Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly News Digest #82

Weekly News Digest #82

Share via:

North Korean hackers were behind Axie Infinity crypto theft

According to the Treasury Department, the Lazarus group was behind the theft of $600M in crypto from the popular online game. The US Treasury managed to identify a digital currency address used by hackers and it was under the control of the Lazarus group. North Korea has actively used cybercrime to generate money for its military programs such as weapons of mass destruction. The parties that transact with the illicit wallet may face US sanctions.

According to US officials, the Lazarus group is controlled by North Korea’s primary intelligence bureau. The list of hacks associated with Lazarus includes “WannaCry” ransomware attacks, hacking of international financial institutions, and Sony Pictures massive cyberattacks in 2014. Washington is going to publish crypto cybersecurity guidelines to protect companies from dealing with stolen assets.

Hydra Darknet Market offline after German Police raid

Hydra, the underground platform catering to Russian criminals, is now offline after the raid by German police. Prior to the raid, Hydra used to be the largest darknet market in the world with an annual turnover of $1.35B. The majority of services offered by Hydra including the illicit sale of drugs and money laundering were operating out of russia. Hydra had 17M users and 19K registered seller accounts. According to the investigators, Hydra has cleared over $5B since its launch in 2015.

German police seized 543 bitcoins from Hydra. Currently, the identities of the market’s operators are not disclosed. The closure of Hydra will heavily affect organized crime in Eastern Europe. The russian crypto exchange Garantex which had ties to Hydra faced sanctions imposed by the US law enforcement body. Moscow has already become the global hub for cybercrime operations, so this raid will mitigate the volume of illicit money coming to russia.

DDoS attacks on Finland: warning for enterprises

Last week the websites of Finland’s Ministry of Defense and Ministry of Foreign Affairs were put out of action as a result of a series of DDoS attacks. Attacks took place when the President of Ukraine Volodymyr Zelensky addressed Finland’s Parliament and just a few hours after the Ministry of Defense had reported russian aircraft had entered the country’s airspace.

It’s likely that russia stands behind these attacks. As a result, it is reasonable to note that even the countries that are not physically involved in the war start experiencing cyber threats. That means that enterprises worldwide should be prepared for dealing with cybersecurity risks associated with the war between russia and Ukraine, especially enterprises that openly support Ukraine.

Russia’s Sandworm hackers attempted a third blackout in Ukraine

It was the first attack for the last 5 years in which attackers used the Sandworm’s Industroyer malware that is designed to automatically trigger power disruptions. More than 5 years ago hackers used a unique automated piece of code to turn off the light to the fraction of Kyiv.

On Tuesday, the Ukrainian Computer Emergency Response Team (CERT-UA) and the Slovakian cybersecurity firm ESET issued advisories that Sandworm targeted high-voltage electrical substations in Ukraine using a variation on a piece of malware known as Industroyer or Crash Override. The malware was planted on target systems within a regional Ukrainian energy firm on Friday. More than 2M people live in the area served by this firm. However, CERT-UA managed to detect the attack before it could cause the third blackout.

Conti ransomware group has its HR department, performance reviews, “best employees” and other interesting features. All found in leaked documents.

Conti ransomware group has become a victim of cyber espionage. A series of leaked documents reveal details about its size, leadership, and business operations as well as the source code of its ransomware. The group emerged in 2020 and since then has grown into one of the biggest ransomware organizations in the world. The group unites 350 members who have made some $2.7B in crypto in just 2 years.

The Conti group was among the key attackers on the US critical infrastructure. The data leak may be an act of revenge for Conti’s open support to russia. The leaks started on 28 February, a few days after the beginning of the russian invasion of Ukraine. This data leak is so huge that it can be referred to as “the Panama Papers of Ransomware”. As can be seen in the leaked documents, Conti is organized like a regular tech company.