Summary # Since February 23, 2024, BitForex, a crypto exchange operational since 2017, ceased processing withdrawals amidst unexplained outflows of about $56.5M worth of crypto from its hot wallets. The absence of communication from BitForex, coupled with the recent departure of its CEO Jason Luo, has raised concerns over a potential inside job or exit scam.
Attackers # The identity of the scammers is unknown, but the main suspect is the CEO of the exchange, Jason Luo.
...
Summary # HyperVerse, a cryptocurrency hedge fund formerly known as HyperFund, collapsed, leading to a loss of approximately $1.3 billion for its customers. The fund, promoted by Australian entrepreneur Sam Lee and his business partner Ryan Xu, both founders of the now-defunct Australian bitcoin company Blockchain Global, has caught the attention of regulators across several countries, labeling it as a potential “scam” and “suspected pyramid scheme.” The CEO Steven Reece Lewis’s identity and background are under scrutiny, as his stated qualifications and work history are reportedly fabricated.
...
Summary # On November 22, 2023, Heco Bridge and HTX Exchange were victims of cyberattacks, resulting in over $113.3 million in losses. The attacks appear coordinated and carried out by the same attacker based on similar exploitative techniques and the connection between the two targets. Blockchain security firms CertiK, Peckshield, and Cyvers have reported over $86.6 million in digital assets losses for Heco Bridge and $13.6 million in losses for HTX.
...
Summary # On November 10, 2023, Poloniex, a custodial centralized exchange, experienced a security breach due to a private key compromise. The attacker exploited Poloniex’s hot wallets and withdrew funds across three chains: Bitcoin, Ethereum, and Tron. The total losses amounted to approximately $122.98 million, including BTC, USDT, USDC, ETH, TRX, and other assets. The stolen assets were exchanged for native tokens and transferred to sereval addresses.
Attackers # The attackers believed to be the Lazarus Group, North Korean cybercrime group.
...
Summary # On September 24, 2023, HTX, a global custodial crypto exchange, formerly Huobi Global, experienced a security breach due to a private key leak. The attacker exploited this vulnerability and extracted approximately $7.9 million worth of ETH (4,999 ETH) from the hot wallet of the exchange. After HTX identified the attacker and demanded the return of the funds, the hacker returned the stolen assets on October 7, 2023, and received a “white hat bonus” of 250 ETH, equivalent to $408,666.
...
Summary # In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network’s cloud service provider was hacked, resulting in the loss of approximately $200M. Mixin Network is a service similar to a layer-2 protocol, designed to make cross-chain transfers cheaper and more efficient. A large number of deposit addresses have been drained. The attacker compromised the cloud, recovered the private keys of deposit addresses (and hot wallet addresses, supposedly) and transferred funds in order from the highest to the lowest balance, involving 10,000+ transactions, lasting several hours.
...
Summary # On September 14, 2023, Remitano, a cryptocurrency exchange, fell victim to a security breach, resulting in unauthorized transactions on the Ethereum and TRON blockchains and a significant financial loss of $2.7 million. This incident was primarily a hack of the exchange’s hot wallet, triggered by a data leak from a third-party source. Tether’s prompt intervention helped freeze the attacker’s addresses, securing 1.9 million USDT and averting further potential losses.
...
Summary # On September 12, 2023, CoinEx, a crypto trading platform operating on various chains, experienced a massive security breach due to a private key compromise. The attacker exploited CoinEx’s hot wallets and extracted approximately $52.8 million worth of assets across 9 different chains. The stolen funds were transferred to the attacker’s addresses and then laundered via distribution between multiple addresses and smart contracts. Lazarus Group is suspected to be behind the theft, as multiple sources have confirmed an onchain connection between Stake.
...
Summary # On September 4, 2023, Stake.com, a crypto gambling protocol offering casino games and sports betting, was targeted by the Lazarus Group (also known as APT38), a group of DPRK cyber actors. The group exploited access control vulnerabilities and extracted approximately $41.4 million worth of various digital assets from the platform’s hot wallets across Ethereum, Binance Smart Chain (BSC), and Polygon networks. Stake.com reassured users that their funds were safe, and all other wallets remained operational.
...
Summary # AlphaPo, a crypto payment platform that processes payments for various gambling services, suffered a loss of more than $60 million due to a private key compromise that affected their hot wallets across Bitcoin, Tron, and Ethereum. The stolen funds were transferred to other blockchains, including Avalanche and Bitcoin. The funds on Bitcoin were deposited into the crypto mixer service Sinbad. The loss also includes the losses suffered by CoinsPaid, an entity related to AlphaPo.
...