33 hack event(s)
Description of the event: Electrum suffers from "Update Phishing" theft. (The "Update Phishing" attack continues, and the older version (less than 3.3.4) is still under threat.)
Amount of loss: 2,000 BTC Attack method: Phishing attack
Description of the event: Gatehub Crypto Wallet Data Breach Compromises Passwords of 1.4M Users.
Amount of loss: - Attack method: Data leak
Description of the event: ZenGo co-founder Ouriel Ohayon reported on Twitter that the wallet extension SAFU Wallet apparently steals large amounts of money by injecting malicious code into users. A white hat hacker said that by inspecting the SAFU code, he found that they dynamically injected this script https://safuwallet.tk/inside.js in every page being loaded. At the same time, they use obfuscation tools to make it hard to see. Nonetheless, the white hat hackers explained that they targeted MEW, Index and Binance, using background scripts to send information to 4 different endpoints on the same domain. Therefore, the created wallet is automatically shared with them. Currently, the SAFU Wallet Google Chrome website is not available after a community request to remove the extension.
Amount of loss: - Attack method: Malicious code injection
Description of the event: Fusion released According to an official announcement, the Fusion transaction wallet (0x8e6bDa71f3f0F49dDD29969De79aFCFac4457379) was attacked on September 28, resulting in the theft of 10 million native FSN and 3.5 million ERC20 FSN tokens, worth about 5.57 million U.S. dollars. It is reported that the wallet was attacked because the private key was stolen. In response to the theft, Fusion Foundation officials have also transferred all remaining funds to the cold wallet. At the same time, Fusion officials are also tracking abnormal transactions, and uncertain evidence indicates that the theft may be caused by Fusion Foundation personnel.
Amount of loss: 10,000,000 FSN + 3,500,000 ERC20 FSN Attack method: Private key stolen
Description of the event: My Dash Wallet has been embedded with a malicious script, the malicious script will upload the user's DASH currency account balance, keystore, private key, seed and other key information to https://api.dashcoinanalytics.com/stats.php.
Amount of loss: - Attack method: Malicious Script
Description of the event: An attacker with a stolen device can extract the seed from the device. It takes less than 5 minutes and the necessary materials cost around 100$. This vulnerability affects Trezor One, Trezor T, Keepkey and all other Trezor clones. Unfortunately, this vulnerability cannot be patched.
Amount of loss: - Attack method: Extracting Seed
Description of the event: MGC wallet is exposed to carry user assets disappear, users' digital assets are aggregated to 0x4f9cxx, 0x2b29xx beginning two addresses in a short time.
Amount of loss: - Attack method: Scam
Description of the event: The TokenStore wallet was exposed as a "runaway", which swept away billions of investors' money, involving BTC, XRP, ETH and other mainstream currencies.
Amount of loss: 1,000,000,000 CNY Attack method: Scam
Description of the event: The attacker controls some of the GateHub database account API permissions, but the user's private key is secure. GateHub officials have identified 103 wallets that were compromised and a total of 18,473 accounts that may have been affected, including 5,045 with active balances.
Amount of loss: 23,200,000 XRP Attack method: Account API permissions are controlled
Description of the event: American Bitcoin payment processor BitPay stated that the company's Copay wallet was attacked by hackers. Bitpay announced on Monday that it learned of this issue from a report on Copay GitHub. The report showed that third-party JavaScript libraries used by these applications were modified and malicious code was loaded. The malware was inserted into versions 5.0.2 to 5.1.0 of the Copay and BitPay wallet applications and may be used to obtain private keys for stealing Bitcoin and Bitcoin Cash. According to reports, the attack appeared to be carried out by a developer named Right9ctrl, who took over the maintenance of the NodeJS library from the left manager. About three months ago, when Right9ctrl was granted access to the repository, he inserted malware at this time.
Amount of loss: - Attack method: Third-party JavaScript library has been modified
Description of the event: After logging in to the website for 10s, the user's wallet is emptied, the hacker hijacks the DNS server, and the user logs in to MyEtherWallet to force a redirect to the malicious website. The user was forced to redirect to a malicious website when logging in to MyEtherWallet.
Amount of loss: $ 13,000,000 Attack method: DNS hijacking
Description of the event: A hacking organization in Ukraine has stolen cryptocurrencies worth more than $50 million from the Blockchain.info by purchasing keyword advertisements related to cryptocurrencies in the Google search engine and masquerading as malicious websites of legitimate websites.
Amount of loss: $ 50,000,000 Attack method: Phishing attack
Description of the event: User orbit84 posted on Reddit that a hacker entered his hosting provider account and changed the DNS settings to his own hosted version of BlackWallet. The attacker's wallet seems to have accumulated about $400,000 worth of cryptocurrency, and its market value has almost tripled in the past month. In a statement, the founder of BlackWallet claimed that the open source online "star wallet" BlackWallet had been hacked.
Amount of loss: $ 400,000 Attack method: DNS hijacking