Tag: losses | SpinSafe

Tag Archive for: losses

Crypto Losses In The First Quarter To Web3 Attacks And Scams Decreased By 23%.

March 31, 2024/in Computer Security

Immunefi reports that in the first quarter of 2024, the cryptocurrency industry’s losses from web3 hacks and scams decreased by 23% as compared to the same period the previous year.

TakeAway Points:

Web3 losses in the first quarter were due to fraud and hacking declines.
SBF-backed UK NGO for effective altruism to shut down.
B3 in Brazil has received approval to trade Bitcoin futures.

Crypto Losses To Web3 Hacks

Crypto industry losses to web3 hacks and scams declined 23% in the first quarter of 2024, compared with the year-earlier period, according to Immunefi.

A report from Immunefi, a bug bounty and security services platform for web3, said that while more than $336 million was lost in Q1, the same period in 2023 saw more than $437 million in such losses.

Hacks continued to be the main cause of losses at about 96%, as scams accounted for 4% of the total losses. DeFi, with almost $100 billion of total value locked in web3 protocols, was the main target of successful exploits.

“While it’s positive that overall losses have decreased, it’s essential to note that DeFi faced significant challenges, accounting for 100% of total losses in Q1 2024,” Immunefi founder and CEO Mitchell Amador said. “Particularly, the ecosystem witnessed a considerable volume of losses due to private key compromises, emphasising the critical need to secure both code and protocol infrastructure.”

The two most targeted chains were Ethereum and BNB Chain. Ethereum suffered the most individual attacks with 33 incidents, followed by BNB Chain with 14, the report said.

The two biggest exploits were conducted against Orbit Bridge, with about $82 million stolen, and Munchables at $63 million. These two accounted for 43% of the first-quarter losses.

About $74 million, or 22%, of the stolen funds were recovered, Immunefi said, including all that was taken from Munchables, an NFT game on the Ethereum layer 2 Blast.

Source…

Too Rich To Ransomware? MGM Brushes Off $100M in Losses

October 7, 2023/in Internet Security

Following September’s ransomware attack on MGM Resorts, the hospitality and casino giant swiftly decided not to engage or negotiate with cybercriminals — and based on its most recent Securities and Exchange Commission (SEC) disclosure, the gamble paid off.

MGM’s incident response strategy was a sharp left turn from Caesars Entertainment, which after it was breached by the same threat actors, decided to pay a negotiated ransom of $15 million and move on. In the days following the casino cyberattacks, Caesars was back to day-to-day operations, while MGM struggled to claw back operations for more than a week.

In its revised SEC disclosure form 8-K, MGM reports it lost about $100 million as a result of the breach, which seems like a hefty price tag at first blush. However, the company noted that the losses will only slightly impact the company’s third quarter financials, with minimal potential spillover into the fourth quarter. For comparison’s sake, MGM hauled in nearly $4 billion in revenue in the second quarter of the year, across its global operations — and $2.1 billion in revenue from its Las Vegas properties alone.

“The Company does not expect that it will have a material effect on its financial condition and results of operations for the year,” MGM said. The casino juggernaut is already looking forward to November Formula 1 racing coming to the Vegas Strip, which it added will boost its fourth quarter earnings significantly.

Caesars, on the other hand, made the choice to pay, despite widespread guidance against meeting ransom demands.

“Paying a ransom to cybercriminals does not guarantee a full return of an organization’s systems and data, and only furthers the ransomware ecosystem,” according to Anne Cutler, cybersecurity evangelist with Keeper Security. “Although the $100 million in losses are costly on the surface, MGM’s decision not to pay the ransom followed the course of action recommended by cybersecurity experts, government, and law enforcement.”

The outcome makes a surprising business case for telling cybercriminals to pound sand following a ransomware attack.

Do Deep Pockets Make Orgs Better or Worse Targets?

Are some organizations just too rich to ransomware?

“No…

Source…

https://spinsafe.com/wp-content/uploads/2023/10/MGM_Grand_Lion_John_Chu_Alamy-scaled.jpg 1707 2560 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-10-07 06:30:062023-10-07 06:30:06Too Rich To Ransomware? MGM Brushes Off $100M in Losses

Atomic Wallet hack losses top $35M, on-chain sleuth reports

June 4, 2023/in Internet Security

At least $35 million worth of crypto assets have been stolen from Atomic Wallet users since June 2, according to an analysis from on-chain sleuth ZachXBT. The five largest losses account for $17 million.

According to Atomic Wallet on Twitter, the cause of the attack is being investigated. Reports have surfaced of tokens being lost, transaction histories being erased, and even entire crypto portfolios being stolen.

An independent investigation carried out by pseudonymous Twitter ZachXBT, known for tracing crypto stolen funds and assisting hacked projects, has found the largest victim lost $7.95 million in Tether (USDT). “Think it could surpass $50m. Keep finding more and more victims, sadly,” commented ZachXBT.

Screenshot: ZachXBT’s investigation into Atomic Wallet’s hack. Source: ZachXBT on Twitter.

Atomic Wallet claims to have over 5 million users around the world. Cointelegraph spoke with a long-time Atomic’s client who is now a victim of the security breach. “I felt terrible because I am a cybersecurity expert by profession,” said Emre, a Turkish resident who lost nearly $1 million in crypto assets received from bug bounty programs. His stolen tokens include Bitcoin (BTC), Dogecoin (DOGE), Litecoin (LTC), Ethereum (ETH), USDT, USD Coin (USDC), Binance Coin (BNB), and Polygon (MATIC).

“They say they’re looking into it, but they don’t have anything concrete yet,” Emre continued. The funds held at Atomic Wallet were destined for the establishment of a cybersecurity firm in Turkey.

Atomic is a noncustodial-decentralized wallet, meaning users are responsible for assets stored in the application. As usual, its Terms of Service do not accept any liability for on-chain damages suffered by users. “Under no circumstances will Atomic Wallet be liable to you for damages arising out of the services exceeding $50,” says one excerpt.

Update: The investigation is still ongoing in a joint effort with the leading security companies. The team is working on possible attack vectors. Nothing yet confirmed.

Support team is collecting victim addresses. Reached out to major exchanges and blockchain analytics companies…

— Atomic – Crypto Wallet (@AtomicWallet) June 4, 2023

There has been little…

Source…

https://spinsafe.com/wp-content/uploads/2023/06/5bf208ac-ee59-43a1-8aa2-6573d552756e.jpg 800 1200 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-06-04 18:00:082023-06-04 18:00:08Atomic Wallet hack losses top $35M, on-chain sleuth reports

Report Estimates Trillions in Indirect Losses Would Follow Quantum Computer Hack

May 23, 2023/in Computer Security

not just simply as a theoretical challenge to public encryption systems and cyber security as a whole, but also one that needed to be quantified.” The final results of the analysis suggest that a hack …

Source…

https://spinsafe.com/wp-content/uploads/2023/05/1684832411_open-graph.jpg 400 400 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-05-23 05:00:072023-05-23 05:00:07Report Estimates Trillions in Indirect Losses Would Follow Quantum Computer Hack