Curve Finance resolves site exploits, directs users to revoke recent contracts: Finance Redefined

Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. This past week, cross-bridge protocols became the center of DeFi discussions as a new report showed RenBridge was used to launder $540 million in stolen funds. Curve Finance, on the other hand, resolved its site exploit and directed users to revoke any recent contracts. Interlay, a London-based blockchain firm, launched a Bitcoin (BTC)-based cross-chain bridge on Polkadot named interBTC (iBTC), DeFi platform Oasis.app says…

Read More

Solana and Nomad bridge fall prey to exploits losing millions

Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week. This past week, the DeFi ecosystem saw two exploits one after another resulting in the loss of millions of dollars. First, cross-bridge token platform Nomad became a victim of what many deemed a decentralized robbery that saw almost $190 million drained out of their wallets. Solana ecosystem became the victim of a widespread unknown attack that saw thousands of wallets getting drained out of…

Read More

Possible ‘white hat hacker’ exploits THORchain for $8M, proposes 10% bounty

Cross-chain decentralized exchange THORChain has suffered its second multi-million-dollar hack in as many weeks, with $8 million worth of Ether impacted. However, the attack appears to have been carried out by a white-hat hacker, with THORChain announcing the perpetrator had requested a 10% bounty. ETH will be halted until the code has been audited. Liquidity providers impacted by the exploit will be subsidized using the project’s treasury funds The whitehat requested a 10% bounty – which will be awarded if they reach out, and they should be encouraged to do…

Read More

Growing pains? DeFi exploits plunder BSC, which calls for reinforcements

Several decentralized finance (DeFi) protocols running on Binance Smart Chain (BSC) have fallen victim to major exploits in recent months as the sector continues to see substantial growth in 2021. Binance’s very own smart contract blockchain platform has seen a surge in demand since its launch in September 2021, due to its low fees and high throughput. This has allowed the Binance Smart Chain to appropriate a percentage of the DeFi market as platforms looked for an alternative to Ethereum’s high gas fees. While Ethereum still commands the lion’s share…

Read More

CipherTrace expands to cover Binance Smart Chain amid wave of exploits

Cryptocurrency and blockchain intelligence company CipherTrace has announced analytics support for Binance Smart Chain (BSC) amid a rise in attacks and vulnerabilities on protocols running on the network. In an announcement on May 27, the firm stated that it aims to identify higher-risk financial transactions taking place on BSC and its decentralized applications which now number more than 600. CipherTrace already tracks the activity of over a thousand digital assets. Dave Jevans, CEO of CipherTrace, stated that once support for a blockchain is added, the firm can add analytics for…

Read More

DeFi hacks and exploits total $285M since 2019, Messari reports

Decentralized finan’s rising popularity since 2019 has seen the emerging market segment become a target for hackers and opportunistic profiteers. According to a report by crypto research company Messari, DeFi protocols have lost about $284.9 million to hacks and other exploit attacks since 2019. This figure is about 0.65% of the adjusted total value locked of the Ethereum-based DeFi market, according to data from DappRadar. In February Messari calculated that over $284 million in DeFi was lost to hacks since 2019 At this point in time, the decentralized insurance industry…

Read More

Smart contract exploits are more ethical than hacking… or not?

There has been a lot of talk about the recent “hacks” in the decentralized finance realm, particularly in the cases of Harvest FInance and Pickle Finance. That talk is more than necessary, considering hackers stole more than $100 million from DeFi projects in 2020, accounting for 50% of all hacks this year, according to a CipherTrace report. Related: Roundup of crypto hacks, exploits and heists in 2020 Some point out that the occurrences were merely exploits that shined a light on the vulnerabilities of the respective smart contracts. The thieves…

Read More

Roundup of crypto hacks, exploits and heists in 2020

Unlike in previous years, crypto news in 2020 has not been dominated by major exchange hacks and million dollar Bitcoin thefts. However, there have still been quite a few and most of them have originated from the nascent decentralized finance sector. DeFi has been one of the main drivers of crypto market momentum in 2020 and it stands to reason that the emerging financial landscape has been a magnet for scammers and hackers. Largely unaudited smart contracts coupled with cloned code have been a recipe for vulnerabilities and exploits, often…

Read More

Massive Cyberattack on Australia Uses Cryptojacking Exploits

The Australian Cyber Security Centre said a group of “state actors” hacked Australian networks on June 19 and one of the vulnerabilities they exploited is related to cryptojacking malware attacks.  According to the 48-page report released on June 24, the threat actors exploited four critical vulnerabilities in Telerik UI, including CVE-2019-18935, which was recently leveraged by the Blue Mockingbird malware gang to infect thousands of systems with XMRRig, a Monero (XMR) mining software. Vulnerability mostly used for cryptojacking purposes Although the advisory didn’t say if hackers could have installed cryptojacking…

Read More

Botnet Exploits SQL Servers to Install Crypto Mining App

Recent reports revealed that a group of hackers behind the Kingminer botnet targeted vulnerable Microsoft SQL server databases to mine cryptocurrencies at some point in the second week of June. According to the cybersecurity firm Sophos, the attackers used the botnet, active since 2018, to exploit the BlueKeep and EternalBlue vulnerabilities, by also accessing through a trojan known as Gh0st, which relies on a remote access malware. Once the SQL server database is infected, the botnet installs a well-known crypto miner software called XMRig, which mines Monero (XMR). There are…

Read More