Microsoft researchers have identified a new remote access trojan (RAT) named StilachiRAT, designed to steal cryptocurrency wallet data, credentials, and system information while maintaining persistent access to compromised devices, the company disclosed on March 17. The malware, first detected in November 2024, employs stealth techniques and anti-forensic measures to evade detection. While Microsoft has not […]
The post Microsoft uncovers new trojan targeting crypto wallet extensions on chrome appeared first on CryptoSlate.
Blockchain investigator ZachXBT has raised concerns about the crypto industry’s ability to address security breaches and illicit fund movements following his involvement in freezing funds from the recent Bybit hack. He argued that persistent vulnerabilities and inadequate responses from key players enable malicious actors to exploit weaknesses at scale. Systemic failures ZachXBT said that many […]
The post Crypto industry is ‘cooked’ when it comes to dealing with hacks, money laundering – ZachXBT appeared first on CryptoSlate.
The maintainer of AIXBT's social media account said the attacker gained access to the bot's “simulation wallet” through malicious prompting.
Memecoin launchpad on BNB Chain, Four.Meme has restored its token launch function following an exploit that resulted in a $130,000 loss. In a March 18 post on X, the Four.Meme team confirmed it had suffered an attack, prompting an emergency suspension of its launch function. The platform stated: “Currently, Four.Meme is under attack, and the […]
The post Four Meme handles second exploit in months, reinstates launch service appeared first on CryptoSlate.
On Feb. 28, the Wemix Foundation suffered a $6.2 million hack — but made a public announcement four days later.
North Korea's Lazarus Group currently holds 13,518 BTC, worth around $1.13 billion, according to data from Arkham Intelligence.
OKX halted its DeFi services used by hackers to launder some of the proceeds from the $1.5 billion Bybit hack.
On March 13, hackers seemingly took control of DB, a well-known crypto news platform, using its X account to spread false information about Donald Trump’s TRUMP memecoin and a fabricated BlackRock ETF filing for Hyperliquid. The misleading posts had an immediate impact. TRUMP’s price surged by 20% before quickly collapsing, while the fake ETF news […]
The post DB news X account hack leads to 20% Trump memecoin pump and dump appeared first on CryptoSlate.
OKX has denied claims that European regulators are examining its Web3 service for allegedly allowing Bybit hackers to launder $100 million in stolen funds. A recent Bloomberg News report claimed that authorities are analyzing potential violations of the Markets in Crypto-Assets (MiCA) regulation by OKX and are debating whether to impose penalties, including revoking the exchange’s […]
The post OKX denies allegations of regulatory investigation and role in laundering stolen funds appeared first on CryptoSlate.
A forfeiture complaint shared by blockchain detective ZachXBT revealed that the $150 million hack suffered by Ripple co-founder Chris Larsen resulted from private keys stored in the password manager LastPass, which was compromised in 2022. The complaint details how the attackers accessed Larsen’s cryptocurrency wallets through stolen vault data from LastPass. LastPass compromise In December […]
The post Ripple co-founder’s $150M hack tied to LastPass password vault breach appeared first on CryptoSlate.
Blockchain security firm SlowMist has reported that DeFi aggregator 1inch suffered an exploit in its resolver smart contract, resulting in losses exceeding $5 million. On March 7, SlowMist founder Yu Xian revealed that attackers drained approximately 2.4 million USDC and 1,276 Wrapped Ethereum (WETH) from the affected smart contract. He clarified that regular users were […]
The post 1inch hit by $5 million exploit in outdated smart contract appeared first on CryptoSlate.
In January 2024, Ripple's Chris Larsen admitted there had been "unauthorized access" to his “personal XRP accounts."
Safe published a preliminary report on Mar. 6 attributing the breach that led to the Bybit hack to a compromised developer laptop. The vulnerability resulted in the injection of malware, which allowed the hack. The perpetrators circumvented multi-factor authentication (MFA) by exploiting active Amazon Web Services (AWS) tokens, enabling unauthorized access. This allowed hackers to […]
The post Safe’s internal investigation reveals developer’s laptop breach led to Bybit hack appeared first on CryptoSlate.
Bybit CEO Ben Zhou has confirmed that $1.07 billion—roughly 77% of the assets stolen in the exchange’s recent $1.4 billion security breach—can still be tracked. In a March 4 update, Zhou disclosed that hackers successfully laundered $280 million, around 20% of the 499,000 ETH stolen. Meanwhile, investigators have managed to freeze $42 million, accounting for […]
The post Bybit CEO says $1 billion of stolen assets still trackable despite hackers mixing funds with THORchain appeared first on CryptoSlate.
Bybit's Ben Zhou said that this week and the next are critical for freezing stolen funds as funds will start to clear on trading platforms.
Thorchain is experiencing a developer exodus, as hackers from Lazarus Group are using the interoperability-focused blockchain to launder Ethereum (ETH) stolen in the Bybit hack. A Thorchain developer known as TCB announced that Pluto, the protocol’s unofficial lead developer, is stepping down. TCB himself has also indicated his imminent departure unless a swift resolution is […]
The post Thorchain faces developer exodus amid North Korean money laundering scandal appeared first on CryptoSlate.
MetaMask head of security, Taylor Monahan, said Lazarus has moved at least 209,384 ETH, over half the ETH stolen from Bybit, into BTC.
Criminals are no longer using BTC, but instead choosing stablecoins, the report revealed.
The Federal Bureau of Investigation (FBI) has confirmed North Korea as the culprit behind the recent $1.5 billion exploit on Bybit. In a Feb. 26 Public Service Announcement (PSA), the agency attributed the attack to TraderTraitor, a malicious cyber campaign linked to North Korean threat actors. TraderTraitor refers to a series of malware-infested applications disguised […]
The post FBI confirms North Korea-backed Lazarus hackers stole $1.5 billion from Bybit appeared first on CryptoSlate.
The FBI reiterated North Korean involvement, and identified the activity as TraderTraitor.
The crypto industry lost a further $1.53 billion in February due to hacks and exploits, representing a 20x increase month-over-month.
Bybit revealed that the recent $1.4 billion hack did not compromise its infrastructure and was caused by a vulnerability in a Safe developer machine. According to the exchange’s initial forensic report, the attack was executed through Safe’s AWS S3 bucket, allowing bad actors to manipulate the wallet front end. Meanwhile, Safe said in a separate […]
The post Bybit exploit tied to Safe developer machine vulnerability appeared first on CryptoSlate.
The following article is adapted from The Block’s newsletter, The Daily, which comes out on weekday afternoons.
Lazarus appears to have compromised a Safe developer machine, allowing it to inject a highly-targeted script used to control Bybit's wallet.
Pump.fun's compromised X account promoted one false governance token and two other scam tokens about the hack itself, including "HACKED" and "hackeddotfun."
Kaspersky researchers have identified an attack vector on GitHub that uses repositories to distribute code that targets crypto wallets. The investigation revealed a campaign dubbed GitVenom, in which threat actors created hundreds of GitHub repositories purporting to offer utilities for social media automation, wallet management, and even gaming enhancements. Although these repositories were designed to […]
The post Malicious GitHub repositories deploying hidden attacks on crypto wallets appeared first on CryptoSlate.
Bybit announced a bounty platform designed to combat crypto-related crime titled LazarusBounty.com following. The initiative employs a structured, four-pronged approach to identifying illicit activity, holding hackers accountable, and enhancing crypto security. The effort follows a hack perpetrated against Bybit on Feb. 21, which resulted in the loss of nearly $1.5 billion in Ethereum (ETH) and […]
The post Bybit unveils bounty platform to tackle crypto crime following massive Lazarus hack appeared first on CryptoSlate.
Bybit is offering a 5% bounty to exchanges, mixers or anyone who helps freeze funds stolen by North Korea's Lazarus Group.
Chainflip's upgrade gives it authority to reject any deposit to the protocol, developed in an aim to filter out hacked funds from Bybit.
The hack, which occurred during the Uranium Finance protocol migration in April 2021, resulted in a loss of about $50 million.