430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Threat actors stole $55 million worth of cryptocurrency from bZx DeFi platform

DeFi platforms are a privileged target for crooks, threat actors have stolen $55 million from bZx DeFi platform. Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations. Attackers obtained two private keys for […]

Crypto exchange Bybit ETH

DeFi platforms are a privileged target for crooks, threat actors have stolen $55 million from bZx DeFi platform.

Threat actors have stolen $55 million worth of cryptocurrency from the bZx decentralized finance (DeFi) platform. The decentralized finance (DeFi) platforms allow users to borrow/loan and speculate on cryptocurrency price variations.

Attackers obtained two private keys for the DeFi platform through spear-phishing attacks, the attack was similar to the one that affected recently another user named “mgnr.io”. The company pointed out that the incident was not a protocol hack.

“A bZx developer had his personal wallet’s private keys taken in a phishing attack.” reads a Preliminary Post Mortem analysis published by the company. “A bZx developer was sent a phishing email to his personal computer with a malicious macro in a Word document that was disguised as a legitimate email attachment,” “This attack granted the hacker access to the content of the bZx Developers wallet, and also the private keys to the BSC and Polygon deployment of bZx Protocol. After gaining control of BSC and Polygon the hacker drained the BSC and Polygon protocol, then upgraded the contract to allow draining of all tokens that the contracts had given unlimited approval.”

The phishing message used a weaponized Word document that once opened ran a script on the developer’s computer allowed the attackers to access the employee’s mnemonic wallet phrase.

The attackers stole funds in the developer’s personal wallet along with the two private keys that were being used by the bZx platform for its integration with the Polygon and Binance Smart Chain (BSC) blockchains.

The threat actors used the keys to steal the platform’s Polygon and BSC funds, they were also able to steal funds from a small number of users who approved unlimited spend operations.

bZx has yet to confirm the exact amount of stolen funds, experts at blockchain security firm SlowMist speculate threat actors have stolen more than $55 million.

In response to the incident the platform has taken the following actions:

  • Contacted Banteg and Mudit Gupta to join us in the war room.
  • Contacted Tether and froze USDT from the hackers wallet. (see addresses below)
  • Contacted Binance and froze the BZRX that was stolen on BSC to prevent it from being transferred.
  • Contacted KuCoin and identified that one of the hackers wallets was used to transfer in and out of the exchange.
  • Disabled the UI on Polygon and BSC to prevent users from depositing.
  • Contacted USDC and requested to freeze USDC in the hackers wallet.
  • Contacted KuCoin to identify the hackers KuCoin account.
https://twitter.com/bZxHQ/status/1456716916454825984

bZx promised a bounty to the attackers in case they will return the stolen funds.

Recently, threat actors have stolen $130 million worth of cryptocurrency assets from another decentralized finance platform, the Cream Finance DeFI platform.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, DeFi)

[adrotate banner=”5″]

[adrotate banner=”13″]