Go to listing page

Hackers Drain Cryptocurrency Worth Millions From Crypto-Wallets

Hackers Drain Cryptocurrency Worth Millions From Crypto-Wallets
With the rapid development of the Web3 industry, more and more hackers are targeting decentralized platforms, smart contracts, and crypto wallets. Recently, several crypto platforms including BTC[.]com, 3Commas, and Bitkeep have been added to the long list of hacks that took place this year in the crypto world.

BTC[.]com lost millions

  • BIT Mining Limited's subsidiary, BTC[.]com lost approximately $3 million worth of crypto assets due to a cyberattack on December 3.
  • Around $700,000 worth of crypto belonging to customers and $2.3 million in digital assets owned by the company were stolen.
  • The company said that due to coordination locally and within the company internally, some of its digital assets have already been secured.

Breach at 3Commas

  • 3Commas cryptocurrency platform admitted to a hack after a set of 10,000 API keys was published by a hacker on Twitter. 
  • The firm has urged Kucoin, Coinbase, and Binance to revoke all keys connected to 3Commas. 

$8 million drained from Bitkeep

  • In an ongoing BitKeep wallet exploit, hackers stole around $8 million in assets.
  • BitKeep disclosed on the official Telegram channel that the incident impacted users who downloaded an unofficial version of the BitKeep app.
  • It disclosed that some APK package downloads have been hijacked by hackers and installed with code implanted by hackers.
  • Experts revealed that the contract of the BitKeep project contains a vulnerability. 
  • This vulnerability allows an attacker to construct arbitrary data to call this function and transfer the tokens authorized by the user to the hacker's address.

It further warned that any wallet addresses created using the malicious APK should be treated as compromised and recommended users transfer all their funds to the official store.

Other cryptocurrency threats

  • GodFather mobile banking trojan was discovered targeting users of over 400 banking, crypto wallet, and crypto exchange apps.
  • Lazarus-linked threat actor DEV-0139 leveraged Telegram chat groups to target the crypto investment industry.

Conclusion

Security issues surrounding crypto wallets and the entire blockchain ecosystem have become prevalent. Hackers continue to dupe crypto users and investors through their innovative tactics. Users are recommended to practice caution, refrain from clicking on any unsafe or unsecured links, and focus on the security and integrity of Web3 security.
Cyware Publisher

Publisher

Cyware