Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly News Digest #70

Weekly News Digest #70

Share via:

Dark web players are getting worried following a series of ransomware arrests

After the arrest of suspected members of the notorious ransomware group, cybercriminals are becoming increasingly afraid of being tracked down by law enforcement agencies. On 14 January, Russia’s FSB announced the detaining of the members of the REVil ransomware gang. Last year, some other members of this group were arrested as a result of the action by Europol. These recent arrests have scared malicious actors who are afraid of being the next to be arrested.

Ransomware is one of the most disastrous forms of cyberattacks affecting modern organizations. These attacks are targeting entities from food, healthcare, utilities, and other industries that are providing vital services to people. There is a consensus among cybersecurity experts that a large share of these attacks is initiated by malicious actors from Russia. There is a real panic on dark web forums.

A new crypto scam is abusing the Amazon brand

Through the new scam, malicious actors are duping would-be investors into handing over Bitcoin. Although governments worldwide take actions to protect crypto investors such as by strengthening rules surrounding crypto advertising, monitoring initial coin offerings, and keeping a close eye on exit scams and rug pulls, the threat related to crypto scams remains unprecedented.

According to Chainalysis, fraudsters gained close to $14B in deposits last year. The researchers from Akamai Technologies outlined a new malicious campaign leveraging the brand name Amazon to promote a fraudulent scheme so-called “Amazon is creating its own crypto”. In this scheme, malicious actors imposed a “time-sensitive” lure making victims feel that they could lose a great investment opportunity. Victims had had only 30 seconds to read the release before they were redirected to the domain offering the pre-sale of tokens.

Crypto.com hack: more than $30M stolen by hackers

Crypto.com said that cybercriminals breached its system and stole $30M in BTC and ETH. Hackers bypassed its two-factor authentication system and managed to withdraw virtual assets from 483 user accounts. All victims of this hack have been fully reimbursed. The statement made by Crypto.com contains information about the scheme behind this hack and losses but does not indicate the personalities of hackers.

4,600 ETH stolen by hackers likely were laundered via Etherium Mixer – Tornado Cash. As an immediate reaction to the hack, the exchange paused the withdrawal of funds. The company is going to ditch 2FA for “true Multi-Factor Authentication (MFA), providing added strength for our global user base.”

The USA is a top target of phishing attacks

In Q3 2021, the USA experienced more than 56,000 cyberattacks, a 43% increase vs. Q2 2021. 14% of all these cyberattacks were phishing attacks, according to Outseer. The USA was also a top hosting country for this type of cyberattack accounting for 73% of internet service providers hosting phishing attacks. Outseer has detected a significant (274%) increase in the number of brand abuse attacks conducted by malicious actors in Q3 2021 compared to the same period in 2020.

Companies need to focus on training their employees on how to recognize and address these attacks. An increase in the number of cyberattacks may be attributable to the industry shortage of IT security specialists and the shift to remote work.

Multichain Protocol loses more than $3M in a series of hacks

On 17 January, Multichain Protocol announced to users that six tokens (WETH, PERI, OMT, WBNB, MATIC, and AVAX) contained critical vulnerabilities. The next day $1M in virtual assets was stolen. On 19 January, the co-founder of ZenGo Tal Be’ery announced that the sum of losses rose to $3M.

The crypto world is still heavily suffering from hacks. The recent Bitmart and Celsius Network hacks resulted in the loss of $200M and $54M respectively by their users. As of now, 29 ETH were returned to Multichain by a white-hat hacker. The Multichain team keeps on warning users about the compromised tokens.