Yesterday, security researcher KrebsOnSecurity reported that several cryptocurrency platforms hosted by popular hosting provider Godaddy have been attacked over the past week. According to KrebsOnSecurity, the attacks began on or around November 13th on cryptocurrency trading platform liquid.com. Liquid CEO Mike Kayamori said GoDaddy incorrectly transferred control of the account and domain to a malicious actor. Kayamori added that the move allowed a malicious actor to change DNS records and thus, take control of a number of internal email accounts. Additionally, a malicious actor was able to partially penetrate the liquid.com infrastructure and gain access to document storage. The second …

In yet another attack on a major decentralized finance (DeFi) protocol, farming project Pickle Finance has been exploited today to the tune of $20 million. The attack transpired roughly two hours ago, and ETH-savvy Twitter users were quick to notice that pickle’s cDAI jar — Pickle’s term for a yield-bearing vault — had been emptied: I think @picklefinance's cDAI jar just got attacked and drained. https://t.co/Lxwi2dWSSZ pic.twitter.com/nUBE1KjEPh — mattyb (@mattybchats) November 21, 2020 Unlike other recent attacks however, this particular exploit did not feature flashloans — an increasingly maligned DeFi tool that allows would-be exploiters additional liquidity with which to …

Decentralized finance continues to make its impact on the crypto market, and with over $13 billion of total value of assets locked, DeFi projects are clearly resonating with eager crypto investors. Yet while the DeFi space has been progressing over the last year, a number of illegitimate projects have come to fruition, reminding some of the 2017 ICO boom and its subsequent bust. For example, Harvest Finance, a major decentralized protocol, was recently hacked. The attacker made away with $24 million from Harvest Finance pools. Most recently, Value DeFi, the decentralized finance protocol, fell victim to a $6-million flash loan …

On Nov. 14, an unknown party exploited flash loans via the decentralized finance protocol Value DeFi to the tune of $5.4 million. A number of individuals have received a portion of their stolen funds back, however, after pleading with the hacker using input data on the Ethereum blockchain. According to data from Etherscan, the hacker sent $95,000 in Dai back to two of the victims who posted messages accessible in the Ethereum block explorer’s input data on Sunday. “I lost $100,000 in your attack,” said one victim who claimed to be a nurse. “These are all my savings. I hope …

Hackers were reportedly able to exploit savings pools at Gibraltar-based decentralized finance protocol Akropolis, getting away with more than $2 million in stablecoins. The firm stated on Twitter on Nov. 12 that it had identified a hack “executed across a body of smart contracts in the savings pools.” Akropolis said the areas targeted by the hackers had already been audited twice, and only included “Curve Y and Curve sUSD savings pools.” Ethereum blockchain records show the hackers got away with more than 2,030,850 Dai by exploiting these savings pools. They then moved the funds to a different address. Akropolis has …

KuCoin cryptocurrency exchange has recovered the majority of funds lost in a $280 million hacking incident in September, a senior executive has said. Johnny Lyu, co-founder and CEO of KuCoin, announced on Nov. 11 that the exchange has now recovered 84% of stolen assets. Lyu said that the recovery process involved “on-chain tracking, contract upgrade and judicial recovery.” He also noted that the exchange will publish more details on reimbursement once the case is closed. According to Lyu, KuCoin has resumed full services for 176 tokens trading on its platform. He said that services for the remaining coins are scheduled …

Cryptocurrency-related crimes have slowed down in 2020, but some sectors within the crypto industry have become a new hotbed for criminal activity, a new report says. Citing major crypto analytics firm CipherTrace, Reuters reported on Nov. 10 that total losses from crypto thefts, hacks and fraud dropped from $4.4 billion in 2019 to $1.8 billion over the first 10 months of 2020. CipherTrace CEO Dave Jevans said that the general decline of criminal activity in the crypto industry is a result of increased security measures: “What we have seen is that exchanges and other cryptocurrency players have implemented more security …

On Nov. 2, the Axion Network launched its new token, known as AXN. The project touted the asset as a new investment vehicle, claiming that it would be the most profitable blockchain of its kind to date. During the interim leadup to AXN’s airdrop, five separate teams allegedly examined the token’s code; industry darlings such as CertiK and Hacken were among those who conducted the audits. A few short hours after the protocol’s freeclaim event, however, it became clear that something had gone awry. An unauthorized actor unexpectedly minted 79 billion AXN and unloaded them on the market. The price …

The amount of cryptocurrency and blockchain-related hacks has been decreasing over the course of 2020, a new report claims. According to data analyzed by VPN provider Atlas VPN, the number of hacks in the first half of 2020 dropped more than three times compared to the same period in 2019. The data is part of a report released by Atlas VPN on Oct. 28. According to Atlas VPN, 2019 was a record-breaking year for blockchain hackers that exploited 94 successful attacks in the first half of the year, while in H1 2020 there were 31. Per the report, 2019 as …

One of United States President Donald Trump’s re-election campaign websites was briefly defaced yesterday, according to an Oct. 28 article on TechCrunch. Hackers managed to replace donaldjtrump.com’s usual campaign rhetoric and request for donations with a spoof of the FBI’s “This site has been seized” message. The unknown attackers claimed to have obtained “strictly classified information” and encouraged people to essentially vote on whether they wanted the data released, using payments to two Monero wallets. Among the insider information reportedly on offer was evidence discrediting Trump as president and connecting his government to “the origin of the coronavirus.” There is …

Harvest Finance, a major decentralized finance protocol, has seemingly issued a $100,000 bounty in the aftermath of a $24 millon attack targeting its liquidity pools. In an Oct. 26 tweet, Harvest Finance said that there is enough data so far to identify the attacker, “who is well-known in the crypto community.” In addition to the BTC addresses which hold the funds, there is now a significant amount of personally identifiable information on the attacker, who is well-known in the crypto community. We are putting out a 100k bounty for the first person or team to reach out to the attacker …

There has been a hot political debate underway on who should take responsibility for countering North Korean hacks targeting South Korean cryptocurrency exchanges. Recently, South Korea's financial watchdog made it clear that they do not see this issue as any of their business. According to Fn News, the Financial Services Commission, or FSC, has replied to a written inquiry from the National Assembly’s Political Affairs Committee on October 23. The FSC says that they’re not responsible for the crypto stolen during attacks from hackers sponsored by the Kim Jong-un’s regime, such as Lazarus Group, on crypto exchanges. Per the report, …