The cryptocurrency world has been abuzz with activity this week as hackers evolve from traditional to cutting-edge tactics. Some notorious groups stick to traditional methods while others embrace new and advanced methods.
Join us as we uncover the events of the past week in the thrilling world of cryptocurrency hacking that has left millions out. It might be helpful to know!
YoMix takes the stage
There was a noticeable decline in funds flowing into mixers from illegal addresses in 2023, plummeting from $1 billion in 2022 to $504.3 million in 2023. A significant driver of this change has been the global crackdown on hacking activity, including the sanctions and closure of notorious Mixers such as: Sinbad and Tornado Cassie.
The Lazarus Group, South Korea’s infamous hacking organization, has cleverly adapted to the changing environment. When Sinbad stopped receiving commissions, the group seamlessly transitioned to YoMix, a Bitcoin-based mixer. This transition highlights the resilience and adaptability of malicious actors, who easily switch to alternative services when their preferred platform is shut down.
PlayDapp: A double blow to blockchain gaming
Blockchain gaming platform PlayDapp has faced one or two devastating attacks during a turbulent week. The first cybersecurity breach resulted in $31 million in losses, and subsequent attacks resulted in the theft of a whopping $290 million worth of PLA tokens, the native cryptocurrency that powers PlayDapp’s gaming platform and NFT marketplace.
The perpetrators of the PlayDapp heist executed an elaborate plan to compromise private keys to mint 200 million PLA tokens worth $36.5 million. Undaunted, the hackers struck again on February 12, generating an additional 1.59 billion PLA tokens worth $253.9 million. This bold move not only exposed vulnerabilities in PlayDapp’s security, but also highlighted hackers’ ongoing access to the company’s systems.
Angel Drainer: Stealing from the Shadows
In a bold move, Angel Drainer targeted 128 cryptocurrency wallets and stole over $400,000. The attack cleverly leveraged Etherscan’s verification tool to hide the malicious nature of the smart contract. Blockchain security company Blockaid said the attack began with the distribution of a malicious vault contract.
Dual Beat Drama: Focus on Suspicious Transactions
Blockchain security analytics firm Cyvers discovered several suspicious transactions originating from Duelbits. This incident, which involves loss of wallet access control, resulted in a suspicious address receiving $4.6 million from Duelbits wallets on the Ethereum and BNB chains.
Hackers’ attempts to link assets from BNB to Ethereum ran into problems, ultimately revealing a vulnerability in the system’s gas fees. The hacker used FixedFloat to secure the funds needed for the linked transaction.
That wraps up our week. Stay tuned for our next roundup!