Lazarus Group stole Atomic Wallet funds ?!

Analysts believe the hackers are affiliated with the Lazarus Group of North Korea

Atomic Wallet hackers transfer stolen funds through the Garantex cryptocurrency exchange. Experts from Elliptic, a cybersecurity company, also discovered this. Several exchanges have frozen addresses related to the incident. But the stolen assets were routed to a platform listed last year by the U.S. Treasury Office of Foreign Assets Control (OFAC) on its sanctions lists.

Earlier, Elliptic reported that the Atomic Wallet hacker used cryptomixer Sinbad.io to launder stolen funds. Analysts stressed that this service is popular with Lazarus Group hackers from North Korea. And based on that, they believe the incident is related to the DPRK.

Also Elliptic has now clarified that the stolen assets were first exchanged through an intranet tool from the 1inch project. And then they were transferred to the Garantex exchange, where they were then exchanged for Bitcoins and redirected to cryptomixer Sinbad.

Elliptic noted that thanks to the company’s proactive actions, many crypto platforms blocked addresses. Which are related to Atomic hacking. “Lazarus has now turned to OFAC-sanctioned exchange Garantex to exchange their assets for BTC,” the analysts said in a statement.

Our experts note that OFAC sanctioned Garantex in April 2022 at the same time as the darknet marketplace Hydra. OFAC said the exchange was “deliberately ignoring its obligations” to combat money laundering and terrorist financing.

Read More

Hackers and scam cryptoprojects stole $71 million in crypto in May

Hackers stole about $16 million in nearly 60 attacks on cryptoservices. And scam cryptoprojects scammed investors out of $55 million

In May 2023, hackers, scammers and unscrupulous crypto developers stole more than $71 million in cryptocurrencies. This follows information from cybersecurity company PeckShield. At the same time, about $16 million was stolen during hacks. And scam projects (fraudulent projects) accounted for more than $55 million of losses.

According to experts’ calculations, there were 59 hacks of cryptoservices during the month. And the total amount of stolen funds amounted to $16.03 million, not including $4.13 million, which were returned by hackers on different terms.

The largest hack in May was an attack on the Arbitrum network’s liquidity protocol called Jimbos Protocol ($7.5 million). And then comes the hack of DEI’s stabelcoin issuer, Deus DAO ($2.5 million). In third place was the Tornado Cash cryptomixer incident, with losses of $1.12 million.

Most of the money stolen in May – $55 million – came from scam cryptoprojects and unscrupulous developers. The DFintosh cryptoprotocol team is suspected of stealing $31.6 million, while developers of the IPP stacking pool escaped with $14.5 million. In third place are the creators of the XIRTAM project with the theft of $3.4 million.

Our experts note that due to the popularity of meme tokens in the past month, many scam groups created dozens of cryptocurrencies on the theme of popular memes. Scammers artificially inflated their token prices. In order to attract investors. And then absconded with the funds of trusting users.

Read More

Hacker who stole $160 million decided to make money on them by adding them to liquidity on DEX Curve

Curve protocol developers say that no one can forbid anyone to make deposits. And the platform code is unchangeable

A cryptocurrency hacker has become the leader among liquidity providers in Curve Finance’s DeFi-platform pool. In doing so, using the $160 million he stole from the Wintermute protocol.

Wintermute is a major cryptocurrency market maker, providing liquidity to more than 50 crypto platforms. Such as Binance, Kraken, Coinbase and many others were attacked in September 2022. Ninety different digital assets totaling about $160 million were withdrawn from the protocol.

The attacker placed the stolen funds in the Curve Finance trading pool. These assets now represent 28% of the roughly $400 million placed in Curve’s decentralized liquidity pool, Curve 3pool.

Curve is the largest decentralized crypto exchange (DEX) deployed on the Ethereum network. According to DeFiLlama, its Total Value Locked (TVL) is about $4.5 billion.

Also Curve allows users to trade digital assets without intermediaries. They trade tokens through liquidity pools. Another part of the users provides this liquidity, for which they are charged a commission.

The liquidity providers get a small commission every time someone uses the pool to exchange tokens. The Curve 3pool platform is focused on exchanging stablecoins Tether (USDT), USD Coin (USDC) and Dai (DAI).

Because the code of Curve protocol cannot be changed after its deployment in the Ethereum blockchain. Its creators have no control over who uses the protocol or provides liquidity in the pools.

Our experts point out that even the managers of the protocol cannot change the code where the funds are stored. DEX exchange officials also noted that it is impossible to disable protocol without completely shutting down the Ethereum blockchain.

Read More

Hackers stole $211 million worth of cryptocurrency in March

Hackers have stolen a total of $255.8 million in cryptocurrencies and another $31.5 million in NFTs since the beginning of this year

Hackers made 26 hacks of crypto projects in March. In doing so, they stole $211.5 million in cryptocurrencies, according to PeckShield. In addition, attackers stole $10.9 million worth of NFT.

The largest amount in cryptocurrency was stolen in the attack on DeFi-platform Euler Finance. About $197 million was stolen here, but the hacker later apologized and returned $182.7 million to the project.

The second largest loss was the SafeMoon ecosystem hack. Hackers there withdrew about $9 million worth of assets, followed by the ParaSpace protocol attack with $5.2 million in losses and the hack of the General Bytes ATM network, which claimed $1.7 million.

A total of $255.8 million worth of cryptocurrencies were stolen in the first three months of this year. $8.8 million was stolen in January and $35.5 million in February.

In addition to cryptocurrencies, $10.9 million worth of NFTs were stolen in March. Half of the stolen tokens were sold on trading floors within the first two hours of the theft. About 74.9% of the NFTs were sold on the Blur Marketplace, while 19.5% were sold on OpenSea.

Since the beginning of the year, a total of $31.5 million worth of NFTs were stolen. In January they stole $4.4 million worth of tokens, in February – $16.2 million. Our experts recommend everyone to be careful and closely study the site before you connect your wallet.

Read More

Hackers steal $446 million from crypto platforms in 3 months of summer

The biggest losses this summer were the hackers attacks on Nomad Bridge and the Elrond blockchain network. These two projects together lost more than $300 million. Ctypro-Upvotes expert review.

Hackers have stolen more than $446 million worth of cryptocurrency in 3 summer months as a result of hacks. According to Peckshield, in August alone, the loss from 18 attacks on crypto projects was $208.5 million. In July there were 12 hacks worth $10.2 million. And in June 21 attacks resulted in $227.76 million stolen.

The largest loss was to Nomad Bridge blockchain in early August – $190 million. Elrond blockchain was hacked in June for $113 million. Also, Horizon Bridge was hacked in June, with hackers taking $100 million out of that project.

Some of the platforms announced rewards for hackers in case of return of stolen funds. So, a contract was signed with hacker who hacked the Crema Finance protocol in July. According to this agreement, he kept 45,500 SOL ($1.65 million) and returned the rest of stolen funds of $7.9 million.

Blockchain bridge Nomad offered hackers to keep 10% of total stolen funds. About $36 million in various cryptocurrencies were returned to Nomad Bridge official address, out of $190 million stolen on August 1.

 

Read More