Loading...
In 2023, the cryptocurrency landscape witnessed a series of cybercrimes, with hackers making off with nearly $2 billion worth of digital assets, according to a report by De.FI. This marked a significant decline from the record-breaking $3.8 billion stolen in the previous year, reflecting both ongoing vulnerabilities and strides made in addressing them.
De.FI's study emphasized that 2023 served as a testament to the crypto market's vulnerabilities and the progress made in addressing them. The first half of the year saw a relatively muted interest due to the ongoing bear market. Nevertheless, cybercriminals demonstrated adaptability, spreading their attacks across various platforms and exploiting weaknesses in both established and emerging projects.
In September, Hong Kong-based cryptocurrency startup Mixin fell victim to a data breach, resulting in the theft of $200 million. This incident highlighted the persistent threats faced by crypto companies, even as the industry evolves to enhance security measures.
Another hack happened yesterday with Mixin. I am not familiar with it. It was hard to understand.
— CZ 🔶 BNB (@cz_binance) September 25, 2023
A "decentralized peer-to-peer network" had a "database", which when hacked, can lose half of the users' assets...
Not everything that claims to be decentralized is.
Stay #SAFU🙏 pic.twitter.com/d2KS5ug2gi
In March, cybercriminals targeted digital lending company Euler Finance, absconding with approximately $197 million. This incident underscored the need for robust security protocols across the broader crypto ecosystem.
Another hack happened yesterday with Mixin. I am not familiar with it. It was hard to understand.
— CZ 🔶 BNB (@cz_binance) September 25, 2023
A "decentralized peer-to-peer network" had a "database", which when hacked, can lose half of the users' assets...
Not everything that claims to be decentralized is.
Stay #SAFU🙏 pic.twitter.com/d2KS5ug2gi
Prominent cryptocurrency exchange HTX also experienced a net outflow of $258 million in December, reflecting the challenges faced by even well-established platforms in maintaining the security of user funds
June witnessed a security compromise at Atomic Wallet, a popular wallet catering to both desktop and mobile users. The breach resulted in the loss of more than $35 million in crypto assets, showcasing the vulnerabilities in wallet security.
North Korea's Lazarus Group was implicated in a series of cybercrimes, contributing to the illicit laundering of over $7 billion in Bitcoin via cross-chain activities. This highlights the global nature of crypto-related threats and the challenges in attributing such attacks to specific actors.
To add to the list, on Christmas Day, cybercriminals exploited Google Ads to promote fraudulent websites that employed wallet-draining malware, MS Drainer. Scam Sniffer reported that these scammers, posing as legitimate Web3 companies, stole $3 million worth of cryptocurrency in various events on that day alone.
🚨1/ Alert: A 'Wallet Drainer' has been linked to phishing campaigns on Google search and X ads, draining approximately $58M from over 63K victims in 9 months. pic.twitter.com/ye3ob2uTtz
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) December 21, 2023
Throughout 2023, scammers continued to use MS Drainer, stealing a total of $59 million in cryptocurrencies. Despite reports to Google Ads security in April, the platform has yet to respond. Users are urged to exercise caution, especially when interacting with Web3 wallets, as phishing attacks remain a significant threat.
Scam Sniffer's investigation uncovered 10,072 fraudulent sites using MS Drainer up to 2023. Dune Analytics reported that MS Drainer stole bitcoin worth $58.98 million from over 63,000 victims. The ongoing prevalence of fraudulent websites and wallet-draining malware underscores the need for heightened user vigilance.
The Blur network faced two NFT phishing attacks within December, orchestrated by an imposter known as "Fake Phishing187019." The attacker targeted high-value NFT collections, including Moonbirds and Mutant Ape Yacht Club, resulting in the theft of prominent NFTs in the latest attack reported on December 28.
#PeckShieldAlert #Phishing #NFT #MutantApeYachtClub #184, #Moonbirds #7931 and #8749 have been stolen by #Fake_Phishing187019 on #Blur pic.twitter.com/AO0NXkjk9q
— PeckShieldAlert (@PeckShieldAlert) December 28, 2023
This incident mirrored the attacker's previous modus operandi, targeting high-value NFTs. The victims of the initial robbery, involving 7,304 Meebits and 185 CryptoPhunks, are still grappling with the aftermath. The uniqueness and rarity of these NFTs exacerbate the impact on the victims.
#PeckShieldAlert #Phishing #NFT #Meebits #7304 and #CryptoPhunks #185 have been stolen by #Fake_Phishing187019 on #Blur pic.twitter.com/SPFzxNykgo
— PeckShieldAlert (@PeckShieldAlert) December 19, 2023
The phishing attack on the Blur network exploited various vulnerabilities, including the use of ERC2771. Notably, 85 0XLBOTS and 152 CypherpunkZero NFTs have already been stolen. The blockchain community is urged to remain vigilant, with ongoing investigative efforts aimed at identifying and apprehending the perpetrator.
#PeckShieldAlert We're observing an ongoing ERC2771 + multicall attack targeting #NFTs in the wild.
— PeckShieldAlert (@PeckShieldAlert) December 19, 2023
It has already stolen 85 #0XLBOTS and 152 #CypherpunkZero. pic.twitter.com/05IrYt2pXH
As 2023 comes to a close, the crypto industry reflects on a year marked by both challenges and progress. The persistent threats of hacking, phishing, and malware underscore the need for continued collaboration within the community to enhance security measures and protect users from evolving cyber threats.
editor
A digital nomad exploring the limitless potential of decentralized finance in a centralized economy.