The United States is arguably involved in a cyberwar against Russia and China - and appears to be losing. In this episode of "Cybersecurity Unplugged," Tom Kellerman of Contrast Security and Richard Bird of Traceable.ai discuss what the U.S. government and companies need to do to win this cyberwar.
Whoever stole $160 million from Wintermute, the cryptocurrency trading firm's CEO, Evgeny Gaevoy, would like the money back, minus 10% that's on the house. A hack of the London-based crypto market maker rocked the company, which supplies liquidity to cryptocurrency trading.
A newly uncovered vulnerability in a wallet addressing tool may be the reason a hacker stole $160 million in digital assets from market maker Wintermute. The company's CEO tweeted that the company is solvent and will honor requests to repay lenders.
Ransomware gives cryptocurrency a bad name. U.S. federal regulators have noticed, publishing on Friday a slew of recommendations for ensuring that the blockchain world isn't a criminal haven. Among them are legislative proposals that would strengthen anti-money laundering statutes.
A thief stole $1.25 million worth of cryptocurrency from DeFi protocol New Free DAO in a flash loan attack and so far has cashed out nearly half of the funds. The attack resulted in a sharp drop in the platform's native token $NFD, whose value slumped more than 99% day-on-day on Thursday.
An attacker stole at least $370,000 worth of USDC stablecoins from a smart contract on the Avalanche blockchain in a flash loan attack, affecting liquidity providers. Victim Nereus Finance is enticing the thief to return the stolen funds for a 20% "no questions asked" white hat reward.
U.S. sanctions on Tornado Cash are driving North Korean hackers away from the cryptocurrency mixer. Chainalysis says hackers' use of ineffective obfuscation techniques allowed the blockchain analysis firm to participate in an operation that recovered $30 million stolen from the Ronin bridge.
The world's largest cryptocurrency trading platform is bankrolling a lawsuit challenging the U.S. Department of the Treasury's sanctions against Tornado Cash. The cryptocurrency mixer is a favored tool of North Korean crypto thieves, who use it to launder stolen funds.
Two individuals exploited a flaw in an unaudited smart contract deployed by Rug Pull Finder, a web3 security company that offers smart contract audits to blockchain companies. They scooped up 450 non-fungible tokens from the "Bad Guys" collection, whose theme is bad guys stealing NFTs.
Ethereum is offering up to $1 million bounty to white hat hackers who identify merge-related critical vulnerabilities on its blockchain. The four-fold increase in reward will be applicable between Wednesday and Sept. 8. The merge is set to be completed by Sept. 20
Cryptocurrency trading platform Coinbase faces a proposed class action from a user who says poor security led to the theft of $200,000 from his account. Attempts by plaintiff Manish Aggarwal to contact the company turned into a fight with an "impenetrable automated 'customer service' process."
Hackers looted Bitcoin ATMs of $16,000 in an attack manufacturer General Bytes says stems from a zero day vulnerability accidently introduced in 2020. An executive with the Czech company suggest attackers may have been motivated out of vengeance for its pro-Ukraine stance.
Denis Mihaqlovic Dubnikov, 29, allegedly participated in a conspiracy to launder money obtained through Ryuk ransomware. Operators behind the malware mounted one of the largest cyberattacks against the healthcare sector in a fall 2021 ransomware spree.
Dutch police have arrested a man accused of working as a developer for Tornado Cash. "He is suspected of involvement in concealing criminal financial flows and facilitating money laundering through the mixing of cryptocurrencies via the decentralized Ethereum mixing service," Dutch authorities say.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.