Blockchain security firm Peckshield revealed on Feb. 26 that an exploiter labeled address associated with the Kyberswap hack had bridged approximately 800 ether tokens from Arbitrum to the Ethereum blockchain. On the same day, the Kyberswap team unveiled revised dates for reimbursing users impacted by the hacking. Kyberswap Hacker Starts Moving Funds Peckshield Alert, a […]
Source link
In a recent turn of events, Ripple faced a significant security breach resulting in the loss of $112 million worth of XRP. Despite this setback, the cryptocurrency community has witnessed remarkable resilience from XRP whales, who have chosen to maintain their coin holdings. This unwavering support, coupled with Ripple’s swift response, has instilled confidence in the platform’s long-term viability.
On-chain data provided by Santiment reveals that XRPLedger experienced a surge in whale transactions following the hack. A total of 217 transactions involving $1 million or more in XRP were recorded, marking the highest activity since July 2022. This surge underscores the whales’ belief in XRP’s potential, despite the temporary market turbulence caused by the hack.
Furthermore, wallets holding at least 10 million XRP now collectively possess 67.2% of the available supply, a concentration not seen since December 2022. This consolidation of XRP among influential investors indicates their long-term commitment to the asset.
Source: Santiment
In the wake of the hack, Ripple co-founder Chris Larsen provided reassurances that the Ripple blockchain itself remained secure. The unauthorized access was limited to his personal XRP accounts, separate from Ripple’s operations. Larsen’s prompt action in notifying exchanges to freeze the affected addresses demonstrates Ripple’s dedication to protecting its users’ assets.
Moreover, Ripple is actively collaborating with law enforcement agencies, and a substantial portion of the stolen funds has already been frozen. The team is diligently pursuing the remaining funds to ensure a comprehensive resolution of the situation.
XRPUSD currently trading at $0.49335 on the daily chart: TradingView.com
Amidst the Ripple hack incident, an unusual withdrawal of 20.62 million XRP tokens from Binance, the world’s largest cryptocurrency exchange, has raised eyebrows. While initial speculation pointed towards an external entity, further investigation revealed that the tokens were sent to an address associated with Binance’s hot wallet for storing XRP.
🚨 20,620,032 #XRP (10,572,279 USD) transferred from #Binance to unknown wallet
— Whale Alert (@whale_alert) January 31, 2024
This development suggests that the $10 million transfer may be an internal operation within the exchange rather than a whale’s activity in the broader cryptocurrency market. Binance has yet to provide an official explanation for this movement, adding an element of intrigue to the situation.
The Ripple hack incident has undoubtedly shaken the cryptocurrency community, but the unwavering support from XRP whales and Ripple’s proactive response have demonstrated the platform’s resilience. As the investigation into the hack continues and Binance sheds light on its mysterious XRP transfer, the Ripple ecosystem stands poised to emerge stronger from these challenges.
As the crypto community grapples with the intriguing dynamics surrounding the recent substantial XRP withdrawal from Binance, the broader question emerges: Is the current dip in XRP’s price merely a temporary setback or a prelude to a significant upward trajectory? Despite the recent setback and a price decline to $0.49, down 3.7% in the last 24 hours, the resilience of whale holdings amid the aftermath of the Ripple hack introduces a compelling narrative.
Featured image from Pixabay, chart from TradingView
Disclaimer: The article is provided for educational purposes only. It does not represent the opinions of NewsBTC on whether to buy, sell or hold any investments and naturally investing carries risks. You are advised to conduct your own research before making any investment decisions. Use information provided on this website entirely at your own risk.
Digital assets associated with the decentralized finance (DeFi) project Abracadabra Finance, including its Magic Internet Money (MIM) stablecoin, values fell after its team confirmed an exploit of the platform.
In a Jan. 30 post on social media platform X (formerly Twitter), the project’s team acknowledged an ongoing exploit involving certain Ethereum cauldrons. “Our engineering team is triaging and investigating the situation,” they added.
Data from CoinMarketCap shows that the security incident resulted in the ecosystem’s MIM stablecoin deviating from its $1 peg. The asset’s value fell to as low as $0.77 before recovering to $0.92 as of press time.
The team assured that its decentralized autonomous organization (DAO) would strive to help the stablecoin regain its peg.
“To the best of its Ability, the DAO treasury will be buying back MIM from the market to then burn.” the team stated.
Similarly, the protocol’s SPELL reward token declined 2.43% to $0.00051 as of press time, according to CryptoSlate data.
Furthermore, the security incident has rapidly dropped the total value of assets locked on the platform. Data from DeFillama shows that the protocol’s assets under management rapidly fell by around $23 million to $139 million.
However, data from Abracadabra’s website pegs the total outflow to $10.3 million and its TVL at $150 million as of press time.
Abracadabra Finance is a DeFi lending protocol allowing users to borrow its Magic Internet Money (MIM) stablecoin using different cryptocurrencies as collateral.
Blockchain security firm CertiK told CryptoSlate that the protocol was exploited for $6.5 million.
According to CertiK, the attacker was funded via the crypto-mixing tool Tornado Cash and created an attack contract that exploited a rounding error issue on the platform.
“The exploiter repeatedly called userBorrowPart() and repay() from the project’s V4 Cauldrons with early indications pointing to a rounding issue,” CertiK furthered.
Consequently, the attacker was able to siphon $6.5 million in MIM and immediately converted the stolen assets into Ethereum that were sent to two externally owned addresses,
Orbit Chain, a cross-chain platform, announced in an X message on Jan. 1 that it suffered an attack on the previous day.
The project wrote that it confirmed “unidentified access” to its bridge platform late on Dec. 31. Orbit Chain said it is engaging with international law enforcement. It said it is working with the security firm Theoria to find the root cause.
Hours later, Orbit Chain provided specific details of the attack. It said that an attacker used Tornado Cash to supply initial ETH for the attack, then used several wallet addresses to receive the stolen cryptocurrency. It identified various transaction IDs that attacked Orbit Bridge’s Ethereum Vault. However, it continued to describe the main attack route as “unidentified.”
Orbit Chain has not stated whether users are affected or announced recovery plans. The project warned that any reimbursement offers are scams.
Orbit Chain additionally stated that it is working with crypto exchanges to freeze assets and has attempted to contact the attacker.
Though Orbit Chain did not state how much was stolen during the attack, the security firm PeckShield estimated the attack’s value at $81.5 million. It noted that this amount comprises $30 million USDT, $10 million USDC, $10 million DAI, 230.879 WBTC ($10 million), and 9,500 ETH ($22 million).
PeckShield provided a chart suggesting that the attacker used the decentralized exchange Uniswap to swap certain funds for ETH.
Metamask lead product manager Taylor Monahan also commented on the hack. She called the incident “methodical” based on the pattern of attack.
Monahan said the hack could be one of the many this year that leads to “handing [North Korea] billions of dollars on a silver platter.” She identified a security certificate that links Orbit Bridge’s owner, Oyzs, to Korea through the country’s K-ISMS certification. U.S. authorities have previously tied other cryptocurrency attacks involving Tornado Cash to North Korean hacking groups, including attacks on Ronin Bridge and Horizon Bridge in 2022.
Monahan added that Orbit Bridge shares a creator with KlaySwap and Belt Finance, which were hacked for $2 million in 2022 and $6 million in 2021. All three projects are associated with the Klaytn blockchain ecosystem.
Orbit confirmed on Jan. 2 that the stolen assets had yet to be moved from the attacker’s address.
Saving for retirement isn’t easy, and if you’re falling behind, you’re not alone. A 2023 report from Vanguard found that the median 401(k) balance among Vanguard participants was just $27,376. Meanwhile, the average worker is expected to need around $1.8 million to retire comfortably, according to a survey from Charles Schwab.
However, many people are stretched thin financially and finding extra cash to save isn’t always possible. The good news is that if you have access to a 401(k) plan through your employer, there’s a simple hack that can instantly double your savings with next to no effort. Here’s how.
Image source: Getty Images.
If you have a 401(k), you might also have access to matching contributions from your employer. Not all plans offer this perk, but of those that do, the employer will generally match a worker’s 401(k) contribution up to a certain percentage of their salary.
The employer match is essentially free money and can instantly double your savings without any extra effort on your part. If you’re not taking full advantage of this perk, you could be leaving thousands of dollars on the table.
As of 2022, U.S. workers earned a median wage of around $55,000 per year, according to the Bureau of Labor Statistics. In addition, the average 401(k) match was 3.5% of an employee’s salary — or around $1,925 per year, in this case.
Let’s say that in one scenario, you’re contributing $1,000 per year to your 401(k) and earning a $1,000 annual match from your employer. In another scenario, say you’re saving $1,925 per year and earning that full amount in matching contributions, too.
Assuming you’re earning a modest rate of return of 8% per year — though stock market returns are not guaranteed — here’s approximately how much those savings would add up to over time in both situations:
| Number of Years | $1,000 per year + $1,000 company match | $1,925 per year + $1,925 company match |
|---|---|---|
| 20 | $92,000 | $176,000 |
| 25 | $147,000 | $282,000 |
| 30 | $227,000 | $436,000 |
| 35 | $345,000 | $664,000 |
| 40 | $519,000 | $998,000 |
Data source: Author’s calculations via investor.gov.
In other words, contributing that additional $925 per year (or around $77 per month) could amount to nearly half a million dollars more after 40 years once you factor in the employer match, and if your returns work out to 8% per year.
By not taking full advantage of these contributions, you could be missing out on a lot of money throughout your career.
Money is tight for millions of workers, and many people simply don’t have hundreds of dollars per month to save. That’s OK. Even if you can’t max out your employer match, saving whatever you can afford (even if it’s just a few dollars per week) still adds up.
When it comes to saving for retirement, time is your most valuable asset. The more years you have to let your money grow, the more you can potentially earn. Rather than putting off saving until you can contribute more, it’s often better to invest whatever you can now while time is on your side.
This is especially true if you’re earning matching 401(k) contributions. When your savings are doubled, even small amounts can go further than you might think.
Not everyone will have access to a company 401(k) match, but if you do, it’s wise to take full advantage of it. While these contributions may not seem like much, they could potentially add up to hundreds of thousands of dollars in retirement savings.
Cryptocurrency exchange HTX, previously known as Huobi Global, announced that it will fully compensate users for the losses incurred in a $13.6 million hack on Nov. 22 and intends to restore withdrawal and deposit services within 24 hours, according to a press release.
The announcement follows a significant security breach on Nov. 22 that led to the loss of funds from its hot wallets, causing the exchange to suspend deposits and withdrawals.
According to HTX’s official statement, the funds lost during this incident constitute only a minor fraction of the platform’s total capital. This assurance is part of the exchange’s commitment to guaranteeing 100% safety of user funds.
HTX also confirmed that its normal operations remain unaffected.
This hacking incident is part of a larger orchestrated attack against the HTX Eco (HECO) Chain bridge, which also involved Tron (TRX) and BitTorrent (BTT). Notably, all these entities have links to or are under the de-facto control of Chinese blockchain entrepreneur Justin Sun.
HTX has assured users that it remains committed to its primary responsibility to protect user assets and information. The platform said it plans to implement all necessary measures to prevent such security breaches in the future.
The latest incident marks the fourth hack in the past two months targeting HTX and entities associated with Justin Sun. The most significant was the $100 million Poloniex exploit on Nov. 10, reportedly due to a private key compromise.
Justin Sun has commented on the situation, stating that investigations are ongoing into the specific reasons behind the hacker attack. He assured that service resumption would follow the completion of these investigations.
Meanwhile, a $10 million white hat bounty remains open for the return of the stolen funds in the Poloniex exploit.
As the crypto world reels from these security breaches, HTX’s pledge to fully compensate affected users reflects a growing trend among exchanges to prioritize user trust and security in the face of increasing digital threats.
The company behind Atomic Wallet has asked a United States court to dismiss a class action suit seeking damages from a $100-million hack, arguing the claims should’ve been filed in Estonia, where it’s based.
In a Nov. 16 dismissal motion in a Colorado District Court, the Estonian firm argued it has “no U.S. ties,” and its end-user license agreement required all litigation against it to be filed in its home country of Estonia.
Atomic pointed out that only one user in Colorado was allegedly affected.
The firm also claimed the 5,500 allegedly affected Atomic users agreed to its terms of service, which expressly disclaims liability for losses due to theft and limits damages to $50 per user.
Atomic said the plaintiff’s negligence claims also lack legal merit because a legal duty was never created in which they were to maintain Atomic Wallet’s security and protect against hacking.
Related: Crypto exchange Upbit targeted by hackers 159K times in H1: Report
“This Court has repeatedly rejected similar claims because Colorado recognizes no such duty,” it wrote.
Allegations of fraudulent misrepresentation were also struck down by the Estonian-based wallet provider.
The plaintiffs launched the class action in August, two months after a $100-million exploit on Atomic Wallet with up to 5,500 users affected — with both North Korean and Ukrainian groups blamed for the attack.
Magazine: Should crypto projects ever negotiate with hackers? Probably
Poloniex said it has resumed deposit and withdrawal services after a recent breach of its hot wallets, according to a Nov. 15 statement.
On Nov. 10, a malicious actor compromised one of the exchange’s hot wallets, moving more than $100 million worth of digital assets, including Ethereum (ETH). At the time, the attacker had used the stolen funds to pump the Tron blockchain’s native TRX token, prompting speculations of an insider job.
Following the incident, Justin Sun, the exchange owner, confirmed that the firm was investigating the hack but failed to disclose specifics regarding the theft. However, he offered a 5% reward to the hacker if he chose to return the stolen funds.
A recent update from Poloniex confirmed that it has nearly completed its efforts to restore wallets, allowing the platform to function smoothly.
“In response to your concerns about Poloniex deposit and withdrawal services, we are pleased to announce that the restoration efforts have mostly been completed, and the platform is now operating smoothly,” Poloniex said.
Meanwhile, the firm has engaged an unnamed “top-tier” security firm to bolster user fund security, though ongoing security audits are still underway. Following these audits, the platform plans to resume deposit and withdrawal services promptly.
Poloniex has yet to respond to CryptoSlate’s request for additional commentary.
The exchange has yet to provide public information on its plan to reimburse affected users. However, Sun had previously assured the community that Poloniex was in a healthy financial position and would fully reimburse the affected funds.
Meanwhile, Poloniex is not the only Sun-linked exchange that has recently suffered a hack. In September, HTX was compromised in an exploit that resulted in a loss of $7.9 million. However, the attacker returned all of the assets siphoned from the platform.
Galxe is making users whole by 110% if they lost funds in a recent hack, the firm announced on Oct. 10. “We want to express our deepest gratitude to those who are standing by us during this difficult time,” the company said.
Users’ funds will be automatically returned on Oct. 16 to the wallet addresses they were taken from unless they request another handling. The affected users will be paid in Tether (USDT), with the value calculated as of 10:00 am UTC on Oct. 9.
Attention Raisers!
The first October partnership campaign on Galxe is landing at 12 PM (UTC) on October 5th!
Just 200 spots are up for grabs! – FCFS!
Don’t forget to flaunt your Galxe role on Discord and keep following us on Galxe for exclusive event access!… pic.twitter.com/JacShzKVXj
— CoinRaise (@CoinRaise_xyz) October 4, 2023
Users who authenticated transactions on a phishing site on Oct. 6 were affected, Galxe said in a letter to users. The hack lasted just over five hours.
In a preliminary estimate dated Oct. 10, over $396,000 of losses were recorded in amounts ranging from over $53,000 to just pennies. The company had estimated earlier that around 1,120 users were affected by the hack.
Related: Crypto suffered 153% YoY increase in hacks and scams in Q3: Immunefi
Platform co-founder Charles Wayn told Cointelegraph in a written response that Galxe is working with two security firms to track down the hacked funds. In addition, it has improved its domain name service security settings, changed its domain provider and is conducting security audits. Wayn said:
“The incident was mainly caused by [domain registrar] Dynadot resetting our account information and granting permission to an impersonator who provided fake documentation claiming to be an authorized member of Galxe.”
The Galxe protocol is a permissionless self-sovereign identity infrastructure. Its native GAL token fell from $1.20 to $1.15 on Friday, Oct. 6. It reached $1.21 over the weekend with high trading volume through Saturday morning. It had settled at $1.16 at the time of writing, according to CoinGecko.
Magazine: Should crypto projects ever negotiate with hackers? Probably
HTX has announced that the hacker has until October 2, 2023, to return the funds.
The HTX crypto exchange, formerly known as Huobi, has lost a total of $7.9 million to hackers in a September 24 attack. The amount lost in the HTX hack was first noted by a blockchain analytics platform Cyvers.
That was before the report was later confirmed by Tron founder and HTX advisor Justin Sun on Monday. Taking to his X (formerly Twitter) account, Sun wrote:
“HTX has suffered a loss of 5,000 ETH due to a hacker attack.”
However, he was also quick to put to bed all customer fears concerning their assets. Sun noted that “HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues.”
Meanwhile, it appears that the exchange has already figured out who the attacker. It could become clear from a message posted by a known Huobi hot wallet the morning after the attack. The wallet is owned by blockchain analytics platform Arkham Intelligence, which is listed on a Huobi support page as belonging to it.
Per the message, the exchange is willing to take only 95% of the amount stolen, while the hacker may keep the remaining 5% as a reward for their troubles.
The offer, though, is time-bound. HTX exchange has announced that the hacker has until October 2, 2023, to return the funds. The exchange noted that a failure to return the fund would result in the hacker facing the full wrath of the law. The statement says in part:
“If you do not return the funds by the deadline, we will request judicial intervention.”
Without a doubt, 2023 has been quite a rollercoaster year so far, at least for many crypto exchanges. First, there is the battle of compliance that they constantly face with regulators. Then, they also have to deal with endless attacks from relentless bad actors.
These attacks have been particularly impactful on exchanges this year, leading to the loss of a sizeable amount of crypto assets. And HTX’s recent attack easily adds to the list.
To put the above statement into perspective, the highly dreaded North Korean-affiliated Lazarus group alone has amassed no less than $40 million in Bitcoin from their criminal escapades over the year.
Nonetheless, users continue to raise concerns as to whether exchanges even do enough to ensure that unfortunate incidents such as this do not repeat themselves in the future.
next
Mayowa is a crypto enthusiast/writer whose conversational character is quite evident in his style of writing. He strongly believes in the potential of digital assets and takes every opportunity to reiterate this.
He’s a reader, a researcher, an astute speaker, and also a budding entrepreneur.
Away from crypto however, Mayowa’s fancied distractions include soccer or discussing world politics.