The breach involved a teenager, Noah Urban, who was part of a cybercriminal group known as Scattered Spider. Urban, alongside his accomplice Jack, targeted employees of major tech and crypto companies, including Crypto.com, through phishing attacks. These attacks were meticulously designed to gain access to secure data by infiltrating employee accounts. The duo successfully breached a Crypto.com employee’s account, raising alarms about potential vulnerabilities within the exchange’s security protocols.

Crypto.com Breach: A Detailed Examination

The Crypto.com breach is not an isolated incident. Similar tactics have been used against other exchanges, with Coinbase also suffering substantial losses due to insider threats. Criminals often target exchange staff to obtain sensitive data, leading to severe security concerns across the industry.

A spokesperson for Crypto.com confirmed that the breach affected a “very small number of individuals” and assured that no customer funds were accessed. Despite this, the fact that personal information was compromised is a stark reminder of the persistent threats facing crypto exchanges.

The Impact of the Crypto.com Breach

The attack on Crypto.com occurred before March 2023, when the FBI raided Urban’s operations, seizing $4 million in cryptocurrency, cash, and valuables. Urban was eventually arrested in January 2024, charged with involvement in hacking 13 companies, and sentenced to 10 years in prison after pleading guilty.

This breach has sparked criticism from figures such as blockchain investigator ZachXBT, who criticized Crypto.com for not disclosing the breach earlier. He emphasized that Crypto.com has faced multiple security issues in the past, calling for greater transparency from the exchange.

Amidst these security challenges, Crypto.com has continued to grow. Recent data from The Block indicates a volume surge for the exchange, surpassing Coinbase in August. Furthermore, Crypto.com is collaborating with Trump Media to establish a digital asset treasury focused on acquiring its native token, CRO.

Lessons from the Crypto.com Breach

The Crypto.com breach serves as a crucial case study in the importance of robust security measures for cryptocurrency exchanges. It highlights the need for ongoing vigilance and transparency to protect user data and maintain trust in the crypto ecosystem.

Crypto Security must be a top priority for all exchanges to prevent similar incidents. Implementing advanced security protocols and employee training can help mitigate the risk of breaches and protect the integrity of user data.

The post Crypto.com Breach: 5 Shocking Security Secrets Exposed appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

OFAC announced on Tuesday that it had sanctioned North Korea-based Song Kum Hyok for purportedly stealing information from US citizens to create false identities. This information was then passed on to foreign IT workers hired to seek employment in US firms. Additionally, Russian national Gayk Asatryan was sanctioned for reportedly using his companies to employ numerous North Korean IT professionals under long-term contracts initiated with North Korean trading firms in 2024.

There has been a surge in fraudulent IT personnel with connections to North Korea, officially known as the Democratic People’s Republic of Korea (DPRK), enhancing their infiltration operations. A report by Google in April highlighted that the infrastructure for these schemes has spread globally.

“The Treasury will continue to utilize all available resources to disrupt the Kim regime’s attempts to evade sanctions through digital asset theft, the impersonation of Americans, and malicious cyber-attacks,” stated Treasury Deputy Secretary Michael Faulkender.

OFAC revealed that North Korea aims to generate revenue for its ballistic missile programs by deploying a legion of highly skilled IT workers worldwide, primarily in China and Russia. The workforce primarily targets employers in wealthier nations and utilizes a variety of mainstream and industry-specific networking platforms.

The sanctions result in the freezing of all US assets linked to Asatryan, Song, and the four sanctioned Russian entities. US citizens are now prohibited from conducting financial transactions or business dealings with these parties, under the threat of civil and criminal penalties.

North Korea, infamous for high-profile hacks such as the $1.5 billion Bybit exploit, appears to be shifting tactics according to blockchain intelligence firm TRM Labs. “DPRK-linked operations are increasingly shifting towards deception-based revenue generation, including IT worker infiltration,” the firm commented.

TRM Labs estimates that actors aligned with North Korea are responsible for $1.6 billion of the $2.1 billion stolen across 75 crypto hacks and exploits in the first half of 2025.

US authorities have been intensifying their crackdown on fraudulent North Korean IT worker schemes this year. On June 30, four North Korean nationals were charged with wire fraud and money laundering after posing as remote workers at US and Serbian blockchain firms. The US Department of Justice also announced on June 5 that it was attempting to seize $7.74 million in frozen crypto allegedly earned by North Korean IT workers using false identities and working as remote contractors at blockchain firms.

The post US Imposes Sanctions on North Korean IT Group over Cryptocurrency Heists appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The court filings were part of the prosecution’s request for a two-year sentence for Council Jr. for his role in the SEC hack. The hack led to a false announcement about Bitcoin’s exchange-traded fund approval, causing a significant market shakeup. Investigations revealed that Council Jr. had also searched ‘How long does it take to delete a Telegram account’ on his devices, which were seized last June following a search warrant.

Despite setting his Telegram chats to auto-delete after two weeks, the prosecutors were able to retrieve messages where Council Jr. discussed SIM swapping with other individuals, believed to be located overseas. Council Jr. had confessed that he earned around $50,000 from offering SIM swap services between January and June 2024.

He had executed the SEC hack by creating false identity documents to impersonate an individual who had access to the SEC’s X account. These documents were used to deceive a staff member at AT&T into reassigning the victim’s phone number to Council Jr.’s SIM card. He then bought a new iPhone, inserted the new SIM card, and shared the SEC’s X account access codes with his accomplices, who then posted the fraudulent Bitcoin ETF approval news.

The prosecutors stated that Council Jr. was paid in Bitcoin and other cryptocurrencies for the SEC hack. However, his luck ran out in June 2024 when law enforcement agents caught him while attempting another SIM swap. A subsequent search warrant led to the discovery of templates for fake ID cards on his laptop. He pleaded guilty on Feb. 10, following an indictment for Conspiracy to Commit Aggravated Identity Theft and Access Device Fraud in October.

The fake news post on the SEC’s X account garnered over a million views before the SEC confirmed the hack 15 minutes later. The incident led to a $1,000 rise in Bitcoin’s price, followed by a nearly $2,000 drop, wiping out tens of millions of dollars in market positions. The SEC’s X account did not have two-factor authentication installed at the time of the incident, a security oversight that the SEC blamed on erroneous removal by X Support.

The post FBI Investigates SEC Hacker Who Searched ‘Am I Being Investigated?’ appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

According to the Hack3d report, Q1 of 2025 witnessed a shocking surge in cryptocurrency thefts. Hackers managed to abscond with about $1.67 billion through 197 security breaches, marking a nearly 303.38% rise compared to the last quarter. Predominantly, the Bybit exploit contributed to this enormous loss, accounting for approximately $1.45 billion. This security breach has since caused a ripple effect across the Web3 industry, prompting crucial discussions about the security protocols of centralized exchanges.

The report also highlighted the rising threat of private key compromises, a specific form of wallet breaches. About $142 million got stolen through these compromises in 15 separate incidents. Interestingly, despite phishing incidents outnumbering private key compromises, the total amount lost to phishing was significantly lower, at nearly $16 million across 81 incidents. This disparity indicates that individual phishing attacks tend to have a smaller financial impact.

The Hack3d report points out that fraudsters are persistently employing techniques like social engineering, artificial intelligence, and contract manipulation to circumvent even the most fortified security systems. With cryptocurrency becoming more mainstream and asset values climbing, the CertiK team anticipates a regretful upward trend in crypto thefts.

In addition to these alarming revelations, CertiK’s Q1 2025 Hack3d report also scrutinizes the most vulnerable blockchains, the top three security incidents of the quarter, key industry developments, and strategies for boosting user and protocol security. As a comprehensive security resource, Hack3d aids stakeholders in understanding the growing security risks within the Web3 sphere and equips them with the necessary knowledge for enhancing their defenses and making well-informed decisions in this high-risk landscape.

You can find the Q1 2025 Hack3d report here.

Media Contact:
CertiK
Elisa Xu
yiting.xu@certik.com

The post Crypto Security Report Reveals a Staggering 300% Rise in Q1 2025 Hacking Incidents appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The Shocking Hack of Vitalik Buterin’s Profile

Vitalik Buterin, Ethereum’s co-founder and a towering personality in the crypto world, recently became a victim of hacking. His social media profile was compromised, and a staggering $690,000 was siphoned off from unaware users. The alarming event unfolded when a hacker infiltrated Buterin’s account and posted a bogus link claiming to offer special Non-Fungible Tokens (NFTs). The magnitude of this incident becomes even more pronounced considering that the message reached Buterin’s nearly 5 million followers. The incident became widely known after a post by Buterin’s father confirmed that the account had been hacked and steps were being taken to restore it.

Unsuspecting followers were enticed to click on the link, which led them to connect their wallets for minting these purportedly exclusive NFTs. Instead, it gave the hacker access to drain their funds. Influential voices in the crypto community were swift in flagging the fraudulent post and cautioning users against engaging with it.

Renowned Ethereum developer Bok Khoo was among those affected, as he reported losing valuable NFTs from his CryptoPunks collection. The incident has sparked considerable discourse on social media safety and security within the crypto community.

Repercussions and Lessons Learned

Though the malicious post was taken down, the damage had already been inflicted. In just an hour, the hacker was able to withdraw around $147,000, which escalated to approximately $691,000 as further details emerged. Blockchain investigator ZachXBT was instrumental in tracing the financial footprint of this breach. Despite the outrage and concern, Buterin has not yet publicly commented on the incident.

Opinions vary on whether the onus of this security breach lies with Buterin’s operational security measures or with platform security features. Some suggest that the platform should upgrade its security protocols to prevent such incidents, emphasizing the need for advanced measures like two-factor authentication (2FA) for all users, not just premium ones.

This high-profile hack has further intensified the ongoing discussions about social media vulnerabilities, urging the need for developers to possibly compensate victims of such hacks. In fact, 2023 has seen a spate of cyber attacks, causing Web3 platforms to lose more than $1 billion, as per a report by Immunefi.

The Growing Concern Over Social Media and Crypto Security

The hacking of Buterin’s profile adds to the growing list of cyber threats in the digital world, casting doubt over the security features provided by social media platforms. Industry leaders, including Binance CEO Changpeng Zhao, have weighed in on the issue, stating that conventional financial systems offer better security than most social media platforms.

Two-factor authentication is often recommended as a frontline defense against hacking attempts. While some platforms offer this only to paid users, the need for universal access to such security measures is becoming increasingly evident.

This year has been particularly harsh in terms of hacks and security breaches, with an Immunefi report highlighting 211 separate incidents causing massive financial losses. Therefore, improving cybersecurity measures is not just an individual responsibility but a collective necessity for the crypto community.

The post Ethereum Co-Founder Vitalik Buterin’s Account Hacked, A Cautionary Tale in Cryptocurrency Security appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

North Korea Strikes Again!

North Korea has been linked to several high-profile cyberattacks in recent years, including the infamous WannaCry ransomware attack that caused chaos in 2017. The country is believed to have a formidable army of cybercriminals that operate from within its borders, with the aim of generating funds for the regime. These cyber criminals are highly trained and well-organized, making it difficult for law enforcement agencies to track them down.

$200 Million Hacked by North Korea

The latest attack involving Euler and Axie Infinity has resulted in losses of around $200 million, making it one of the biggest hacks of the year. Euler, a decentralized finance platform, was exploited through a vulnerability in its smart contract, while Axie Infinity was hit with a DNS attack that allowed the hackers to gain access to user wallets. The attack highlights the growing sophistication of cybercriminals from North Korea, who are constantly evolving their tactics to stay ahead of law enforcement agencies.

Euler Exploit and Axie Infinity Hack

The Euler exploit and Axie Infinity hack were carried out by cybercriminals from North Korea, who have been linked to several similar attacks in the past. The Euler exploit involved a vulnerability in the platform’s smart contract, which allowed the hackers to drain funds from several accounts. The Axie Infinity hack, on the other hand, involved a DNS attack that allowed the hackers to gain access to user wallets.

Cybercriminals from North Korea

North Korea is known to have a highly trained army of cybercriminals who operate from within its borders. These cybercriminals are believed to be responsible for several high-profile attacks in recent years, including the WannaCry ransomware attack. The regime is known to use the funds generated from these attacks to finance its nuclear weapons program, making the situation even more concerning.

North Korea’s Latest Cyberattack

The Euler exploit and Axie Infinity hack are the latest in a long line of cyberattacks carried out by North Korean cybercriminals. These attacks are becoming increasingly sophisticated, making it difficult for law enforcement agencies to keep up. The international community needs to work together to put an end to these attacks, which are causing significant harm to individuals and businesses around the world.

How North Korea Stole $200 Million

The Euler exploit and Axie Infinity hack allowed North Korean cybercriminals to steal around $200 million from unsuspecting victims. The exploit involved a vulnerability in the platform’s smart contract, while the hack involved a DNS attack that allowed the hackers to gain access to user wallets. These attacks highlight the growing threat posed by cybercriminals from North Korea, who are becoming increasingly adept at stealing funds and evading justice.

The latest cyberattack involving Euler and Axie Infinity highlights the growing threat posed by North Korean cybercriminals. These attacks are becoming increasingly sophisticated, making it more difficult for law enforcement agencies to track down the perpetrators. It is crucial that the international community works together to put an end to these attacks, which are causing significant harm to individuals and businesses around the world. Only through cooperation and collaboration can we hope to defeat this growing threat.

The post “North Korea Linked to $200M Cyberattack on DeFi Platform and Blockchain Game” appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Also, as per the original OpenSea update, the platform advised its customers to move their Ethereum-based NFTs. Users move the NFTS to a new smart contract address. A move that will cost no cent per gas fee. Users who do not complete the migration as instructed stand the chance of losing their old and inactive tokens. Further, Drawing on this detail, PeckShield, blockchain security and data analytics company is saying that the platform’s “Users authorize the “migration”. Though, the authorization, unfortunately, allows the hacker to steal the valuable NFTs.”

Moreover,  In a Twitter update shared by OpenSea’s Co-Founder and CEO, Devin Finzer, the attacker’s address has remained inactive for the time being. As per OpenSea, some of the stolen NFTs have are in the ownership of their owners. 

However, they are not aware of any recent phishing emails that have been sent to users. However, at this time, we do not know which website was tricking users into maliciously signing messages.”

OpenSea is the world’s largest marketplace for trading NFTs. Also, the platform has been the target of many malicious workers in recent times.

The post OpenSea Confirms They are Under Phishing Attack- Urged Users to Relocate NFTs New Addresses appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The DeFi Protocol was hacked in February for the first time. The hackers took off with $37.5M in a flash loan attack. As a result, Cream Finance’s price was reduced by 30% in only an hour. However, the recent hack is much worse! This time, the hackers made off with more than $130 million, almost 100% more than the first attack.

In August, the DeFi Protocol was hacked for the second time. It was involved in a multi-million dollar exploit that ended up a scam. The hacking party took away more than 418 million in AMP and almost 1300 ETH. AMP is the native token of Flexa Network. Overall, this loss was too great to be recovered from, but they got hacked once again. In only a matter of three months, Cream Finance had to lose millions of dollars to the attackers.

At the time of writing, Cream Finance has dropped by 23% after the attack. Currently, it is trading at $117.10, as mentioned by CoinGecko.

Although this DeFi protocol is repeatedly being hit, it remains the only platform to suffer such loss. There hasn’t been any other platform that had to face such attacks.

The post Cream Finance, A DeFi Protocol Suffers Third Hack- Loses Over $130M appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

In what looks like a scene from a Hollywood fiction, the hackers were also doing an AMA about how and why they pulled the biggest DeFi hack in the history of blockchain. 

Earlier on August 10, Poly Network saw $610 million worth of cryptocurrency tokens wiped out in a flash. The assets stolen were from the Ethereum, Binance Smart Chain (BSC) and Polygon Network. 

While the hackers have reportedly returned assets worth $258 million, they are yet to return the remaining $342 million. While it is not yet confirmed if it was a white hat hack, there are reasons to believe it was since the hackers have repeatedly shown interest in returning stolen assets.  

Ethical or Scam?

Some experts believe the hack was to expose the security issues on the Poly Network. However, not all have the same view. Some believe that the hackers are returning the stolen assets and are willing to negotiate because apparently, laundering cryptocurrencies and encashing stolen assets are not as easy as they may seem. The decentralized ledger technology and transparency make it more difficult to encash stolen crypto. 

The hackers have claimed they were always willing to return the stolen assets. In a series of messages during the AMA, they said:

“When spotting the bug, I had a mixed feeling. Ask yourself what to do had you facing so much fortune. Asking the project team politely so that they can fix it? Anyone could be the traitor given one billion. I can trust nobody! The only solution I can come up with is saving it in a trusted account.”

“Now everyone smells a sense of conspiracy. Insider? Not me, but who knows? I take the responsibility to expose the vulnerability before any insiders hiding and exploiting it!” the hackers added.

The post Hackers Behind The Biggest DeFi Hack, Return $258 Million Worth Of Stolen Crypto appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The source says, citing an official announcement from the company, that hackers stole the funds from Roll’s hot wallet on March 14. Moreover, after moving the funds from the wallet, hackers sold them for Ether using Uniswap.

Reportedly, the cryptocurrency hack of Roll was not the only one that took place this weekend. According to CyberScoop, users of Nifty Gateway had NFTs stolen from their accounts. The source says hackers accessed the victims’ accounts and stole artwork, while someone also reported that their credit card was used after the account hack. Nifty Gateway is a platform that enables individuals to own, buy, sell, and trade digital items on a blockchain.

The losses from cryptocurrency crime totaled $1.9 billion in 2020, according to data by Finaria. Statistics demonstrate that fraud, theft, and ransomware were the leading crypto crimes last year. DeFi-related hacks and scams counted for $129 million of crypto theft in 2020.

The post Social cryptocurrency platform Roll gets hacked over the weekend appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.