12 Sep 2022

Investigators Seize $30m in Stolen Crypto from North Korea

Chainalysis has reported that US authorities seized roughly 10% of the cryptocurrency stolen by North Korean state hackers during the Ronin Network heist that occurred last month. Chainalysis also reported that a total of $30 million was seized during the raid, marking the first time ever that cryptocurrency originally stolen

Read More
26 Jul 2022

How governments seize millions in stolen cryptocurrency

There have been so many recent multimillion-dollar cryptocurrency thefts that it’s easy to lose track. Organized crime, bad cybersecurity, financially motivated spies, and colorful criminals of all kinds have made so many headlines that even huge heists can go mostly unnoticed by the public. But sometimes the government is able

Read More
21 Apr 2022

A $600,000 Reminder to Not Save Your Passwords on Post-It Notes

A security analyst in Pinellas Park, Florida (about a 15-minute drive from our office in downtown St. Petersburg) was arrested for stealing well over half a million dollars in cryptocurrency from a client. But unlike many other crypto theft cases, this incident isn’t the result of a complex cyber attack

Read More
19 Apr 2022

TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

The U.S. government has observed North Korean cyber actors targeting a variety of organizations in the blockchain technology and cryptocurrency industry, including cryptocurrency exchanges, decentralized finance (DeFi) protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens (NFTs). They provide recommendations for mitigating attacks (OODA provides additional, more actionable context in this post).

Read More
18 Apr 2022

Ethereum-based stablecoin protocol Beanstalk loses about $182 million to exploit

Beanstalk, a credit-based stablecoin protocol built on Ethereum, is the latest DeFi project to suffer a major exploit. An attacker used a flash loan exploit to drain the protocol’s funds early Sunday. Etherscan data shows that they leveraged Aave’s flash loan feature to withdraw liquidity from the protocol and then used

Read More
30 Mar 2022

Attackers Steal $618m From Crypto Firm

Vietnamese blockchain game developer Sky Mavis created the Ronin Network to serve as a sidechain for the company’s Axie Infinity game. The tool is used by gamers to transfer virtual coins in and out of the game. However, it has been revealed that hackers were able to break into the

Read More
18 Jan 2022

Crypto.com Halts Withdrawals for 14 Hours After ‘Unauthorized Activity’

Crypto.com suspended all withdrawals from the platform on Monday and is forcing users to reset two-factor authentication methods, according to tweets from the company. And while Crypto.com is claiming everyone’s money is “safe,” there were reports from users on social media that millions may have been lost to hackers. “Earlier today

Read More
08 Dec 2021

The New Normal? Unique New Responses to Massive, Global Cyber Theft, Data Breach and Espionage Activities (Part 2 of 3)

In this post, we break down the recent BitMart Cryptocurrency Heist. Our working analogy? The automobile and the Thompson Submachine Gun were the crucial, democratically available technological innovations that the mob leveraged during the “Golden Age of Bank Robberies” in the U.S. Newfound auto horsepower and the number of bullets fired per minute (from the floorboard design innovation on most new car models of the era) equaled the invention of the bank robbery, the getaway car, and the high-speed chase – all new law enforcement problems at the time, not much unlike the current inventions used for cryptocurrency heists today.

Read More
03 Dec 2021

Someone stole $120 million in crypto by hacking a DeFi website

On Wednesday night, someone drained funds from multiple cryptocurrency wallets connected to the decentralized finance platform BadgerDAO. According to the blockchain security and data analytics Peckshield, which is working with Badger to investigate the heist, the various tokens stolen in the attack are worth about $120 million. While the investigation

Read More
02 Jan 2020

Change your password: Poloniex cryptocurrency exchange reveals data leak

Cryptocurrency exchange Poloniex has enforced a password reset for all customers after it was impacted by a data leak. However, many users believed that the password reset email was a phishing attempt, where malicious actors send fraudulent emails disguised as legitimate companies to lure victims into submitting login credentials. The

Read More