The Poloniex, HTX/Heco Bridge exploits and the KyberSwap flash loan attack were the three largest incidents in November, according to blockchain security firm CertiK.
Kronos Research Halts Operations After Losing $26 Million In Security Breach
Kronos Research, a Taipei-based market maker, trading firm, and venture capital fund, witnessed the withdrawal of significant amounts of crypto assets due to a breach of its security system.
Kronos Breach: Investigation Underway
On Sunday, November 19, Kronos Research disclosed – via a post on X (formerly Twitter) – a security incident that involved unauthorized access to its API keys. Consequently, the company lost a significant amount of crypto funds and has halted all trading operations in a bid to launch a full investigation into the incident.
In the interest of transparencyAround 4 hours ago, we experienced unauthorized access of some of our API keys. We paused all trading while we conduct an investigation. Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.
— Kronos Research (@ResearchKronos) November 18, 2023
A map of funds outflow by on-chain sleuth ZachXBT summed Kronos’ losses to over $25 million in Ether. In a follow-up post on X, the company also confirmed that the losses are about $26 million in crypto assets.
In its initial announcement, Kronos revealed that the potential losses are not a significant portion of its equity. Meanwhile, the trading firm said in its latest update that all losses will be covered internally, and no partners will be affected.
Although Kronos has yet to provide an update on its resumption process, the company did say that it aims to resume trading as soon as possible.
This $26 million attack on Kronos Research represents the third most significant crypto theft in November 2023. Before this latest incident, data from blockchain security firm Certik revealed that about $173 million had been lost to crypto attacks in November, with Poloniex’s $113 million hack being the most notable yet.
How Did This Hack Affect WOO X?
Interestingly, Kronos is not the only one affected by this security incident, as WOO X is another cryptocurrency entity that has had to pause its operations momentarily. WOO X is an exchange on which Kronos functions as the market maker for its spot and perpetual futures markets.
In an address on the X platform, WOO X acknowledged Kronos’ security situation and announced a temporary pause on all trading to protect users’ positions from a lack of liquidity. The exchange, however, emphasized that all customer funds are safe.
As of this writing, WOO X has resumed trading in both the spot and perpetual futures markets. Meanwhile, the exchange claims that clients can now make withdrawals for all assets.
Nevertheless, the trading platform has faced some backlash from the online crypto community, with some people pointing to its unclear relationship with Kronos.
Crypto exchange CoinSpot reportedly suffers $2M hot wallet hack
Blockchain security firm CertiK believes the $2.4 million draining of a CoinSpot hot wallet is likely the result of a “private key compromise.”
New Cryptocurrencies Getting Created at Slowest Pace in 3 Years, CertiK Data Shows
Excluding memecoins, some 293 new tokens were added to the CoinMarketCap website, less than a fourth what was added during the bull market of late 2021, according to new data compiled by the smart-contract auditor CertiK.
CertiK, Blockchain Code Auditor, Makes ‘Strategic Workforce Adjustment’ of 15%
Just last year, the company raised nearly $150 million of fresh capital. Now, as crypto winter drags on, it is cutting jobs, citing “evolving market dynamics.”
September becomes the biggest month for crypto exploits in 2023: CertiK
The Mixin Network cross-chain protocol accounted for almost two-thirds of the crypto exploit losses in September.
Criminals more reliant on cross-chain bridges than ever after mixer crackdowns
The sanction of cryptocurrency mixer Tornado Cash in August caused the first major shift, but that is now accelerating even faster than projected.
Stake’s Hacker Moves $328,000 Worth Of Crypto From Stolen Funds
Transferred Funds By Hackers Are Estimated At $4.8 Million
On September 11, the hacker first transferred 520,000 MATIC tokens, worth over $266,000, which were bridged to the Avalanche blockchain. Some hours later, 300 BNB tokens valued at approximately $61,500 were sent to an externally owned address labeled “0x695…”.
Before these recent transfers, the hacker had bridged $4.5 million to different Bitcoin blockchain addresses. This was reported by the blockchain security company Arkham on September 7. The total amount transferred, now at $4.8 million, only constitutes 1.2% of the total $41 million stolen by the hackers.
The Stake hackers exploited the platform by gaining access to the private keys of the platform’s Binance Smart Chain and Ethereum hot wallets.
According to the United States Federal Bureau of Investigation (FBI), the Lazarus Group from North Korea – known for its involvement in various cybercrimes, including hacking and cryptocurrency-related attacks, might be behind this exploit.
The Total Amount Of Money Lost Due To Hacks And Scams Has Exceeded $1 Billion
The recent hack of $41 million from Stake has contributed to the cumulative losses from cryptocurrency hacks and scams in 2023. As a result of this incident, the total losses in the cryptocurrency industry have now surpassed the $1 billion mark.
Before the Stake attack, CertiK had reported the total losses to be approximately $997 million at the end of August. But for August alone, CertiK reported that exit scams resulted in approximately $26 million in losses. Flash loan attacks accounted for $6.4 million, and exploits caused losses of $13.5 million.
The cybersecurity firm verified that these combined losses exceeded $45 million for the past month. However, with several attacks occurring in the past two weeks, the overall figure has now crossed the $1 billion threshold.
For instance, a prominent cryptocurrency investor lost $24 million of staked Ether (ETH) in a phishing attack on September 6. Additionally, Vitalik Buterin’s X (formerly Twitter) account was compromised on September 9, and the hacker used it to trick several individuals into participating in a nonfungible token scam, resulting in a total loss of $691,000.
Considering these incidents, in addition to CertiK’s previous estimate from August, the total losses due to cryptocurrency-related incidents would now exceed at least $1.04 billion.
Other recent incidents include a withdrawal involving Pepe coin (PEPE), resulting in a loss of $13.2 million for investors. Also, a security vulnerability was exposed on the Balancer platform, resulting in damages totaling $2.1 million.
Hackers behind $41M Stake heist shifts BNB, MATIC in latest move: CertiK
A total of $4.8 million in funds have now been moved by the hacker to Bitcoin and now Avalanche.
Base project RocketSwap shares emergency plan following $865K exploit
RocketSwap Labs plans on reaching out to the exploiter on-chain, who stole an estimated $865,000 from the protocol on Aug. 14.
Weekend Wrap: Uniswap dev sacked for alleged rug, Steadefi hacker goes mixing and more
Uniswap developer AzFlin has admitted to creating the FRENS token but has argued what he did doesn’t constitute a rug pull.
Telegram trading bots are hot, but don’t trust them for custody — Security firms
There are still too many unknowns over how various Telegram trading bots store private keys, blockchain security firms told Cointelegraph.
Crypto Hacks and Exploits Cost Traders $303M in July; Worst Month of 2023
Some $52 million of assets were siphoned from Curve Finance just this weekend.
Redditor’s hacked Bitcoin is a lesson on the hidden dangers of paper wallets
“My Bitcoin was taken. How?” A Reddit user thought they were following best practices until two days ago when their Bitcoin wallet was completely cleaned out.
Pink, Pussy, Venom, Inferno — Drainers coming for a crypto wallet near you
Crypto wallet drainers, or sweepers, are malicious smart contracts that can quickly empty a crypto wallet of its funds and are a standard tool for phishing scammers.
Blockchain Security Firm CertiK Found an Infinite Loop Bug in Sui Network
The bug was found before Sui mainnet was live and the foundation granted a $500,000 award for the discovery.
CertiK receives $500K bounty after Sui blockchain threat discovery
The vulnerability dubbed “HamsterWheel” traps nodes in an endless loop similar to hamsters jogging on a wheel.
Crypto hacks falling in Q1 is but a ‘temporary reprieve’ — Blockchain firm
It was warned that the amount stolen in Q1 2023 mirrors Q2 2022, which was followed by a “record setting number of hacks.”
BONE Token Dominates India Exchange Poll, Outshining Rivals Like PEPE And FLOKI
The Shiba Inu’s governance token, Bone ShibaSwap (BONE), will grab a new and prominent listing in India. BONE overtook PEPE and FLOKI, rising to the top in an exchange poll for the next crypto listing.
Unocoin Poll Sees BONE At The Top
A crypto exchange firm in India, Unocoin, recently conducted a poll on Twitter. The poll, which presented BONE, PEPE, and FLOKI tokens, sampled customers’ feedback on the next coin for listing on the firm’s trading platform.
So far, the poll has amassed more than 9,800 votes and has 9 hours remaining to end. According to data, BONE is currently dominating the poll.
The Shiba Inu governance token shoved PEPE and FLOKI, with a wide gap accumulating about 84.7% of the total votes. Subsequently, PEPE has gathered just 7.2% of the votes while FLOKI crawls behind with 5.9% of the total votes.
Given the open inclination of the customers to BONE, the crypto firm Unicoin may soon add the token to its trading platform. Once it happens, Unocoin will be the fourth crypto exchange in India to list BONE. The other exchanges are Surypto, Giottus, and FlitPay.
Giottus crypto exchange announced the addition of BONE to its platform on May 10. The addition will see BONE traded as a pair with INR. Following the listing, Giottus also disclosed an exclusive giveaway contest to celebrate the addition of BONE.
This move aims to attract crypto enthusiasts, allowing them to win the prize of 2,000 INR. The contest is slated to end by 5 PM on May 15.
New Listing Alert!
@Giottus is thrilled to announce the listing of $BONE on our platform, with trading starting today! @Shibtoken
Get ready to trade $BONE now on INR Pair#Giottus #BONE #Shibarium #ShibariumBETA #SHIBARMY #ShibaArmy #Shiba #Shiboshis #SHIB $BONE $SHIB… pic.twitter.com/3DQO7DXEBz
— Giottus Crypto Platform (@giottus) May 10, 2023
To participate, the user will first join the Giottus social media. Then, the user will like, retweet, and tag at least three people on the giveaway contest post.
Ten lucky winners will emerge through random selection, sharing the 2,000 INR prize to get 200 INR worth of BONE each.
At the time of writing, BONE is trading at $0.8218, indicating a surge of 2% over the past 24 hours.
Shiba Inu Ecosystem Ready To Launch Cold Wallet
The Shiba Inu ecosystem has recently made impressive achievements with more innovative roll-outs.
Previously, the Shiba Ecosystem Official’s Content Marketing Specialist, LUCIE, took to Twitter to reveal the cold wallet launch this week.
The post stated that there would be more information regarding the cold wallet feature in a few days once everything falls into place.
In the announcement post, LUCIE also shared a screenshot of new moves by Shibarium, the Shiba Inu Layer 2 solution. Shibarium is organizing a general AMA with both Huobi Exchange and Certik and is considering a possible collaboration.
Featured image from Pexels, chart from Tradingview.com
Blockchain security firm freezes $160K stolen in Merlin DEX ‘rugpull’
CertiK has contacted law enforcement in the U.S. and U.K. to find the pseudonymous operators.