea Behind Most of the Thefts
Analysts say state-sponsored North Korean groups were behind the majority of 2025’s thefts, allegedly stealing over $2 billion this year alone. Since 2017, these groups are estimated to have stolen nearly $6 billion in crypto, reportedly used to fund North Korea’s sanctioned nuclear weapons program.
#Cryptoscam , #CryptoSecurity , #HackerAlert , #CryptoNews , #Ethereum
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Gradual, Yet Sophisticated Exploit
Instead of massive single hits, the attacker used a low-key method by draining small amounts from many wallets. According to on-chain data, these coordinated thefts began in late December, but the exact method remains unclear. All funds were funneled to the address starting with 0xAc2e…ad8Bf9bFB.
Where the Funds Ended Up
Blockchain tracking tools reveal the attacker has accumulated assets across more than 20 different blockchains. Most of the funds were stolen from Ethereum — approximately $54,655, making up 51% of the total. BNB Chain followed with $25,545, then Base ($8,688), Arbitrum ($6,273), Polygon ($3,498), Optimism ($1,480), Zora ($994), Linea ($909), and Avalanche ($386).
Suspected Phishing via Fake MetaMask Emails & Trust Wallet Exploit
Some crypto users speculated that phishing emails mimicking MetaMask were used to trick investors into handing over their seed phrases.
However, an in-depth analysis by Nansen pointed to a supply chain attack targeting Trust Wallet’s Chrome extension (v2.68). This incident began on December 24, when a malicious update was released, allowing attackers to steal wallet recovery phrases.
Compromised GitHub Access and Backdoored Extension
Trust Wallet later confirmed that the attacker gained access to its source code and Chrome Web Store API keys via leaked developer data on GitHub. This allowed them to upload a malicious version of the extension without going through the company’s approval process. A fake domain, metrics-trustwallet[.]com, was also registered to distribute the backdoored extension capable of exfiltrating mnemonic phrases.
About 1 million users of the Trust Wallet Chrome extension were later prompted to update to version 2.69 after the compromised update went live.
Shai-Hulud 3.0: A More Sophisticated Malware Version
Researchers at Upwind described the malware as a stealthier evolution called “Shai-Hulud 3.0,” featuring enhanced string obfuscation, improved error handling, and Windows compatibility. Its goal wasn’t new attack techniques, but rather to prolong the campaign's lifespan undetected.
Expected Token Movements: Tornado Cash, THORChain & Others
Stolen tokens are expected to be laundered via platforms such as Tornado Cash, Railgun, THORChain, Debridge, eXch, and other OTC/mixing services to hide the origin of the assets.
Christmas 2025: A Record Season for Crypto Scams
This holiday season marked an all-time high in cybercrime targeting crypto users. In early December, the FBI’s Internet Crime Complaint Center warned Americans about scam and phishing emails, estimating more than $785 million in losses due to holiday-related non-payment and non-delivery scams — with another $199 million lost to credit card fraud.
A Year of Record-Breaking Crypto Heists
2025 is now the worst year on record for crypto theft. According to Chainalysis and TRM Labs, cybercriminals stole $2.7 billion worth of crypto — the highest annual total to date. The biggest heist was the $1.4 billion exploit on Dubai-based exchange Bybit.
That incident surpassed previous notorious hacks like the $624 million Ronin bridge breach and $611 million Poly Network hack in 2022.
North Korea Behind Most of the Thefts
Analysts say state-sponsored North Korean groups were behind the majority of 2025’s thefts, allegedly stealing over $2 billion this year alone. Since 2017, these groups are estimated to have stolen nearly $6 billion in crypto, reportedly used to fund North Korea’s sanctioned nuclear weapons program.
#Cryptoscam , #CryptoSecurity , #HackerAlert , #CryptoNews , #Ethereum
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
📢 ZachXBT Alert: EVM Wallet Drains
ZachXBT has reported an ongoing wallet-draining attack across EVM chains, where hundreds of wallets are being targeted.
🔍 What’s Happening
• Over $107,000 stolen so far
• Each wallet drained for under $2,000
• Attack is widespread but low-value per wallet
• Root cause is still unidentified
• Likely linked to malicious approvals, phishing, or deceptive contract interactions
• No confirmed exploit tied to a specific chain or wallet yet
This looks like a stealth, automated drain, possibly testing methods before scaling up.
⸻
🛡️ Precautions to Stay Safe
• Revoke token & NFT approvals (old/unused dApps)
• Never share seed phrases or sign random transactions
• Avoid unknown browser extensions
• Monitor wallet activity for unknown approvals or transfers
• Use a hardware wallet for larger funds
• If unsure, move funds to a fresh wallet with a new seed
#BTCVSGOLD #zachxbt #HackerAlert #Squar2earn #squarecreator
$BTC
$SOL
$ETH
ZachXBT has reported an ongoing wallet-draining attack across EVM chains, where hundreds of wallets are being targeted.
🔍 What’s Happening
• Over $107,000 stolen so far
• Each wallet drained for under $2,000
• Attack is widespread but low-value per wallet
• Root cause is still unidentified
• Likely linked to malicious approvals, phishing, or deceptive contract interactions
• No confirmed exploit tied to a specific chain or wallet yet
This looks like a stealth, automated drain, possibly testing methods before scaling up.
⸻
🛡️ Precautions to Stay Safe
• Revoke token & NFT approvals (old/unused dApps)
• Never share seed phrases or sign random transactions
• Avoid unknown browser extensions
• Monitor wallet activity for unknown approvals or transfers
• Use a hardware wallet for larger funds
• If unsure, move funds to a fresh wallet with a new seed
#BTCVSGOLD #zachxbt #HackerAlert #Squar2earn #squarecreator
$BTC
$SOL
$ETH
See original
"How do hackers use artificial intelligence to steal cryptocurrencies?"
In the world of cryptocurrencies, innovations do not stop at investors and technologists alone, but also extend to hackers. With the emergence of artificial intelligence (AI), the methods of cyber attacks have witnessed a qualitative leap. AI has become a powerful tool in the hands of cyber attackers, enabling them to execute complex and rapid attacks that are difficult to detect or counter.
🧟♂️ Librarian Ghouls Hackers Hijack Russian Devices to Mine Crypto
.......
🕵️♂️ Cybersecurity firm Kaspersky reports that a group known as Librarian Ghouls (aka Rare Werewolf) has compromised hundreds of Russian systems for cryptojacking.
📩 Attack vector: Phishing emails mimicking payment orders & official documents.
⚙️ The hackers use legit third-party utilities to stay stealthy — a common hacktivist tactic.
💰 Endgame: Mining crypto on infected machines without the user’s consent.
🧠 Kaspersky suggests ideological motives behind the attack.
🔗 Cointelegraph
#CyberSecurity #Binance #HackerAlert #bitcoin
$BTC $XRP
.......
🕵️♂️ Cybersecurity firm Kaspersky reports that a group known as Librarian Ghouls (aka Rare Werewolf) has compromised hundreds of Russian systems for cryptojacking.
📩 Attack vector: Phishing emails mimicking payment orders & official documents.
⚙️ The hackers use legit third-party utilities to stay stealthy — a common hacktivist tactic.
💰 Endgame: Mining crypto on infected machines without the user’s consent.
🧠 Kaspersky suggests ideological motives behind the attack.
🔗 Cointelegraph
#CyberSecurity #Binance #HackerAlert #bitcoin
$BTC $XRP
🚨 Bybit Security Breach: $1.4B in ETH Stolen! 🔥💰
One of Bybit’s ETH cold wallets was compromised in a sophisticated attack that manipulated the signing interface! 🕵️♂️💻
🔍 Key Details:
🔹 $1.4 Billion in Ethereum stolen 💸
🔹 Attackers altered the smart contract logic while keeping the correct address visible ⚠️
🔹 Bybit assures client funds are safe and withdrawals remain unaffected ✅
💡 With crypto security threats on the rise, how can exchanges strengthen cold wallet protection?
🛡️ Possible Solutions:
✅ Multi-Signature Security – More approvals, less risk 🔑
✅ Air-Gapped Cold Wallets – Stay completely offline 🚫🌐
✅ Regular Security Audits – Identify weaknesses before attackers do! 🔍
✅ Hardware Security Modules (HSMs) – Extra layer of encryption 🔒
⚡ Is this a wake-up call for crypto platforms? Share your thoughts below! 👇💬
#BybitSecurityBreach #CryptoSecurityAlert #ETH #HackerAlert #Blockchain
One of Bybit’s ETH cold wallets was compromised in a sophisticated attack that manipulated the signing interface! 🕵️♂️💻
🔍 Key Details:
🔹 $1.4 Billion in Ethereum stolen 💸
🔹 Attackers altered the smart contract logic while keeping the correct address visible ⚠️
🔹 Bybit assures client funds are safe and withdrawals remain unaffected ✅
💡 With crypto security threats on the rise, how can exchanges strengthen cold wallet protection?
🛡️ Possible Solutions:
✅ Multi-Signature Security – More approvals, less risk 🔑
✅ Air-Gapped Cold Wallets – Stay completely offline 🚫🌐
✅ Regular Security Audits – Identify weaknesses before attackers do! 🔍
✅ Hardware Security Modules (HSMs) – Extra layer of encryption 🔒
⚡ Is this a wake-up call for crypto platforms? Share your thoughts below! 👇💬
#BybitSecurityBreach #CryptoSecurityAlert #ETH #HackerAlert #Blockchain
See original
Who has the most BTC? The Lazarus Group hackers have become some of the largest holders of BTC in the world.
North Korea, with the help of the hacking group Lazarus Group, has become one of the largest holders of BTC in the world. As of today, the hackers own approximately 13,518 BTC, equivalent to 1.16 billion dollars. This is twice as much as El Salvador holds — a country that officially recognized Bitcoin as its national currency.
🚨 ALERT: Microsoft has discovered a new trojan, StilachiRAT, targeting cryptocurrency wallets in the Google Chrome browser.
The malware attacks 20 different extensions, including MetaMask, Coinbase Wallet, Trust Wallet, OKX Wallet, Bitget Wallet, Phantom, and more.#OKXExchange #okxhacked #HackerAlert
The malware attacks 20 different extensions, including MetaMask, Coinbase Wallet, Trust Wallet, OKX Wallet, Bitget Wallet, Phantom, and more.#OKXExchange #okxhacked #HackerAlert
Russia’s APT29 Targets EU Diplomats with Wine-Tasting Phishing Attack
A sophisticated cyber-espionage campaign by Russia’s APT29 group, also known as Midnight Blizzard or Cozy Bear, has recently targeted European diplomats using a clever disguise: fake wine-tasting invitations.
Cybersecurity researchers from Check Point uncovered the attack, which involves emails spoofing European Ministries of Foreign Affairs. The emails invite recipients to exclusive wine-tasting events, but the real payload is far more dangerous. Attached to the invitation is a ZIP file named “wine.zip” containing a new malware loader called **GRAPELOADER**.
GRAPELOADER acts as a stealthy first-stage malware that performs system reconnaissance and deploys additional tools, including an updated version of **WINELOADER**. WINELOADER is a modular backdoor capable of deep system access, data exfiltration, and executing commands remotely.
The campaign’s primary targets include European foreign ministries and embassies of non-European countries based in Europe, marking a continued effort by APT29 to infiltrate sensitive diplomatic networks.
Security experts urge organizations to bolster their email defenses, educate staff about phishing tactics, and monitor systems for unusual activity. This campaign highlights the growing sophistication of state-backed cyber threats in today’s geopolitical climate.
#HackerAlert
A sophisticated cyber-espionage campaign by Russia’s APT29 group, also known as Midnight Blizzard or Cozy Bear, has recently targeted European diplomats using a clever disguise: fake wine-tasting invitations.
Cybersecurity researchers from Check Point uncovered the attack, which involves emails spoofing European Ministries of Foreign Affairs. The emails invite recipients to exclusive wine-tasting events, but the real payload is far more dangerous. Attached to the invitation is a ZIP file named “wine.zip” containing a new malware loader called **GRAPELOADER**.
GRAPELOADER acts as a stealthy first-stage malware that performs system reconnaissance and deploys additional tools, including an updated version of **WINELOADER**. WINELOADER is a modular backdoor capable of deep system access, data exfiltration, and executing commands remotely.
The campaign’s primary targets include European foreign ministries and embassies of non-European countries based in Europe, marking a continued effort by APT29 to infiltrate sensitive diplomatic networks.
Security experts urge organizations to bolster their email defenses, educate staff about phishing tactics, and monitor systems for unusual activity. This campaign highlights the growing sophistication of state-backed cyber threats in today’s geopolitical climate.
#HackerAlert
🚨 X HACK UPDATE – HERE’S WHAT WE KNOW! 🚨
💻 Cyber group ‘Dark Storm’ claims responsibility for the massive DDoS attack that took X offline yesterday. 📡💥
🔎 Who are they?
•Pro-Palestinian, Russia-linked hackers 🎭
•Known for targeting NATO countries 🌍
•Claim it was just a “demonstration of strength” ⚔️
🚨 Musk responds:
•Confirms a major cyberattack 🛑
•Says hackers’ IP addresses originated near Ukraine 🇺🇦
•X was restored quickly, but who’s next? 🤔
📉 Meanwhile, Tesla stock is crashing 🔻15% as protests rage over Musk’s DOGE initiative 🔥
💬 Cyberwarfare heating up? What’s your take? Random attack or deeper agenda? 👀
#XCyberattack #HackerAlert #TeslaStock
💻 Cyber group ‘Dark Storm’ claims responsibility for the massive DDoS attack that took X offline yesterday. 📡💥
🔎 Who are they?
•Pro-Palestinian, Russia-linked hackers 🎭
•Known for targeting NATO countries 🌍
•Claim it was just a “demonstration of strength” ⚔️
🚨 Musk responds:
•Confirms a major cyberattack 🛑
•Says hackers’ IP addresses originated near Ukraine 🇺🇦
•X was restored quickly, but who’s next? 🤔
📉 Meanwhile, Tesla stock is crashing 🔻15% as protests rage over Musk’s DOGE initiative 🔥
💬 Cyberwarfare heating up? What’s your take? Random attack or deeper agenda? 👀
#XCyberattack #HackerAlert #TeslaStock
Hackers Steal $840,000 from Orange Finance
Hackers Exploit Orange Finance Platform
Orange Finance, a major liquidity manager on the Arbitrum network, suffered a hacking incident resulting in the theft of $840,000. The Orange Finance team announced the breach on January 8 via X, urging users to avoid interacting with the protocol.
Details of the Attack
According to the team, the hackers gained control of the administrator address, upgraded the contracts, and transferred the funds to their wallet. The team confirmed that the contracts are no longer under their control and noted that they currently lack precise details about the attack.
Message to the Hacker
In a subsequent statement, the Orange Finance team revealed they contacted the hacker via an on-chain message. They requested a "positive response within 24 hours" and offered to handle the situation as a "white hat" matter without involving law enforcement agencies.
Funds Converted to Ethereum
Blockchain analytics firm Cyvers Alert reported that the hacker had already swapped the stolen funds for Ethereum (ETH). The Orange Finance team continues to investigate the incident and has advised users to revoke all contract approvals linked to Orange Finance to ensure their safety.
A Significant Loss for Arbitrum’s Largest Liquidity Manager
Before the attack, Orange Finance was the largest liquidity manager on the Arbitrum network, with over $1.5 million in total value locked, according to data from DefiLlama. This incident is a major blow to the platform’s operations and reputation.
Conclusion
The hack on Orange Finance highlights the risks associated with decentralized finance protocols. Users are urged to secure their funds and regularly review contract approvals to prevent similar incidents. The Orange Finance team is working to investigate the breach and recover the stolen funds.
#HackerAlert , #CryptoFraud , #CryptoScamAlert , #CryptoNewss , #HackerNews
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Orange Finance, a major liquidity manager on the Arbitrum network, suffered a hacking incident resulting in the theft of $840,000. The Orange Finance team announced the breach on January 8 via X, urging users to avoid interacting with the protocol.
Details of the Attack
According to the team, the hackers gained control of the administrator address, upgraded the contracts, and transferred the funds to their wallet. The team confirmed that the contracts are no longer under their control and noted that they currently lack precise details about the attack.
Message to the Hacker
In a subsequent statement, the Orange Finance team revealed they contacted the hacker via an on-chain message. They requested a "positive response within 24 hours" and offered to handle the situation as a "white hat" matter without involving law enforcement agencies.
Funds Converted to Ethereum
Blockchain analytics firm Cyvers Alert reported that the hacker had already swapped the stolen funds for Ethereum (ETH). The Orange Finance team continues to investigate the incident and has advised users to revoke all contract approvals linked to Orange Finance to ensure their safety.
A Significant Loss for Arbitrum’s Largest Liquidity Manager
Before the attack, Orange Finance was the largest liquidity manager on the Arbitrum network, with over $1.5 million in total value locked, according to data from DefiLlama. This incident is a major blow to the platform’s operations and reputation.
Conclusion
The hack on Orange Finance highlights the risks associated with decentralized finance protocols. Users are urged to secure their funds and regularly review contract approvals to prevent similar incidents. The Orange Finance team is working to investigate the breach and recover the stolen funds.
#HackerAlert , #CryptoFraud , #CryptoScamAlert , #CryptoNewss , #HackerNews
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
See original
#BYBIT has just announced about the hack of 1.4 billion USDT from the Hot wallet! 🔴🍿🍿
This is the largest #crypto hack to date🏴☠️
This explains why we see the market drop sharply 30 minutes ago. #LTC
They are currently working with a team of experts to ensure that users' funds are completely safe!
I am maintaining my SPOT positions, as I believe things will return to normal soon.
I advise you to avoid large leverage in the next few hours.
#CryptoNewss #HackerAlert $PEPE
$DOGE
$SHIB
This is the largest #crypto hack to date🏴☠️
This explains why we see the market drop sharply 30 minutes ago. #LTC
They are currently working with a team of experts to ensure that users' funds are completely safe!
I am maintaining my SPOT positions, as I believe things will return to normal soon.
I advise you to avoid large leverage in the next few hours.
#CryptoNewss #HackerAlert $PEPE
$DOGE
$SHIB
#MastertheMarket #crypto #news #HackerAlert
Lazarus Hackers Launch New Attack via GitHub
Attackers from the North Korean hacker group Lazarus have published six infected npm packages on the GitHub platform that are capable of stealing keys to crypto wallets, among other things. This was reported by Socket specialists.
According to experts, the attackers tried to pass off the infected code as popular libraries that are often downloaded from the platform. The hackers hope that developers will use the compromised files and embed the malicious code in their products. Special repositories were created for five of the packages to add credibility to the scheme.
Socket noted that the code is capable of extracting data on cryptocurrencies, in particular, confidential information from Solana and Exodus wallets. The attack targets Google Chrome, Brave, and Firefox files, as well as data from the Keychain storage in macOS.
“It is difficult to determine whether this attack is related to Lazarus or a copycat. However, the tactics, methods, and procedures (TTP) observed in this npm attack are closely related to known Lazarus operations, which have been well-documented by researchers from Unit42, eSentire, DataDog, Phylum, and others since 2022,” wrote Kirill Boychenko, a threat intelligence analyst at Socket.
The problematic files were downloaded more than 330 times. Experts called for the malicious repositories to be removed.
Recall that Bybit called on the ParaSwap DAO to return 44.67 wETH (~$100,000) earned in Lazarus transaction fees.
Lazarus Hackers Launch New Attack via GitHub
Attackers from the North Korean hacker group Lazarus have published six infected npm packages on the GitHub platform that are capable of stealing keys to crypto wallets, among other things. This was reported by Socket specialists.
According to experts, the attackers tried to pass off the infected code as popular libraries that are often downloaded from the platform. The hackers hope that developers will use the compromised files and embed the malicious code in their products. Special repositories were created for five of the packages to add credibility to the scheme.
Socket noted that the code is capable of extracting data on cryptocurrencies, in particular, confidential information from Solana and Exodus wallets. The attack targets Google Chrome, Brave, and Firefox files, as well as data from the Keychain storage in macOS.
“It is difficult to determine whether this attack is related to Lazarus or a copycat. However, the tactics, methods, and procedures (TTP) observed in this npm attack are closely related to known Lazarus operations, which have been well-documented by researchers from Unit42, eSentire, DataDog, Phylum, and others since 2022,” wrote Kirill Boychenko, a threat intelligence analyst at Socket.
The problematic files were downloaded more than 330 times. Experts called for the malicious repositories to be removed.
Recall that Bybit called on the ParaSwap DAO to return 44.67 wETH (~$100,000) earned in Lazarus transaction fees.
Cyprus Police Warn Public After Crypto Investor Loses $58,000 to Fee Scams
Investors Face Risks from Fee-Related Scams
Cypriot authorities are urging the public to exercise caution after a 50-year-old man from Limassol lost $58,000 to a fraudulent cryptocurrency trading platform. This incident highlights the growing prevalence of manipulative tactics used in crypto market scams.
How the Scam Unfolded
Fake Platform with a Professional Appearance
The victim encountered a website in December that appeared to be a legitimate trading platform. It featured detailed charts, interactive dashboards, and tools for tracking profits. Lured by the professional design and promises of high returns, the man invested a total of $58,000 across multiple transactions.
Manipulated Data and Illusions of Profit
The scammers used a manipulated dashboard to display fake rising profits. This common tactic creates the illusion of successful investments, encouraging victims to continue depositing funds.
Demands for "Additional Fees"
When the man attempted to withdraw his supposed earnings, the scammers refused to release the funds, instead demanding additional fees to "unlock" the profits. This tactic, known as an advance fee scam, involves pressuring victims to pay more money under false pretenses, only to leave their funds inaccessible.
Recommendations from Authorities and Additional Warnings
Caution in Investing
The Cypriot Financial Crime Investigation Bureau advises against sharing sensitive financial and personal information and recommends investing only through licensed and reputable institutions. They also emphasize the importance of verifying the credibility of any advisor or platform.
Other Crypto Scam Incidents
Similar warnings have been issued by U.S. financial authorities. For instance, in June 2024, another investor lost $310,000 through a fake platform called Ethfinance. Scammers employed similar tactics, leveraging manipulated data to deceive victims.
More Sophisticated Scams
In July, another scam was uncovered where fraudsters offered fake loans. Victims were convinced their trading account profits would cover the loan repayments. However, the victims ended up repaying the loans from their own pockets while their supposed earnings remained locked on the platform.
Summary
This case from Cyprus underscores the risks of investing in cryptocurrencies through unverified platforms. Police and financial authorities warn against scammers who manipulate data and exploit investor trust. Exercising caution and thoroughly verifying investment opportunities are crucial for avoiding financial losses.
#CyberSecurity , #HackerAlert , #cyberattacks , #CryptoScamAlert , #CryptoNewss
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Cypriot authorities are urging the public to exercise caution after a 50-year-old man from Limassol lost $58,000 to a fraudulent cryptocurrency trading platform. This incident highlights the growing prevalence of manipulative tactics used in crypto market scams.
How the Scam Unfolded
Fake Platform with a Professional Appearance
The victim encountered a website in December that appeared to be a legitimate trading platform. It featured detailed charts, interactive dashboards, and tools for tracking profits. Lured by the professional design and promises of high returns, the man invested a total of $58,000 across multiple transactions.
Manipulated Data and Illusions of Profit
The scammers used a manipulated dashboard to display fake rising profits. This common tactic creates the illusion of successful investments, encouraging victims to continue depositing funds.
Demands for "Additional Fees"
When the man attempted to withdraw his supposed earnings, the scammers refused to release the funds, instead demanding additional fees to "unlock" the profits. This tactic, known as an advance fee scam, involves pressuring victims to pay more money under false pretenses, only to leave their funds inaccessible.
Recommendations from Authorities and Additional Warnings
Caution in Investing
The Cypriot Financial Crime Investigation Bureau advises against sharing sensitive financial and personal information and recommends investing only through licensed and reputable institutions. They also emphasize the importance of verifying the credibility of any advisor or platform.
Other Crypto Scam Incidents
Similar warnings have been issued by U.S. financial authorities. For instance, in June 2024, another investor lost $310,000 through a fake platform called Ethfinance. Scammers employed similar tactics, leveraging manipulated data to deceive victims.
More Sophisticated Scams
In July, another scam was uncovered where fraudsters offered fake loans. Victims were convinced their trading account profits would cover the loan repayments. However, the victims ended up repaying the loans from their own pockets while their supposed earnings remained locked on the platform.
Summary
This case from Cyprus underscores the risks of investing in cryptocurrencies through unverified platforms. Police and financial authorities warn against scammers who manipulate data and exploit investor trust. Exercising caution and thoroughly verifying investment opportunities are crucial for avoiding financial losses.
#CyberSecurity , #HackerAlert , #cyberattacks , #CryptoScamAlert , #CryptoNewss
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Login to explore more contents