Tag Archive for: Wallets

Hacking Crypto Wallets Is Latest Strategy in Quest to Recover Lost Billions

/in


Early statistics on ether (ETH), the second-biggest cryptocurrency by market cap, are harder to come by. However, data provided to CoinDesk by Crypto Asset Recovery shows that 7% of presale wallets have never had any crypto move – suggesting the ETH in those wallets have just been sitting there, untouched, ever since the Ethereum blockchain went live in 2015. That’s 621 of the 8,893 wallet addresses, or 521,574.608 ETH (roughly $875 million today).

Source…

Are Cold Wallets Safer Than Hot Wallets For Storing Your Crypto Keys?

/in


Recently, hackers stole around $5.2 million worth of Solana from 8,000 hot wallets, such as Phantom, Slope, and Trust. Solana claimed that the security vulnerability was in the code of the third-party wallets and not in their own. 

Now in the light of such revelations, cyber experts are debating whether crypto investors should store their private keys in cold wallets in order to secure their crypto holdings from such cyber hacking.

Incidentally, Peck Shield Alert, a security firm has Tweeted that around $8,000 worth Stablecoin and Solana have been stolen. Besides, Solana has also struggled with security issues in the past, and now, probes has revealed that as many as four addresses were linked to the hacker. 

Crypto investing has come in vogue of late as they are considered the currencies of tomorrow. They are based on the Blockchain, and will be the native currency in the WEB3 space, the new digital world that we will be able to access in a few years using virtual reality.

Central banks across the world, including the Reserve Bank of India have announced they will be launching the central bank digital currency (CBDC) soon. As we usher towards this new world, the important question that now rises is how we can keep our money safe.

Technically, you can store crypto in a custodial wallet, where they do not provide you with a private key. Else, you can choose a hot wallet where your private key is stored in a browser extension or a desktop application, and lastly there is the most secure of all, the cold wallet, where you store your key in a hardware wallet. Keeping the private key secure is the most important piece of the puzzle.

Let us understand the concept of hot and cold wallets in detail.

Hot Wallets

Hot wallets include Web-based wallets (browser extension), mobile wallets, and desktop wallets. They are all connected to the Internet. In other words, if your system gets compromised, or if the hot wallet you use has security vulnerabilities, like in the Solana hacking case, where hackers stole the private key from inactive crypto Slope, Trust, and Phantom wallets, hackers can steal your private keys and drain your wallet. They can use a crypto tumbler…

Source…

Thousands of Solana crypto wallets targeted in yet another hack

/in


Hackers targeted the Solana ecosystem on Wednesday with thousands of wallets being affected in the latest hit to the cryptocurrency market, just a few days after bridge protocol Nomad was attacked at the start of the week. Over 8,000 internet-connected hot wallets have been compromised so far, however, the source of the attack remains unknown.

While the total value of the assets stolen was unclear, four Solana wallet addresses drained approximately $8 million from victims, according to security firm PeckShield, reported Bloomberg. 

More than 8,000 wallets appear to have been affected, with the security incident draining them of their SOL tokens and USDC stablecoins, crypto exchange Binance Chief Executive Officer (CEO) Changpeng “CZ” Zhao said on Twitter.

“There is an active security incident on Solana. Many (7000+ and counting) wallets are drained of SOL & USDC. Don’t know root cause yet. Maybe permissions granted to appsm” said Zhao on twitter.

Solana’s token SOL fell 7% to $38.4 in the last 24 hours, its lowest price in a week. “Solana is a new blockchain supported by a token of its own that works as the gas to confirm the transactions on that blockchain. There have been numerous hacks on the wallets supporting this token. A recent successful attempt drained away about 560M USD worth of Solana from various user…

Source…

Fake Binance NFT Mystery Box bots steal victim’s crypto wallets

/in


GB Master Kung Mystery Box
Source: ITAMGamesInc

A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories.

Binance mystery boxes are sets of random non-fungible token (NFT) items that people buy, hoping they’ll receive a unique or rare item at a bargain price. Some of the NFTs found in these boxes can be used to add rare cosmetics or personas within online blockchain games.

Mystery boxes are trendy in the NFT market because they give people the joy of the unknown and the potential for a big payday if they land a rare NFT. However, marketplaces like Binance offer them in limited numbers, making some boxes hard to get before they run out of stock.

This is why interested buyers often deploy “bots” to acquire them, and it’s precisely this hot trend that the threat actors are trying to take advantage of.

YouTube and GitHub abuse

According to a new report by Netskope, threat actors are creating YouTube videos to entice potential victims into downloading and installing the malware on their computer, thinking they’re getting a free mystery box scalper bot.

Malicious YouTube videos
Malicious YouTube videos (Netskope)

BleepingComputer confirmed that the videos listed in the indicators of compromise are still available on YouTube, albeit having a low number of views. 

There likely are many more than those spotted by Netskope, and it’s also possible that previous scam videos with a higher number of views were reported and taken down by YouTube moderators.

The threat actors uploaded the videos between March and April 2022, and they all feature a link to a GitHub repository that supposedly hosts the bot but, in reality, distributes RedLine.

Video description leading to a GitHub download
Video description leading to a GitHub download (Netskope)

The name of the dropped file is “BinanceNFT.bot_v1.3.zip”, containing a similarly-named executable, which is the payload, a Visual C++ installer, and a README.txt file.

Files contained in the dropped ZIP archive
Files contained in the dropped ZIP 
(Netskope)

RedLine requires the VC redistributable installer to run since the program is developed in .NET, while the text file contains the installation instructions for the victim.

Readme file instructions
Readme file…

Source…