In August 2024, a single victim’s account lost approximately 4,100 BTC worth $243 million in an overnight heist. The culprits were three gamers-turned-hackers, who employed sophisticated social engineering tactics to commit the theft. The youngest among them, 19-year-old Veer Chetal, became notorious for his audacious acts.

The trio, including Chetal, Malone Lam, and Jeandiel Serrano, orchestrated a well-planned attack. They deceived the victim with fake calls from Google and Gemini support teams, convinced the victim to change their 2-factor authentication (2FA), and then transferred the funds to a compromised wallet. Moreover, they tricked the victim into sharing their screen via AnyDesk, revealing their Bitcoin private key.

Despite executing their plan successfully, their sloppy mistakes led to their downfall. Crypto investigator ZachXBT, who had been following the case closely, discovered a recording of the hackers’ live reactions as they received the stolen Bitcoin. Chetal further incriminated himself by accidentally leaking his name during the livestream and purchasing luxury items with the stolen funds.

Following the investigation, all three culprits were arrested. However, Chetal’s saga didn’t end there. After agreeing to cooperate with the authorities and pleading guilty, he was involved in yet another scam while out on bail, stealing an additional $2 million.

This case serves as a stark reminder of the need for vigilance in the digital age, especially as young, tech-savvy individuals are drawn into the world of high-stakes digital crime. Awareness, open conversations, and firm boundaries around financial access are crucial to curb such illicit activities.

The post Bitcoin Heist Unmasked: Teen Hacker Steals $243M and Unwittingly Reveals Identity appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Last Friday, the recent GMX V1 exploit culminated in a positive resolution after the person behind the incident transformed into a white-hat hacker. The perpetual and spot crypto exchange GMX suffered a loss of over $40 million on Wednesday due to an attacker exploiting a loophole in the protocol’s inaugural version on Arbitrum.

A number of online publications reported that a flaw in GMX V1’s vault contract permitted the attacker to tamper with the GLP token price via the system’s computations. As explained by blockchain security company SlowMist, the attack originated from a design deficiency in GMX v1, which allowed short position operations to instantaneously modify the global short average prices (globalShortAveragePrices). This directly influenced the calculation of Assets Under Management (AUM), thereby enabling manipulation of GLP token pricing.

Through a reentrancy attack, the hacker successfully established substantial short positions to manipulate the global average prices, artificially boosting GLP prices within a single transaction and profiting through redemption operations. Consequently, approximately $42 million worth of assets, including Legacy Frax Dollar (FRAX), wrapped bitcoin (WBTC), wrapped ETH (WETH), and other tokens, were moved from the GLP pool to an anonymous wallet.

The perpetual crypto exchange suspended GMX V1’s trading and GLP’s minting and redeeming on both Arbitrum and Avalanche to avert another assault and safeguard users’ resources. They assured that the exploit was confined to GMX’s V1 and its GLP pool. GMX V2, its markets, liquidity pools, and the GMX token were unaffected and remained secure.

Post the incident, GMX offered a $5 million white-hat bounty to the attacker on-chain and on X, acknowledging their evident skills. The GMX team explained that returning the assets within the next 48 hours and accepting the bounty would enable the hacker to “spend the funds freely” rather than risking accessing them. They also promised not to initiate any legal action and to assist the exploiter in providing proof of source for the funds whenever necessary.

The exploiter responded positively in an on-chain message, accepting the reward and initiating the return process. Lookonchain reported that they initially returned $10.49 million worth of FRAX on Friday morning. Subsequently, another $32 million worth of assets were converted into 11,700 ETH, now valued at $35 million following the surge in the altcoin’s price to $2,990.

Later, the hacker returned 10,000 ETH, worth $30 million, retaining only 1,700 ETH, valued at $5.2 million, as the bounty. GMX confirmed that the funds had been securely returned and thanked the white-hat hacker for their actions, adding a positive spin to the incident. They also notified users that “contributors are working on a proposed distribution plan for presentation to the GMX DAO and will share more information shortly.”

The post Positive Twist: Cryptocurrency Bandit Hands Back Stolen $42 Million GMX Assets appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

“A moderator under contract had their account hacked, which enabled a malicious bot to post scam links in one of our channels,” Ledger associate, Quintin Boatwright, shared on the Ledger Discord server. “The issue was swiftly addressed: the breached account was deleted, the bot was eliminated, the website was reported, and all requisite permissions were scrutinized and safeguarded.”

Some members of Ledger’s Discord channel reported that the attacker, exploiting moderator privileges, banned and silenced them when they tried to report the breach. This may have delayed Ledger’s response. However, Boatwright reassured that this security breach was a singular occurrence and that Ledger has implemented additional measures to fortify its Discord server security.

Using the compromised Ledger community manager account, the hacker informed Ledger Discord members of a recently discovered flaw in the company’s security systems. He then strongly encouraged all users to validate their recovery phrases using a fraudulent link. Screenshots of this activity were shared on X. Ledger users were instructed to connect their wallets and follow the instructions provided on-screen. The impact of this security breach remains unclear.

In a related event last month, scammers sent physical letters to Ledger hardware wallet owners, requesting them to authenticate their private seed phrases in an attempt to gain access and drain the wallets. These letters, bearing the Ledger logo, business address, and a reference number, were intended to appear legitimate and instructed users to scan a QR code and input their wallet’s recovery phrase.

Following a data leak in July 2020, where a hacker breached Ledger’s database exposing the personal information of over 270,000 customers, there were speculations that the scammers might be targeting the affected Ledger customers. The leaked data included names, phone numbers, and residential addresses. The subsequent year, several Ledger users reported receiving tampered Ledger devices in the mail that were designed to install malware upon usage.

The post Ledger Reinstates Security on Discord Following Attempted Seed Phrase Theft by Hacker Bot appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

“A malicious bot infiltrated our server through one of our contracted moderator’s compromised account and posted scam links in one channel,” Quintin Boatwright, a Ledger team member, explained on the company’s server. “We promptly addressed the issue by removing the compromised account, deleting the bot, reporting the website, and fortifying all relevant permissions.”

Apart from this, Ledger customers recently experienced another scam where they received physical letters instructing them to “verify” their devices by inputting their seed phrases on a particular site. These letters even had Ledger’s official logo, and the information seems to have been sourced from Ledger’s database breach in 2020.

“We’ve implemented additional measures to strengthen our Discord security,” Boatwright further stated. “Avoid entering your recovery phrase or linking your wallet through a Discord link.”

The scam site was reportedly deactivated as of Sunday morning.

Disclaimer: The Block is a self-governing media platform providing news, research, and data. Foresight Ventures, a majority investor of The Block as of November 2023, also invests in other crypto-oriented companies. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block retains its independence to provide objective, timely, and impactful information about the crypto industry. Here are our current financial disclosures. This article is purely informational and not meant to serve as legal, tax, investment, financial, or other advice.

The post Crypto Wallet Provider Ledger Recovers Discord Server from Hacker’s Control appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Exploiter of the Mango Markets Is Caught

At about the middle of October, Eisenberg had compromised the DeFi protocol. Through the use of two identities, he artificially inflated the price of Mango’s crypto token MNGO by 1,300 percent in just an hour by selling several perpetual contracts from one account to the other. He then borrowed $110 million in more cryptocurrencies from Mango Markets using the token as security, and promptly withdrew the money. To put it another way, he effectively stole all the cryptocurrency stored on the DeFi network.

Eisenberg engaged in a scheme involving the intentional and artificial manipulation of the price of perpetual futures contracts on a cryptocurrency exchange called Mango Markets, and other manipulative and deceptive devices and contrivances,

according to a deposition signed by an FBI Special Agent named Brandon Racz.

Agreement Reached with Mango Markets

Also, after a week of manipulation, he finally acknowledged to being involved in draining the DeFi protocol. Nonetheless, he justified his behavior by saying it was legitimate.

I believe all of our actions were legal open market actions, using the protocol as designed, even if the development team did not fully anticipate all the consequences of setting parameters the way they are.

Tweet from Avraham Eisenberg (@avi eisen) dated October 15, 2022.

He went so far as to say that because of his activities, Mango Markets went bankrupt and clients lost access to their money. Later on, he reached an agreement with Mango Markets in which he would pay back $67 million to the DAO that oversaw the protocol.

The protocol creators will not “pursue any criminal investigations or freezing of money after the tokens are returned back,” according to a message issued to the Mango Markets community following the settlement.

As of right now, Eisenberg is being accused of commodities fraud and commodities manipulation. If he’s found guilty, he might go to jail and have to pay a fine. It’s also the very first time law enforcement in the United States has taken legal action against someone for breaking a DeFi protocol.

The post Avraham Eisenberg Is Imprisoned appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The Lazarus Group is suspected of being the organization that was behind the Ronin Bridge scam. In March, a hacker gained access to the Ronin sidechain, which is connected to the main Ethereum blockchain but allows the developers of the play-to-earn game Axie Infinity, Sky Mavis, to support faster and cheaper transactions. As a result of the hack, 173,600 ETH and 25.5 million USDC were stolen, which had a market value of $625 million at the time. It is one of the most significant breaches in the history of crypto. In June, blockchain analytics company Elliptic discovered that the 100 million dollar Horizon Bridge attack could be traced back to Lazarus.

The Japanese National Police Agency did not identify any of the firms that were hacked or the sums that were taken, but it did identify the hacking gang. It’s something that the agency doesn’t usually tell the public before making an arrest because it could lead to another attack.

The post Lazarus, North Korean Hackers, Attacks Japanese Crypto Firms appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Cryptocurrency Scams!

The SMS Phishing scam is basically when the hackers send the text messages. These are well design to steal any kind of the personal details or any kind of the financial information. This is irrespective of even pretending to be the much reputable site, and also getting you to simply download the malware in your mobile phone through such SMS.

As per the shared screenshot by CEO, this scam consists of sending the users a text message. It is through the link for simply canceling the withdrawals. Thereby leading users to any such kind of the malicious website which are well engineer to harvest login credentials. For this time, it is much unclear about the number of the Binance customers that had fallen the victim for such kind of the scam.

The Scams as well as heist are quite common occurrence in entire crypto world. The crypto analytics mentioned illicit address that hold more than $10 billion worth of the cryptocurrencies, with mainly this held through wallets of cryptocurrency theft. On the other hand, the Customers that are getting defraud in it and different kind of the ways stays to be the common feature of entire crypto industry on key exchanges.

The post Binance CEO warns Cryptocurrency exchange for huge scams! appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.