Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly News Digest #79

Weekly News Digest #79

Share via:

Tax season scams can steal your passwords and bank details

Malicious actors are sending phishing emails claiming to be from the IRS. The purpose of these emails is to infect victims’ PCs with malware or trick users to transfer their personal information such as usernames, passwords, etc. Although these scams are not particularly sophisticated, they are sent at the time of tax deadlines. Even if a minor share of potential victims opens these emails, malicious actors can steal massive volumes of data.

The scam email can infect victims with Emotet malware, a trojan used to steal passwords while creating a backdoor onto the infected computer. The email contains a malicious attachment called “W-9 form.zip”. When opening the attachment, users are asked to enable macros. All sensitive information stolen can be used to compromise victims’ online as well as banking accounts.

Russian hackers are targeting humanitarian efforts

According to the information provided by a top Ukrainian cybersecurity official, russian hackers are attacking logistical lines including those delivering food and other humanitarian support. Cyberattacks are mostly linked to Russia’s ground and air campaign. Russian hackers have also targeted Ukrainian energy companies and internet-service providers.

Russia has also tried to crash Ukrainian communication networks but has failed to reach this goal. The Ukrainian officials have also admitted priceless assistance from Elon Musk’s Space Exploration Technologies Corp. SpaceX’s Starlink service has provided backup Internet in Ukraine. The official has also noted that some cyberattacks are linked to other than the Russian government but there is no proof whether they are aligned with the activities of russian-backed actors.

The war in Ukraine is driving the cybersecurity boom

First, the Covid-19 pandemic drove the cybersecurity boom due to a rapid increase in the popularity of remote work. During the pandemic crisis, the cybersecurity industry raised billions in venture capital and launched tons of solutions for digital protection. Officials worldwide are appealing to businesses to motivate them to apply best security practices to address possible risks. Biden’s administration has warned businesses that Russia may respond to Western sanctions by launching massive cyberattacks.

Businesses have already taken action. US banks have improved their cyber defences while US governors have prioritized strengthening the protection of critical infrastructure. Cybersecurity companies are sure that the boom in their industry will continue. The role of managers is to keep their workforce informed about threats.

BlockFi, Swan Bitcoin, NYDIG and Circle breaches resulting from HubSpot hack

The hack of HubSpot, a tool used by companies to manage marketing campaigns and onboard new users, has also affected BlockFi, Swan Bitcoin, NYDIG and Circle. However, according to these companies, their operations and treasuries remained unaffected. Users’ passwords and other internal information also were not compromised by attackers.

The HubSpot hack was the result of access by a malicious actor to an employee account. It was used to target stakeholders in the crypto industry. Some users stated that they received phishing emails from the affected companies.

Top 10 countries where DDoS attacks originate

Cloudflare provides data showing the countries with the highest concentration of DDoS traffic. Cloudflare has tracked a significant spike in hacking activities worldwide since the beginning of the Russian invasion of Ukraine. It will take a lot of time even to understand who was participating. Cloudflare has released data to show the top 10 countries where a certain kind of hack is coming from.

According to Cloudflare, the top 10 sources of DDoS attacks are: