What Went Wrong

Early forensics link the Balancer exploit to a flaw in the manageUserBalance function. The Balancer v2 vulnerability let attackers move internal balances without authorization. In simple terms, one faulty permission check opened a backdoor across every protocol using the same module.

Investigators are still examining whether the bug came from a recent code update or an old oversight. Balancer Labs has urged liquidity providers to exit affected pools while it prepares a fix.

>>> Read more: Ethereum Fusaka Hard Fork Nears December Mainnet Launch

The Fork Domino Effect

The Balancer forks affected included Beets.fi (Beethoven X) and Berachain’s BEX exchange. Each relied on Balancer’s vault contracts with almost no changes. The Beets.fi hack forced developers to halt swaps and launch an emergency DAO vote. The Berachain exploit led to a full pause of its exchange while engineers drafted patches.

The episode shows a clear problem in DeFi. Code reuse speeds innovation but also synchronizes failure. When one shared contract breaks, its clones follow. As one auditor said, open-source code “compounds both efficiency and exposure.” The Balancer security breach turned a single-protocol issue into a network-wide crisis within hours.

How the Attack Unfolded

The first warnings appeared late Sunday UTC. Tracking firms noticed sudden withdrawals from Balancer Vaults on Ethereum. Soon after, similar drains hit Polygon, Base, and Sonic. Initial estimates showed $70 million in losses. Hours later, totals rose to $128 million as analysts linked cross-chain addresses.

The Balancer hack now ranks as the largest DeFi exploit of the year. Most of the Balancer hack losses involved wrapped-asset liquidity tokens. The attacker consolidated funds into new Ethereum wallets and moved portions through bridges to hide the trail. No recovery or freeze has been confirmed.

Market and Ecosystem Reaction

After the Balancer exploit, the BAL token fell about seven percent. Liquidity on major pools thinned as users withdrew funds. Trading volume briefly shifted to Uniswap and Curve. Fork developers coordinated with auditors to push urgent patches.

Analysts say the case proves DeFi needs modular audits and shared bug-bounty pools. Separate audits for identical codebases are not enough. Industry groups are already discussing version tracking and collective vulnerability registries for forked contracts.

Outlook: Cooperation as Defense

The Balancer hack remains a defining moment for DeFi security. Balancer Labs, Beets.fi, and Berachain are preparing post-mortems and tracking stolen wallets. The attack highlights DeFi’s paradox: open code brings progress; and contagion.

Balancer v3 is expected to emphasize stronger code isolation and stricter upgrade controls. Yet the deeper lesson goes beyond Balancer. In a world of composable finance, one DeFi exploit can cascade through every fork that shares its code.

The post Balancer Exploit Spreads Across Forks as Shared v2 Code Fuels $128 Million Drain appeared first on CrispyBull.

The Multisig Breach That Sparked It All

UXLINK, a Web3 social protocol, experienced a collapse of its governance system when attackers compromised its multisig wallet. This enabled them to mint more than $2 billion worth of CRUX tokens, far exceeding the project’s intended supply. While the headline number shocked the industry, analysts estimate the actual realized losses were closer to $11–48 million, depending on token liquidity and sell-offs.

Market Fallout and Exchange Warnings

The market reaction was swift. The UXLINK token price fell by over 70%, wiping out months of gains. Major exchanges such as Upbit issued trading warnings, and others flagged the project as high-risk to protect users. Confidence in UXLINK evaporated overnight. As a result, discussions quickly shifted from concern to skepticism over whether the project could recover.

>>> Read more: GMX Hack: Attacker Returns $37M in Deal After $42M Exploit

The Twist: Hacker Becomes the Hacked

If the exploit wasn’t strange enough, the attacker soon faced an even stranger twist. In what many called crypto karma, the wallet that drained UXLINK later fell victim to a phishing attack. A large portion of the stolen tokens disappeared.

The irony hasn’t gone unnoticed. Lookonchain commented: “Interestingly, the hacker who attacked $UXLINK was targeted by a phishing attack and lost 542M $UXLINK($48M).”

Community reaction was swift and merciless. Memes flooded social media, mocking both UXLINK’s flawed defenses and the hacker’s own lack of awareness. What began as one of the largest minting exploits in recent memory turned into a comedy of errors.

Lessons From the Chaos

The UXLINK breach highlights deeper problems in the DeFi security landscape. Multisig wallets, long seen as safeguards against unilateral exploits, once again proved vulnerable to poor governance and errors. At the same time, the fact that even the hacker fell for basic phishing tactics shows how trust in Web3 systems remains fragile. For investors, the message is clear: no protocol is too big, too decentralized, or too well-funded to avoid catastrophic mistakes.

>>> Read more: August 2025 Crypto Hacks: $163M Lost

The UXLINK hack will be remembered not just for the billions in tokens minted or the millions in market losses. It will also be remembered for the sheer absurdity of its aftermath. In the end, both the project and the attacker lost — one to compromised governance, the other to a scam as old as the internet. The episode is a stark reminder that in crypto, the line between victim and villain can blur faster than the market can crash.

The post UXLINK Hacker Gets Hacked: $2B Token Minting Scandal Takes a Bizarre Turn appeared first on CrispyBull.

Though the attack was contained within five hours on December 2, 2024, the incident underscores the growing sophistication of threats targeting decentralized platforms. It also highlights the urgent need for developers, investors, and end-users to address security vulnerabilities in blockchain ecosystems proactively.

A Sophisticated Attack With Far-Reaching Implications

The attackers gained unauthorized access to a GitHub account with publishing rights to the Solana Web3.js library, a critical JavaScript tool for building decentralized applications (dApps) on Solana. By injecting malicious code into the compromised library versions, the perpetrators created a backdoor that allowed them to steal private keys, potentially granting access to users’ cryptocurrency wallets.

Major Solana ecosystem projects, including Phantom and Solflare, quickly reassured users that they were not impacted, as they did not rely on the affected library versions. Nevertheless, smaller projects and independent developers were vulnerable, with several reporting significant losses. Estimates suggest financial damage in the six-figure range, illustrating the attack’s tangible impact.

Effective Containment and Community Action

While the attack posed a serious threat, the Solana community’s swift response limited the damage. Security researchers promptly identified the breach, and developers removed the malicious versions from repositories within hours. A patched version (1.95.8) was released, and affected users were advised to rotate private keys and update their dependencies immediately.

This rapid containment effort underscores the resilience of the blockchain community. However, it also serves as a wake-up call for stakeholders to prioritize security measures in open-source development.

Supply Chain Risks in Blockchain Development

The Solana Web3.js incident is the latest in a growing series of supply chain attacks targeting open-source libraries. Such attacks exploit the interconnected nature of software dependencies, allowing malicious actors to compromise multiple projects by targeting a single widely-used component. For blockchain ecosystems, where decentralized security is paramount, these vulnerabilities can erode trust and cause substantial financial losses.

Experts emphasize the need for proactive measures, including:

• Dependency Audits: Regularly reviewing and updating dependencies to detect and mitigate vulnerabilities.
• Access Controls: Strengthening authentication and authorization protocols for key developer accounts.
• Real-Time Monitoring: Deploying tools to detect unusual activity in software repositories.

Lessons for the Blockchain Ecosystem

This incident highlights the balancing act between the benefits of open-source collaboration and the risks of insufficient oversight. As the blockchain industry matures, both developers and users must adopt a security-first mindset. For developers, this means integrating robust security protocols into their workflows. For users, it means remaining vigilant and promptly addressing potential threats.

>>> Read more: DeFi Security: $1.5B Lost to Hacks in 2024

The Solana Web3.js attack underscores a hard truth: even the most innovative decentralized platforms are not immune to centralized vulnerabilities. It is only through a combination of technological innovation, community collaboration, and rigorous security practices that the blockchain ecosystem can build resilience against future threats.

The post Solana Supply Chain Attack: Developers Scramble to Mitigate Risks as Six-Figure Losses Surface appeared first on CrispyBull.

A Breakdown of the Incident

The breach, which occurred in November 2024, was the result of improper private key management. Investigations by leading blockchain security firms, including CertiK and Beosin, revealed that the hackers exploited DEXX’s official private keys to access user wallets. The attackers executed over 9,000 unauthorized transactions. They strategically targeted wallets based on their balances, with the highest-value accounts suffering the greatest losses.

This systematic and highly efficient operation has raised alarms about the susceptibility of decentralized platforms to targeted attacks. As the stolen assets continue to be laundered through Solana-based protocols, the industry watches closely, seeking lessons to prevent future incidents.

The Human Toll: A Community Reeling

For individual users, the fallout has been devastating. “I woke up to see my wallet balance at zero,” said one victim, who lost nearly $25,000 in the breach. Stories like this are all too common. Affected users report significant financial losses and growing frustration with the platform’s perceived lack of preparedness.

Adding to the chaos, many users deposited funds into DEXX even after the breach was disclosed. They were unaware that the hackers’ script was still active. This resulted in further losses, intensifying the community’s outrage and distrust.

DEXX’s promise of reimbursement offers a glimmer of hope, but the platform’s compensation plan is still under development. Users are required to verify their claims in a rigorous process aimed at preventing fraudulent reimbursement requests. That leaves many uncertain about their financial recovery.

Industry Lessons: Security vs. Usability

The DEXX hack underscores a fundamental tension in decentralized finance: the balance between usability and security. While DeFi platforms strive to provide accessible and efficient trading solutions, incidents like this highlight the dangers of inadequate safeguards.

Experts argue that private key management is one of the most critical, yet often overlooked, aspects of crypto security. “This wasn’t just a breach of DEXX—it was a breach of trust in the DeFi ecosystem,” remarked a blockchain security specialist. For many users, this incident reinforces the importance of self-custody and secure wallet practices.

On the industry side, platforms are being called upon to implement more robust security measures, including multi-signature wallets, cold storage solutions, and regular security audits. Partnerships with leading cybersecurity firms like CertiK and SlowMist are already underway at DEXX, signaling a shift towards stronger defenses.

Broader Implications for DeFi

The DEXX breach is more than an isolated incident; it is a case study in the challenges facing the rapidly evolving world of decentralized finance. As hackers grow increasingly sophisticated, the onus is on platforms to stay ahead of the curve. This includes not only fortifying technical infrastructure but also educating users on security best practices.

Moreover, the industry must address the long-term trust deficit created by high-profile hacks. For many traders, the promise of decentralization is marred by recurring security failures. Rebuilding confidence will require transparency, accountability, and a collective commitment to safeguarding user assets.

A Call to Action

As DEXX works to recover and rebuild, the incident serves as a stark reminder of the risks in the crypto space. For users, it is a lesson in vigilance—ensuring their funds are stored securely and platforms are scrutinized for their security protocols. For DeFi platforms, it is a call to action to prioritize security without compromising on the accessibility that defines the space.

>>> Read more: XT.com halts withdrawals after $1.7M breach

In the aftermath of the DEXX hack, the question is no longer whether DeFi can achieve mass adoption. The questions is whether it can do so without sacrificing the trust and security of its users. This balance will define the future of decentralized finance—and its ability to deliver on its revolutionary promise.

The post Aftermath of the DEXX Hack: What It Means for Crypto Security and User Trust appeared first on CrispyBull.

On October 31, 2024, the M2 exchange hack shocked the cryptocurrency community when hackers breached the UAE-based platform, making off with $13.7 million in digital assets. This high-profile incident exploited vulnerabilities within M2’s hot wallet infrastructure, a security risk that has impacted other exchanges in the past. Hot wallets, which remain connected to the internet for ease of transaction access, are inherently more susceptible to such attacks. Despite the significant loss, M2’s rapid response, and assurance of fund recovery have earned commendation, turning the M2 hack into a case study in effective crisis management within the volatile world of cryptocurrency.

The breach affected multiple cryptocurrencies, including popular assets like Bitcoin (BTC), Ethereum (ETH), and Solana (SOL). Although the hack involved a substantial amount, M2 resolved the situation within just 16 minutes, a remarkable turnaround highlighting its commitment to user protection. The exchange reassured customers that it had restored all impacted funds and pledged to strengthen its security measures further to prevent a repeat.

Hot Wallet Vulnerabilities and the M2 Exchange Hack

The M2 exchange hack brings attention to the risks associated with hot wallets – digital wallets connected to the internet and commonly used by exchanges for faster transactions. Hot wallet vulnerabilities are a recurring issue within the crypto industry, where hackers exploit this type of infrastructure to drain assets. These types of attacks raise essential questions about how exchanges can secure assets without sacrificing accessibility. Blockchain investigator ZachXBT, known for tracing crypto thefts, identified specific wallet addresses tied to the M2 exchange hack, underscoring the role of blockchain transparency in tracking illicit activities.

View this post on Instagram

A post shared by zachxbt (@zachxbt1)

Lessons in Crisis Management from the M2 Exchange Hack

The M2 exchange hack has positioned M2 as a case study in swift and effective crisis management within the crypto industry. By immediately restoring user funds, M2 has demonstrated a level of responsibility that is critical for maintaining user trust. The exchange’s response to the breach – combining both a rapid recovery plan and new preventive measures – reflects a growing trend among exchanges to prioritize customer protection amid cyber threats. The M2 exchange hack thus becomes more than just an incident; it serves as a blueprint for other exchanges on how to handle such crises with accountability and transparency.

Broader Industry Implications of the M2 Exchange Hack

As the M2 hack adds to the list of recent crypto security incidents, it underscores the need for robust cybersecurity measures, particularly as the UAE continues to develop as a major crypto hub. Incidents like this could potentially accelerate regulatory conversations in the region, with calls for stronger security standards to protect users and sustain industry growth. As M2 and other exchanges adapt to increasingly sophisticated threats, the current incident serves as a stark reminder that digital asset protection requires constant vigilance and adaptation.

>>> Read more: BingX Hack Sparks Hot vs. Cold Wallet Debate in Crypto Security

In conclusion, the M2 exchange hack illustrates both the vulnerabilities inherent to cryptocurrency exchanges and the critical importance of a user-centric approach in times of crisis. The swift recovery and full fund restoration by M2 have set a positive example in the crypto space, but the breach of the M2 exchange also highlights the ongoing need for robust security protocols to protect against similar threats. This incident reinforces the industry’s dedication to enhancing digital asset security while meeting the demands of a growing global user base.

The post M2 Crypto Exchange Suffers $13.7M Hack: Swift Response Ensures Full Fund Recovery for Users appeared first on CrispyBull.

What Happened?

The breach at Transak came to light in October 2024 and has since been widely reported across various industry platforms. According to official statements, it impacted 1.14% of the platform’s user base – roughly 92,000 users. The company attributed the breach to an incident where an employee’s laptop was compromised outside the secure work environment. It allowed malicious actors unauthorized access to Transak’s systems and exposed the personal information of users. The incident also highlights a vulnerability in how companies handle security for remote work setups.

Security Failures and the Ripple Effect

Transak’s partners, including the popular wallet service Trust Wallet, responded swiftly. They suspended services linked to Transak as a precautionary measure while investigations unfolded. This incident marks yet another reminder of how the crypto space, despite its cutting-edge technology, remains susceptible to traditional cybersecurity risks like phishing and social engineering attacks.

While Transak didn’t report financial data or passwords as compromised, the exposed information still poses significant risks. The perpetrators could leverage the personal data of users for phishing schemes, identity theft, or targeted attacks. Cybercriminals commonly employ these tactics after a breach. The aftermath has left many users on alert, urging them to safeguard their accounts and remain vigilant against suspicious activity.

The Industry-Wide Implications

The Transak breach is not an isolated case. It is part of a growing trend of cybersecurity issues plaguing the cryptocurrency sector. In recent years, data breaches and attacks on crypto exchanges and platforms have become more frequent, exposing the limitations of current security measures. Many of these breaches exploit weak points in infrastructure, third-party services, or human error – like the case of the compromised laptop at Transak.

Cryptocurrency platforms operate at the intersection of finance and technology, making them a high-value target for cybercriminals. As the industry continues to grow, the need for stricter security protocols becomes ever more pressing. The incident underscores the necessity of securing internal systems and also ensuring robust security practices for employees, particularly when working remotely or using personal devices.

>>> Read more: Crypto Cybercriminals Target CEXs Amid 2024 Crime Surge

What’s Next? The Call for Regulation and Oversight

The breach at Transak has intensified ongoing discussions about regulatory oversight in the cryptocurrency sector. Regulators have already been pushing for more stringent measures to protect users and ensure transparency in how platforms handle digital assets. This latest breach adds to the growing list of incidents that could spur more aggressive regulatory action to enforce compliance with higher cybersecurity standards.

Many experts argue that, while decentralized finance (DeFi) and blockchain technology offer groundbreaking solutions, they also present unique challenges that require new security paradigms. The industry needs to adapt rapidly. They must implement end-to-end encryption, multi-factor authentication, and decentralized identity solutions to reduce the risks of such breaches. Moreover, regulators may push for mandatory breach reporting and greater accountability from service providers.

The Future of Crypto Security

As Transak works to address the fallout from this breach, the broader industry faces a reckoning. The cryptocurrency market, though built on cutting-edge technology, must prioritize security as foundational, especially as it continues to attract more users and capital. Cybersecurity is no longer just a technical issue – it’s integral to the trust and credibility of the entire ecosystem.

The Transak incident serves as a wake-up call for crypto platforms and regulators alike. Moving forward, the sector will need to invest heavily in protecting user data. The industry must prove it can keep pace with increasingly sophisticated cyber threats.

The post Transak Data Breach Exposes 92,000 Users: What Went Wrong in Crypto’s Security? appeared first on CrispyBull.

A Catastrophic Breach

On July 18, 2024, WazirX revealed that it had fallen victim to a massive cyberattack, resulting in the theft of $230 million in various cryptocurrencies, including Ethereum and Shiba Inu tokens. The breach has been attributed to sophisticated hacking techniques. Some evidence points to the North Korean Lazarus Group, a notorious hacking syndicate known for targeting cryptocurrency platforms.

>>> Read more: North Korea Crypto Hackers Undermine the Crypto Ecosystem

Security Lapses and Key Management

Blockchain security experts have pointed out that the breach could have been mitigated, if not entirely prevented, had WazirX implemented more stringent security protocols. The hack exploited vulnerabilities in WazirX’s multisig wallet infrastructure. Multisig, short for multi-signature, is a method that requires multiple keys to authorize a transaction. However, it can become a weak link in the security chain if not managed properly.

According to a detailed analysis by cybersecurity firm Elliptic, the attackers managed to bypass these security measures, indicating potential flaws in key management practices. “Exploits like this are common but can be prevented by paying close attention to security best practices and industry standards in terms of key management,” said a research engineer at Quantstamp, another cybersecurity advisory firm.

Immediate Response and Market Reaction

In response to the breach, WazirX suspended all withdrawals and deposits to prevent further losses. This move left many users in a state of uncertainty and frustration, unable to access their funds. The suspension of services led to significant drops in the value of associated tokens. The WRX (WazirX’s native token) plummeted by approximately 21%.

Regulatory and Industry Implications

The hack has intensified calls for stricter regulatory oversight in the cryptocurrency industry. Indian authorities have been urged to implement more rigorous standards to protect investors and ensure the security of digital assets. The incident also highlights the need for exchanges to adopt more advanced security measures, such as enhanced key management protocols and regular security audits.

WazirX has filed a police complaint and is actively working with India’s cybercrime unit to track down the stolen assets and bring the perpetrators to justice. The exchange has also announced a $23 million bounty for information leading to the recovery of the stolen funds. That underscores the challenges of retrieving stolen cryptocurrencies even with substantial incentives.

As the cryptocurrency industry continues to evolve, the WazirX hack is a crucial lesson in the need for enhanced security measures. By adopting more stringent protocols and staying vigilant against emerging threats, exchanges can better protect their assets and maintain the trust of their users. The incident is a clarion call for the entire industry to prioritize security and work collaboratively to prevent future breaches.

The post Inside the WazirX Hack: How Lax Security Practices Led to a $230M Cryptocurrency Theft appeared first on CrispyBull.

Breaking news exposes a staggering breach in the Ledger ConnectKit Library, a crucial component in the fortress of crypto wallets, has fallen victim to a security flaw, potentially putting users’ assets at risk. Let’s delve into the details of this development and explore steps to ensure the safety of your crypto holdings.

Understanding the Ledger Library Flaw

The Ledger Library, a backbone for many cryptocurrency hardware wallets, recently faced a security breach that allowed malicious actors to inject code into decentralized applications (dapps). This flaw has raised concerns about the safety of digital assets, emphasizing the need for heightened vigilance among crypto users.

The Impact on Decentralized Applications

The compromised Ledger Library has ramifications for various decentralized applications, affecting projects like SushiSwap and Revoke.cash. This security lapse enabled hackers to execute a wallet drainer, posing a risk to users’ funds. Reports suggest that substantial amounts, including $484,000 in assets, were pilfered, underscoring the urgency of addressing this issue promptly.

Ledger’s Response and Mitigation Efforts

In response to the security breach, Ledger has taken swift action by identifying and removing the malicious version of the Ledger Connect Kit. The company has urged users to refrain from interacting with dapps temporarily. Ledger assures its user base that the security of Ledger devices and Ledger Live remains intact, emphasizing their commitment to resolving the issue promptly.

Implications for Crypto Safety

This incident underscores the broader concern of crypto safety. As the crypto space continues to evolve, it becomes crucial for users to stay informed about potential vulnerabilities and exercise caution when engaging with decentralized applications. The Ledger Library flaw serves as a stark reminder of the persistent threats posed by hackers in the crypto sphere.

Advice for Crypto Enthusiasts

In light of these developments, cryptocurrency enthusiasts should pause their interactions with dapps until the affected projects confirm the mitigation of the attack. Understanding the backend libraries used by dapps is essential, and users should exercise patience before resuming their activities, even after Ledger addresses the security lapse.

This Ledger Library flaw has cast a spotlight on the importance of robust cybersecurity measures in the cryptocurrency space. As crypto enthusiasts, staying informed and implementing best practices for securing digital assets is paramount. By remaining vigilant and adhering to recommended precautions, users can navigate the evolving crypto landscape with confidence.

The post Alert – Ledger Library Security Breach appeared first on CrispyBull.

North Korea’s Strategic Shift to Cryptocurrency

Since 2017, North Korea has strategically shifted its focus from traditional financial institutions to the crypto sector. Faced with international sanctions, the regime found a lucrative means to fund its endeavors through cryptocurrency theft, particularly its nuclear arsenal and ballistic missile programs. The shift began with targeted attacks on South Korean entities during the 2017 cryptocurrency boom and gradually expanded globally.

Recorded Future’s Insight: A Glimpse into North Korea’s Crypto Heists

Recorded Future‘s recent report reveals the staggering extent of North Korea’s cryptocurrency theft, amassing a total of $3 billion since 2017. The regime, backed by highly trained computer science professionals, transitioned from targeting financial institutions to a broader strategy, encompassing individual users, venture capital firms, and alternative technologies. The illicitly acquired funds, crucial for circumventing international sanctions, undergo conventional laundering processes.

Chainalysis Data: Unveiling the Scale of North Korea’s Crypto Heists

According to Chainalysis, North Korea-backed hackers stole $1.7 billion in cryptocurrency in 2022 alone, marking a substantial portion of the global crypto losses that year. This surge in illicit gains reflects a fourfold increase compared to the country’s previous record. The report emphasizes the country’s desperate turn to crypto theft as a response to economic sanctions, contributing to 44% of the total stolen in 2022.

Crypto Mixer Seizures: Disrupting North Korea’s Money Laundering Efforts

In a significant move last week, the U.S. Treasury Department sanctioned and seized Sinbad.io, a virtual currency mixer integral to North Korea’s money laundering efforts. The mixer played a crucial role in obscuring the financial trail of ill-gotten proceeds from cybercriminal activities, including Lazarus Group’s involvement in high-profile heists like the Axie Infinity and Horizon Bridge incidents. The crackdown on Sinbad.io exemplifies global efforts to disrupt key components of North Korea’s cybercriminal infrastructure.

Lazarus Group’s Techniques: From Phishing to DeFi Hacks

North Korean threat actors, particularly Lazarus Group, employ diverse tactics ranging from phishing and supply chain attacks to infrastructure hacks. In 2022, they pilfered $1.7 billion, with 44% of the stolen cryptocurrency attributed to their operations. Notably, $1.1 billion was stolen through hacks of decentralized finance (DeFi) protocols, showcasing North Korea’s role in intensifying the DeFi hacking trend.

The Ongoing Threat: Decrypting the Cybernetic Cat-and-Mouse Game

Despite global efforts and sanctions, North Korea’s cybercriminal endeavors persist, fueled by the economic imperative to fund strategic programs. The recent collaboration among North Korean state-sponsored threat actors further complicates tracking efforts. As the crypto threat landscape evolves, collaborative defenses, stronger regulations, and enhanced cybersecurity measures become imperative to counter the persistent threat posed by North Korea’s adept cyber operations.

The cryptocurrency industry stands at the forefront of North Korea’s revenue-generating endeavors, prompting the need for heightened security measures, regulations, and investments. The ongoing cybernetic cat-and-mouse game necessitates a proactive stance from the global cybersecurity community to thwart North Korea’s relentless pursuit of crypto theft as a means to sustain its regime in the face of economic restrictions.

The post How North Korea Steals Crypto – Unveiling a Cybernetic Cat-and-Mouse Game appeared first on CrispyBull.

Kaspersky Lab recommends that those who are involved in cryptocurrency take extra measures to ensure their safety when conducting trades. The company specifically recommends being wary of new third-parties and to only install software from reliable websites onto your computer. When opening Microsoft Office documents, Kaspersky Lab further cautions to only allow macro scripting from trusted sources. This is usually done by toggling the “Enable Content” tab.

Lazarus is one of the most notorious hacking groups in the world. In their campaign targeting cryptocurrencies, the group is reportedly responsible for the theft of $571 million to $882 million in 2017 and 2018. This amounts to 65% of all cryptocurrency stolen from online exchanges. Of last year’s 14 major cryptocurrency breaches, Lazarus was responsible for five. Lazarus made international headlines in January of 2018 when they stole $530 million from Coincheck, a Japanese exchange.

Lazarus was the subject of a recent exposé on Cointelegraph, a cryptocurrency news organization. The report claims that the North Korean government of Kim Jong-un has stolen about $670 million in hacks targeting cryptocurrency and fiat exchanges. The attacks began in 2015 and the perpetrators typically use blockchain technology to hide from authorities.

The post Hacker Group Targets Cryptocurrency Exchanges with Advanced Technology appeared first on CrispyBull.