Uncovering FTX Bankruptcy: Reserves, SBF, Alameda & Binance
FTX Bankruptcy: SBF, Alameda, Binance, VC funds, hack, federal investigation, Proof of Reserves, calls for transparency
Hacken is launching a monitoring tool. Get details and join our beta program
Badger DAO Protocol has fallen victim to a hack, $120.3 million in cryptocurrencies was stolen from its users. The first messages from users mentioning possible problems were coming on Wednesday at 9 p.m. ET. According to the data provided by PeckShield, the total amount of lost assets included 2,100 BTC and 151 ETH. The hack may be the result of the exploit in the Badger.com user interface. When trying to claim yield farming rewards and interacting with Badger vaults, users were noticing spurious requests for additional permissions.
Upon noticing these suspicious activities, Badger froze all the vaults. The project started an investigation to identify how many users were affected and how many assets were stolen. The malicious requests may have started coming to users weeks prior to the attack. Due to the hack, the price of the Badger DAO token has demonstrated a more than 20% decline.
A simple technique is used by malicious state-backed actors to conduct phishing campaigns aimed at spreading malware and stealing information that may be demanded by their governments. According to the data provided by security experts from Proofpoint, hackers are working on behalf of Russian, Chinese, and Indian interests and use rich text format (RTF) template injections. The technique brings visible results to hackers since antivirus software used by many organizations doesn’t block RTF files by default.
Attackers weaponize RTF files by altering their document-formatting properties to retrieve content from the URL they control. As a result, attackers can secretly retrieve a malware payload that gets installed on the targeted machine. This hacking technique has become so popular among state-backed hackers since it is easy to use while being reliable enough to reach their malicious targets.
There is a risk that malicious actors can exploit Mozilla’s cross-platform Network Security Services (NSS) cryptographic library to crash the application or execute an arbitrary code. Mozilla has rolled out fixes to address a critical security weakness. The flaw is tracked CVE-2021-43527 and it affects NSS versions prior to 3.73 or 3.68.1 ESR. The flow concerns a heap overflow vulnerability.
The bug codenamed “BigSig” is likely to have been exploited since June 2012. It is important to mention that although the bug does not affect Mozilla’s Firefox web browser itself, pdf viewers, email clients, and other applications using NSS for signature verification are likely to be vulnerable to the flaw.
The security specialists representing the security company Cybereason have analyzed the state of ransomware during the Holiday Period and at weekends. They collected data from 500 UK professionals. 37% of respondents have admitted that their companies have no contingency plans in place to react to ransomware attacks during weekends or during Holiday Period. At the same time, almost 90% of respondents are concerned about the risk of facing ransomware attacks during these periods.
According to Cybereason CEO Lior Div, the most disruptive attacks in 2021 took place at weekends as well as during major holidays. Organizations are not prepared enough to address such cyber threats, neither appropriate technologies nor responsible officers are in place.
The Carding Action 2021 led by Italy in partnership with the UK, leading card schemes, and Europol has saved European cardholders tens of millions of USD in cybercrime losses. The cross-border anti-fraud initiative targeted underground sites on which fraudsters and cybercriminals were stealing card data. The three-month operation has already resulted in the identification of 12 vendors selling stolen credit card data and the sum of prevented losses equals $16 million.
However, only 50,000 stolen cards have been analyzed. The figure of prevented losses has been calculated by multiplying the average spending per card by the number of identified cards. Security specialists were analyzing such sources of compromised payment records as a botnet and JS-sniffer infrastructure. Carding Action 2021 is a great example of joint initiatives that play a key role in disrupting cybercrime globally.
Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email