spot_img

Investigating the Recent Crypto Hacks: A 24-hour Recap

Cryptocurrency is a rapidly evolving industry that offers tremendous opportunities for investors and enthusiasts alike. However, as with any promising investment sector, it also attracts malicious actors seeking to exploit vulnerabilities for personal gain. In this article, we delve into the recent 24-hour period that saw several notable crypto hacks and security breaches.

1. The @Libertify_ Hack:
One of the notable incidents involved the @Libertify_ platform, which incurred a staggering loss of approximately $452,000. Our investigation reveals that the hack was made possible due to a lack of reentrancy protection. This vulnerability enabled the hacker to exploit the deposit() routine multiple times, thereby minting more shares and siphoning funds. Furthermore, we discovered that a portion of the stolen funds, roughly 123.8 ETH, were bridged to Ethereum via CelerBridge.

2. The @Rodeo_Finance Hack:
Another significant hack occurred at @Rodeo_Finance, resulting in losses amounting to approximately $1.53 million. Our analysis of this incident suggests that it was a “ForceInvestment” hack. The flaw resided in the Investor.earn() routine, which allowed the hacker to manipulate the swapping process from USDC to WETH and eventually to unshielded Ethereum (unshETH). In this case, the slippage control mechanism failed to mitigate the exploit due to a flawed unshETH price oracle.

Correction: It should be noted that the total loss from the @Rodeo_Finance hack is 472 ETH, equivalent to approximately $888,000.

3. Exploiter’s Activities:
The exploiter in the @Libertify_ hack has been active in moving the stolen funds. Currently, the exploiter’s Ethereum address holds roughly 210.7 ETH. Additionally, PeckShield has detected that around $16,000 worth of USDT has been exploited on Ethereum using the @Libertify_ vulnerability.

4. Unseen Transfers:
PeckShield has further identified the transfer of approximately 65 ETH to Tornado Cash from the exploiter of @ArcadiaFi. These movements point to the ongoing cat-and-mouse games between hackers and security experts within the cryptocurrency ecosystem.

5. Phishing Attacks:
In the midst of these hacking incidents, phishing attacks have reared their ugly heads as well. A fake XEN crypto airdrop is being promoted on Twitter via hxxps://join-xen.com/, which connects to a known phishing contract. Crypto enthusiasts are strongly advised to be cautious and refrain from interacting with such fraudulent schemes.

The past 24 hours have witnessed several high-profile crypto hacks, reminding us of the persistent threats faced by the cryptocurrency community. It is imperative for platforms and users alike to be vigilant, ensuring that robust security measures are in place to safeguard digital assets. As the crypto landscape continues to evolve, staying informed about security vulnerabilities and emerging threats becomes essential to maintaining a secure and thriving ecosystem.

Recent Articles

spot_img

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on top - Get the daily news in your inbox