Russian cryptocurrency exchange Livecoin hacked, services disrupted
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
Roundup of crypto hacks, exploits and heists in 2020 – BITCOININNEWS.COM
Unlike in previous years, crypto news in 2020 has not been dominated by major exchange hacks and million dollar Bitcoin thefts. However, there have still been quite a few and most of them have originated from the nascent decentralized finance sector.
DeFi has been one of the main drivers of crypto market momentum in 2020 and it stands to reason that the emerging financial landscape has been a magnet for scammers and hackers. Largely unaudited smart contracts coupled with cloned code have been a recipe for vulnerabilities and exploits, often resulting in millions of dollars in digital assets being pilfered.
A CipherTrace report from November 2020 stated that during the first half of the year, DeFi took up 45% of all thefts and hacks resulting in over $50 million lost. That figure rose to 50% of all thefts and hacks in the second half, according to the report. Speaking to Cointelegraph, CipherTrace CEO Dave Jevans warned of a potential regulatory crackdown: “DeFi hacks now make up more than half of all cryptocurrency hacks in 2020, a trend that is attracting attention from regulators.”
He added that of greater concern to regulators is the lack of Anti-Money Laundering compliance: “Funds stolen in the largest hack of 2020 – the $280 million KuCoin hack – were laundered using DeFi protocols.” Jevans also believes that 2021 is likely to bring clarity from regulators in terms of what actions DeFi protocols are expected to take to avoid the consequences of a failure to comply with AML, Capture the Flag, and possible sanctions.
The KuCoin hack occurred in late September when exchange CEO, Johnny Lyu, confirmed that the incursion affected the firm’s Bitcoin, Ethereum, and ERC-20 hot wallets, after private keys were leaked.
By early October KuCoin said it had identified suspects and had officially involved law enforcement in the investigation. By mid-November the Singapore based exchange declared that it had recovered 84% of the stolen crypto and resumed full services for the majority of its tradable assets.
There were other exchange hacks this year, but KuCoin was the largest. In February Italian exchange Altsbit lost almost all of its funds in a $70,000 hack, and there have been a couple of other minor crypto exchange breaches. In October 2020, as many as 75 centralized crypto exchanges had closed due to various reasons, hacking being onem.
With billions of dollars pouring into DeFi protocols and yield farms, the emerging landscape became a hotbed for hackers. The first major incursion of 2020 happened on DeFi lending platform bZx in February when two flash loan exploits resulted in the loss of nearly $1 million in user funds. A flash loan is when crypto collateral is borrowed and repaid within the same transaction.
bZx froze operations to prevent further loss, but this generated a wave of criticism from industry observers claiming that it was ultimately a centralized platform after all and could be the “death of DeFi.”
Markets crashed in March resulting in a lot of collateral liquidations, especially for Maker’s MKR token, but these were not hacks. The next one of those came the following month when a wrapped version of Bitcoin called imBTC was attacked using something called an ERC-777 token standard reentrancy method. The attacker was able to siphon a Uniswap liquidity pool for all of its value, estimated to be $300,000 at the time.
April also saw Chinese lending platform dForce drained of all its liquidity using the same exploit. The hacker repeatedly increased their ability to borrow other assets and made off with around $25 million in funds.
In June, an exploit was discovered in Bancor’s smart contracts that resulted in the draining of as much as $460,000 in tokens. The DeFi automated market maker stated that they had deployed a new version of the smart contract that had fixed the vulnerability.
Balancer was the next DeFi protocol to get exploited to the tune of $500,000 in wrapped Ether pilfered from its liquidity pools using a well-planned arbitrage attack. A series of flash loans and arbitraged token swaps were carried out in an attack on a vulnerability that the Balancer team apparently already knew about.
Not so much a hack as another exploit, but bZx was in the news again in July with a dubious token sale that was manipulated by bots placing buy orders in the same block that marked the start of the token generation event. Almost half a million dollars in price pump profits was captured by the attackers.
DeFi options protocol Opyn was the next victim in August when hackers exploited its ETH Put contracts making off with more than $370,000. The exploit allowed attackers to “double exercise” Ethereum Put oTokens and steal the collateral. Opyn recovered around 440,000 in USDC from outstanding vaults using a white hat hack, effectively returning them to Put sellers.
Again, not a direct hack but a code flaw in an unaudited Yam Finance smart contract affected the rebasing of the governance token resulting in a price collapse in mid-August. The protocol was forced to appeal to DeFi whales to save it by voting for a restart as version 2.
The SushiSwap saga began at the end of August and the terms “vampire mining”’ and “rug pull” were coined. The anonymous protocol cloner and administrator known as “Chef Nomi” sold $8 million worth of SUSHI tokens causing the token price to collapse. A few days later, the protocol was rescued by FTX exchange CEO Sam Bankman-Fried, who was handed control by a consortium of DeFi whales through a multi-signature smart contract. Eventually all the funds were returned to the developer fund.
The rug pulls, or “pump and dumps” as they were termed during the previous altcoin boom in 2017, continued with a number of DeFi clones such as Pizza and Hotdog. Token prices for these food farms surged and collapsed within hours and sometimes even minutes.
In mid-October, hordes of “degenerate farmers,” or degens as they were termed, piled money into an unaudited and unreleased smart contract from DeFi protocol Yearn Finance founder Andre Cronje. The Eminence Finance contract lost $15 million when it was hacked within hours of Cronje posting teasers about the new “gaming multiverse” on twitter. The hacker returned around $8 million but kept the rest, which prompted the disgruntled traders to initiate legal action against the Yearn team over lost funds.
In late October, a sophisticated flash loan arbitrage attack on the Harvest Finance protocol resulted in the loss of $24 million in stablecoins in around seven minutes. The attack sparked debate as to whether these exploitations of the design of the system can be considered as hacks.
November was a particularly painful month for Akropolis which had to “pause the protocol” as hackers made off with $2 million in DAI stablecoin. The Value DeFi protocol lost $6 million in an all too common flash loan exploit, yield generating stablecoin project Origin Dollar was exploited for $7 million, and Pickle Finance suffered a $20 million collateral loss in a sophisticated “‘evil jar” exploit.
One that broke the mold of exploiting the system was a personal attack on an individual in mid-December. Nexus Mutual DeFi protocol founder Hugh Karp lost $8 million from his MetaMask wallet when a hacker managed to infiltrate his computer, spoofing a transaction. These types of attacks are generally less common as they involve some degree of social engineering.
The last reported flash loan attack of the year, so far, was an $8 million incursion on Warp Finance on December 18.
Many retail traders and investors have also fallen foul to phishing attempts and Ledger hardware wallet owners have also been targeted in 2020 after the personal information of some 272,000 Ledger buyers was hacked.
The majority of smart contract and flash loan exploits in 2020 will serve to battle-harden the emerging financial ecosystem as it develops. New and smarter DeFi protocols are likely to emerge next year, but, as always, scammers, hackers and cybercriminals will also up their game in an attempt to stay ahead.
A huge dose of vigilance and attention is needed to delve into the current world of DeFi, but it has come a very long way in such a short period of time, and the decentralized financial landscape of the future is constantly evolving.
Price Of Bitcoin On Russian-Crypto Exchange Livecoin Hits $450k Following Server Breach
Cyber-attacks seem unending within the crypto space as several exchanges keep recording cases of a security breach from cybercriminals.
A recent report reveals that a Russian Cryptocurrency Exchange, Livecoin, has just suffered a similar fate. Livecoin has reportedly been hacked and has lost control over its servers.
Livecoin records approximately $16 million worth of transactions daily and is ranked as the 173rd Cryptocurrency Exchange on the internet.
Considering the significant amount of funds traded on the exchange daily, the hackers may tend to receive high revenue through the manipulations.
Thus, many customers will lose their funds if immediate awareness isn’t made, and proper actions not taken.
The exchange had warned its members to stop using the exchange when they noticed the breach.
According to the report, the hackers had partially changed the exchange rates to 10-15 times the actual value.
“The hackers tweaked the exchange rate for Bitcoin from the regular $23,000/BTC to more than $450,000/BTC, Ether grew from $600/ETH to $15,000, and XRP price increased from $0.27/XRP to more than $17/XRP.” as explained in the report.
This suggests that the hackers are liable to extort massive revenue through the increased rates from customers who may still be ignorant of the breach.
The company suspects the attack had happened the night between December 23rd and 24th and has been prepared for over the last few months.
The exchange wrote a message on its official website, explaining further about the attack.
The message reads;
“We lost control of all of our servers, backend, and nodes. Thus, we were not able to stop our service on time. Our news channels were compromised as well.”
Author: By TeamMMG
Bitcoin Hits $500K on Russian Crypto Exchange After Hackers Take Control — Users Cry Exit Scam
Cryptocurrency trading platform Livecoin claims that it has been hacked after the crypto community noticed the price of bitcoin shoot up to half a million dollars. Meanwhile, users are complaining that they cannot withdraw their funds, suspecting the exchange of pulling an exit scam.
Russian cryptocurrency exchange Livecoin claims that it suffered a security breach over Christmas after the crypto community observed the price of bitcoin and other cryptocurrencies soar exponentially on the exchange above their market prices.
Bitcoin was reportedly trading at about $500,000, while ETH surpassed $15,000, and XRP rose above $17. At other exchanges, BTC is currently trading at around $24,813, ETH at $630, and XRP at $0.31.
Meanwhile, a number of users are complaining on social media that their deposits were not credited to their accounts and they could not withdraw their funds from the exchange. This has caused many to suspect an exit scam.
Livecoin subsequently posted a message on its website on Christmas Eve asking customers to stop using its services. “Don’t deposit funds, don’t trade, don’t use API,” the notice reads, adding:
We are under a carefully planned attack, which has been prepared, as we assume, over the last few months. We lost control of all our servers, backend and nodes.
The notice continues, “we were not able to stop our service in time … We are working in contact with local police authorities. We really do our best to overcome this issue.”
Do you think Livecoin is exit scamming? Let us know in the comments section below.
The post Bitcoin Hits $500K on Russian Crypto Exchange After Hackers Take Control — Users Cry Exit Scam appeared first on Bitcoin News.
Author: By TeamMMG