News list for " Attacker"
According to on-chain analyst LMKFUN, Bybit attackers are exchanging ETH for DAI through multiple decentralized exchanges, including OKX decentralized exchange. The data shows that the attackers have transferred about $3.64 million worth of Ethereum to another address, and conducted two-way transactions and transfers of DAI tokens at that address.
Slow Mist Cosine said that it has followed up the Infini hacking incident for the first time. The attacker is very technical and understands smart contract operations, so it is possible to steal the funds in its Vault and related strategies with a private key, stealing twice: 11,455,666 USDC and 38,060,996 USDC.
CAT Protocol sent a letter to the protocol attackers on the X platform, saying it has gathered significant leads about the attempted attack and is working with security companies and law enforcement agencies such as SlowMist to track down and hold those responsible accountable. If the attacker's intention is to expose the vulnerability, encourage responsible and ethical engagement and contact via email, CAT Protocol is willing to reward such disclosure within the scope of the policy.
According to MistTrack, the DEXX event attackers are currently exchanging assets and bridging to Ethereum, as of now: There is still a balance of $620,000 in the 0xFFB9 address, which is distributed across the Ethereum and BNB chains and the Base chain. DEXX hackers have transferred 6212.4 ETH to Tornado Cash.
According to Scam Sniffer, most Solana wallet attackers actively use third-party domains to bypass the wallet blacklist. (For example, register an expired DAPP domain, now exploiting XSS vulnerabilities). If you see a DAPP pop-up with a second window (or redirect) asking to connect in another window, double check that it is secure.
ZachXBT, a detective on the chain, wrote on the X platform: "Radiant attackers have been long ETH on Hyperliquid through multiple addresses and have made about $600,000 so far."
Slow Mist founder Cosine Yu X confirmed in a post that DEXX attackers are collecting scattered stolen funds on Solana and splitting them from the collection address. Some of them are starting to use Wormhole cross-chain services to cross assets to addresses starting with Ethereum 0xffe224e.
The founder of Slow Mist, Cosine Yu X, wrote that in the early morning of this morning, various value tokens on the Solana address related to the DEXX attacker were exchanged for SOL. At present, these SOL have not been transferred out. In addition, the attacker's EVM (ETH/BSC/BASE) addresses have begun to experience abnormal tests, and there has been no large-scale abnormal.
SlowMist Cosine revealed on the X platform that the DEXX attacker started testing the token exchange ETH operation of the EVM chain half an hour ago.
SlowMist has released a list of DEXX attacker addresses, and 8,612 addresses have been identified on the Solana blockchain. The data comes from DEXX officials and reports from thousands of victims. As for the EVM chain, it is still cleaning and compiling statistics and is expected to be ready in the coming days.
Slow Mist founder Cosine X issued a statement saying that the attacker used the XSS vulnerability of the Cointelegraph website to trick the target user to open the Cointelegraph official website (with XSS malicious script), so: - malicious script loading execution; - The address bar is set to https://cointelegraph [.] com/not-public/drafts/article-1033 at first glance, I thought it was an official unpublished draft; - Sign in with X box; - After clicking Sign in with X, open X's third-party app ...
The founder of Slow Mist, Cosine Yu X, wrote that at around 4 a.m. this morning, various value tokens on the Solana address related to the DEXX attacker were exchanged for SOL. At present, these SOL have not been transferred out. In addition, the attacker's EVM address has not been changed for the time being.
Pump Science said on social media that the attackers are issuing more tokens from our compromised wallet. These tokens were not created by our team and the wallet has been compromised. Once again, none of these tokens were issued by our team and are fraudulent. Do not trust PSCIENCE's information page.
According to CertiK, the Polterfinance attackers split 11.5 million FTM (about $8 million) of stolen funds into Arbitrum and Ethereum in batches, and then began depositing funds into Tornado.Cash. So far, 220 ETH ($689,000) has been deposited into Ethereum from addresses starting with 0x141C.
According to PeckShield monitoring, polterfinance attackers have transferred 120 ETH to Tornado Cash. Previously, polterfinance was hacked and lost about $8.70 million worth of cryptocurrency.
7x24 Newsflash
Hot News
