DeFI News by Thebittimes.Com

The United States has revealed the supposed leader of crypto-ransomware group LockBit and is offering a $10 million bounty to anyone who can out key leaders from the hacking group.  The US Treasury Department outed Dmitry Yuryevich Khoroshev as the primary leader of Russia-based LockBit in a sanction issued today. According to US authorities, Khoroshev is behind the ‘LockBitSupp’ moniker and helped upgrade and manage LockBit. It also shared his Bitcoin crypto address: bc1qvhnfknw852ephxyc5hm4q520zmvf9maphetc9z. Malware-focused account vx-underground, however, claims that LockBit issued a statement to the FBI that reads, “The FBI is bluffing, I’m not Dimon, I feel sorry for the real Dimon))) oh, and he’ll get fucked for my sins))).” Vx-Underground additionally reports that Khoroshev’s information, including his address and food order history, was exposed, and that he has a fondness for Cheesecake Factory . Today’s US sanction included a $10 million reward...

A SIM swap attack on the U.S. SEC’s Twitter account led to a false tweet about Bitcoin ETF approval , briefly disrupting the cryptocurrency market. On Jan. 10, the U.S. Securities and Exchange Commission (SEC) experienced a cybersecurity breach, resulting in a misleading tweet about spot Bitcoin ETFs from its official account. This incident, caused by a SIM swap attack, briefly stirred confusion in the cryptocurrency markets. The SEC explained the situation in a statement: “The unauthorized party obtained control of the SEC cell phone number associated with the @SECGov account in an apparent ‘SIM swap’ attack .” This allowed the attack er to reset the Twitter account’s password and post the false announcement . The SEC also admitted that multi-factor authentication, a crucial security feature, was disabled for its Twitter account since July 2023. This decision contrasts with the general cybersecurity recommendations previously endorsed by SEC C...

Since late November, Angel Drainer, the tool used in the Ledger hack, has been leveraging a smart contract to modify static file domains . Angel Drainer, in essence, is a type of malicious software, or malware, that specializes in draining cryptocurrency assets from wallets. Etherscan data shows that the tool has been used since last month to update five static file domains to redirect users to compromised versions of software or web pages, thereby enabling unauthorized access to their crypto assets.  There are some more traces of #AngelDrainer.https://t.co/GzBnKwgoiy — SlowMist (@SlowMist_Team) December 15, 2023 You might also like: Network traffic surge stalls Arbitrum One Yesterday’s Ledger Connect Kit hack led to a loss of approximately $484,000 to over $600,000. The malicious file remained active for approximately five hours, although the window for fund drainage was less than two hours. Ledger pushed out a genuine software update shortly after to replace the ...

Hacks have become increasingly common in the crypto-verse. While earlier exploits were limited to stealing funds, hackers these days have been on a roll to alert projects of their vulnerabilities. An array of compromised firms over the last couple of months have managed to retrieve funds, however, the uncertainty of being attacked remains. TransitSwap, a decentralized exchange aggregator was recently drained of about $23 million. While the platform managed to recover 70 percent of the funds, the hacker had a rather distressing message for the platform. The hack er exploited an internal bug on a swap contract . However, the hack er was soon traced as his IP, email address, and associated-on chain addresses were garnered. Following the efforts of several “parties”, the hacker returned about $16.2 million. It should be noted that funds were recovered in Ether, Binance-Peg ETH as well as Binance Coin [BNB]. 30 percent of the funds are still with the hack er. While it was bro...

Floating Point Group (FPG) has suspended fund deposits and withdrawals on its platform citing a security breach. The company claims that between $15 million to $20 million has been stolen from its coffers and it’s now collaborating with law enforcement agents to investigate the heist. FPG targeted by hackers  Floating Point Group (FPG), a digital assets brokerage company headquartered in Southeast Asia and Asia Pacific (APAC), has indefinitely suspended fund withdrawals , due to a cyber security attack it encountered on June 11. According to a Twitter thread by FPG, upon discovering the security breach, it froze all third-party accounts under its custody and migrated funds to more secure wallets. Though the team claims its account segregation system cushioned the impact of the attack, the bad actors however managed to steal between $15 million to $20 million. Founded in 2018 by John Peurifoy, Kevin March, and Van Phu, FPG claims to eliminate the barriers to liquidity acc...