News

CertiK Skynet has issued a warning about an exploiter that drained profanity wallets and subsequently transferred around 2,171 Ethereum (ETH), an approximate value of 4.4 million USD, to Tornado Cash. The exploit occurred in September 2022 and was attributed to a discovered weakness in profanity wallets that resulted in a limited range of possibilities for private keys, making them vulnerable to potential breaches. The recent movement of funds potentially signals a shift in the exploiter's strategy.

UniSat Wallet has announced its full compatibility with the latest brc-20 standard. Responding to widespread community concerns about discrepancies among different indexers, the blockchains-focused wallet service highlighted the stability and reliability of its indexer in a recent statement. Since its implementation in March, the UniSat indexer has proved to be dependable. Over time, the discussion around indexer discrepancy has come up repeatedly. UniSat, however, assured that it is practically impossible for an inactive whitelist module to create a fork, thereby eliminating any associated risks.

PeckShield, a blockchain security company, issued an alert that the cryptocurrency Expanso (EXPSO) has experienced a significant decline of -100%. A particular address, 0x8B54...8cca, reportedly swapped an enormous amount of 99,999,999,999,999 EXPSO for 42.79 Wrapped Ether (WETH), approximately valued at 87.7K USD. 

In the past 24 hours, contributors to Lido DAO, a Ethereum-based protocol, discovered a potential security vulnerability impacting an active Node Operator, namely InfStones. The vulnerability pertains to potential exposure of root-level access to 25 validator servers, which may or may not be linked to the Lido protocol. Currently, Lido contributors are actively collaborating with InfStones, aiming to investigate the incident comprehensively to understand its full extent and potential impact. As this situation progresses, the community will be provided with more detailed information in the forthcoming hours. User vigilance and caution are advised until further clarification is delivered regarding the matter.  

According to Wu Blockchain: A significant asset transfer has been detected from the HECO Chain Bridge to an empty address (0xFc146D1CaF6Ba1d1cE6dcB5b35dcBF895f50B0C4), with the total value surpassing $84 million. These transferred assets include 42.11 million USDT, 10,000 ETH, and 489 BTC, and were subsequently moved to various decentralized exchanges (DEX) like Uniswap and 1inch where they were converted to ETH. From there, the assets were sent to a new address. The HECO Chain Bridge and HTX Exchange are linked to Justin Sun, a prominent figure in the cryptocurrency community. This event marks the fourth significant security incident associated with Justin Sun's projects recently, which includes HTX, Huobi Wallet, Poloniex, and now another incident involving HTX and HECO.

According to CoinDesk: Tether, the issuer of the stablecoin, has frozen $225 million of its own stablecoin in response to a US Department of Justice (DOJ) investigation. The DOJ has centered its efforts on an international human trafficking ring rooted in Southeast Asia, which is linked to the notorious "pig butchering" scam. The scam reportedly cost US citizens $3.3 billion last year, according to the Federal Bureau of Investigation (FBI). The pursuit of this illicit operation, which has spanned several months, has leveraged blockchain analysis tools provided by Chainalysis. The event signifies the largest-ever freezing of a stablecoin to date, setting a new precedent on the cryptocurrency scene, according to a recent press release. The announcement also clarified that the immobilized tokens resided in self-custodied wallets and were not associated with Tether customers. Paolo Ardoino, CEO of Tether, spoke on the company's decisive action, emphasizing the importance of their proactive engagement with global law enforcement. He expressed Tether's aim to establish a robust safety precedent within the crypto space through this engagement and a commitment to transparency.

According to a report by Odaily, the Compound community successfully adopted and implemented the Compound v2 deprecation phase 4 proposal, aimed at adjusting seven risk parameters. The changes reflect the growing demand for a secure and sustainable DeFi environment. Here are the adjustments that have been made: 1. The ZRX staking factor has been reduced from 55% to 50%.  2. The YFI staking factor has been decreased from 65% to 60%. 3. The SUSHI staking factor has been diminished from 57% to 52%. 4. The MKR staking factor has been curtailed from 63% to 58%.  5. The LINK staking factor has been brought down from 69% to 64%. 6. The COMP collateral factor has been reduced from 50% to 45%. 7. The AAVE collateral factor has been lessened from 63% to 58%. These risk parameter adjustments reflect an ongoing effort to control and minimize the inherent risks related to DeFi platforms and strive towards a more secure and reliable decentralized finance ecosystem.

According to Cointelegraph: Decentralized cryptocurrency exchange dYdX has issued stricter trading measures after expending $9 million from its insurance fund on Nov 17 to offset user losses. This step was taken following an alleged targeted assault on the YFI token, which led to massive liquidations. According to an official announcement, the exchange has uplifted margin requirements on several 'less liquid markets,' affecting tokens such as Eos, 0x Protocol (ZRX), Aave, Algorand, Internet Computer, Monero (XRM), Tezos, Zcash, SushiSwap, THORChain, Synthetix, Enjin, 1inch Network, Celo, Yearn.finance, and Uma. The expansion of the insurance fund became necessary after an advantageous trade targeting YFI's extended positions engendered the liquidation of positions worth almost $38 million. The founder of dYdX, Antonio Juliano, labeled the development a "targeted attack" against the exchange. He added that YFI's open interest in dYdX had surged from $0.8 million to $67 million within a few days, instigated by a single entity's actions. The same entity reportedly had attempted an attack on dYdX's SUSHI market several weeks earlier. "Highly profitable trading strategies have now been prohibited on dYdX,” said the exchange’s team. Despite a 43% drop on Nov. 17, the price of YFI token continues to perform well overall, recording a gain of over 90% in the last 30 days. Yearn.finance has yet to reveal official details about the incident. Earlier concerns about a possible scam were counteracted by evidence showing substantial centralized exchanges as YFI's top holders on Etherscan.

According to BlockBeats: In the world of DeFi, illicit activities have taken on a new turn. An anonymous user has allegedly been exploiting manipulative tactics to profit from price fluctuations in the tokens YFI and SUSHI. As per data monitoring by Lookonchain, on November 19, the same technique employed to manipulate the price of YFI on dydx was observed. Wallets identified as "0xCCb6" and "0xB017" deposited large amounts of USDC into dydx from multiple addresses on November 14 and 15, causing suspicion of long positioning in YFI. Following the injection of USDC, the price of YFI saw an increase. With the value of YFI peaking on November 17, wallet "0xB017" reportedly withdrew USDC from dydx using several wallets and redeposited USDC into dydx through others, indicating a possible squaring of the long position and a short placement on YFI at its highest price. Post a sharp drop in the YFI price on November 18, wallet "0xB017" extracted a significant amount of USDC from dydx via various addresses, purportedly signifying the profits from shorting the YFI token. The report also drew parallels to a similar case on November 1, where the price of SUSHI saw a high volatility. The same user was suspected of employing identical methods to manipulate the price of SUSHI for profit.

In a new development reported by Odaily, Nostr Assets, a protocol that operates on the Lightning Network, has revealed that due to an overwhelming user response, its deposit feature will be temporarily suspended to enable certain maintenance activities. The announcement was made on the X platform. This marks the third time Nostr Assets has suspended its deposit function within this month. Since their announcement of the upcoming launch of Fair Mint on November 7, an intensive increase in user activities have led to these periodic suspensions. It's important to note that the project's previous airdrop token value was approximately $2,600, significantly contributing to the heightened user interest.

Recent on-chain data indicates that the gas fees associated with the Polygon network have experienced a surge, exceeding 1,000 gwei. Temporary reports suggest the standard gas fees reached a peak of 1,108.1 gwei. This increase, highlighting the significant demand for the network, underscores the continued need for scalability solutions to ensure sustainable, cost-effective transactions in the blockchain ecosystem.

According to data analysis platform SolanaFloor's monitoring data, Pyth, the decentralized oracle service, has made multiple on-chain transfers of PYTH tokens over the past ten hours. These transfers, which include a trial transfer of 1 PYTH and transfers in the hundreds of millions, suggest preparations for an upcoming airdrop might be in progress. On-chain data indicates that the PYTH token was established three months ago. The token has not yet officially entered circulation, however, its contract address (HZ1JovNiVvGrGNiiYvEozEVgZ58xaU3RKwX8eACQBCt3 on Solana) has been included in the PYTH token subpages on Coinmarketcap and CoinGecko. In a previous announcement, Pyth indicated it would airdrop 600 million PYTH tokens to over 75,000 addresses. Further, this morning, it announced an addition of 55 million tokens to the airdrop, targeting DeFi users. However, a specific date for the airdrop is yet to be confirmed.

According to Cointelegraph: Blockchain security firm CertiK recently alleged that Solana's crypto-enabled Saga phone held a "critical vulnerability," an assertion promptly refuted by Solana Labs. CertiK's charges suggested that the Saga phone carried a risk of a "bootloader unlock" attack, which could reportedly enable a malicious actor to install a concealed backdoor on the device. In its report, CertiK maintained that the exposed vulnerability would allow an attacker with physical access to the device to load tailor-made firmware embedding a root backdoor, thereby compromising the most sensitive data stored on the device, including cryptocurrency private keys. Contradicting these claims, a spokesperson from Solana Labs assured that CertiK's allegations were unfounded and the video did not disclose any known vulnerability or security threats to Saga phone users. Solana Labs elaborated that unlocking the bootloader and installing customized firmware involves a multi-step process that can only be executed after unlocking the device with the user's passcode or fingerprint. Android's internal Open Source Project documentation shows that this line of action is valid across a spectrum of Android devices. Moreover, the bootloader unlocking process results in wiping the device clean. This outcome is repeatedly prompted to users during the unlocking operation, which thus can't be executed without the users' active involvement or recognition. Any attempt to ignore repeated warnings about the consequences of unlocking the bootloader will result in the device and users' private keys being wiped out. It's notable that the Solana Saga phone was launched in April 2022 at a price of $1,099, aiming to integrate crypto apps into tech hardware through offering a Web3-native DApp store. However, due to a steady decline in sales, the price was later reduced to $599, four months post-launch.

De.Fi Antivirus Web3 has issued a significant phishing alert after a user reportedly lost around $3.4M due to approving an 'increaseAllowance' transaction on a fraudulent website. Additional crypto assets, specifically #aETHUSDT, were also stolen, following the signing of an ERC-2612 Permit message on the same malicious website. Phishing attacks typically involve cybercriminals masquerading as trustworthy entities to dupe users into disclosing valuable information or approving deceptive transactions. In this case, the rogue website managed to trick the user into authorizing a transaction, which led to a substantial financial loss. The phishing attack was linked to the following wallet address: https://de.fi/account/0xc108b793e293f1aac19418e899397e62fdf02575/dashboard/portfolio-overview and involved the phishing addresses "Fake_Phishing187019 - 0x00...0000" and "Fake_Phishing188615 - 0xed...0572."

According to Cointelegraph: Cryptocurrency exchange Poloniex, owned by Justin Sun, is readying to resume operations after suffering a significant security breach in mid-November. According to an official company announcement made on November 15, restoration efforts following the $100 million hack have been majorly completed. Poloniex stated that their platform is now operating smoothly, pointing out that they've enlisted the help of a top-tier security auditing firm to boost the security of funds on Poloniex. They also said withdrawal services would soon resume, stating, "they are in the final stages of the security audit and verification processes for Poloniex. Upon completion of the audit, we will promptly resume deposit and withdrawal services on our platform." However, they clarified that the evaluation process is still ongoing and is expected to take several more days. The major security breach occurred on November 10, with attackers stealing at least $100 million in cryptocurrency from the exchange. This prompted Poloniex to disable the wallet after detecting suspicious outflows. Blockchain security firm CertiK suggested that the incident likely involved a "private key compromise." Owner Justin Sun confirmed the team was investigating the incident shortly after Poloniex suspended its wallet. He assured that users affected by the breach would be fully compensated as Poloniex maintains a strong financial position. Sun also said they were exploring collaboration opportunities with other exchanges to regenerate the lost funds. Earlier this year, Poloniex agreed to a $7.6 million settlement requested by the United States Treasury Department’s Office of Foreign Asset Control concerning over 65,000 apparent sanctions program violations.

The crypto world navigates troubled waters as Poloniex, a popular cryptocurrency exchange, is suspected of having fallen victim to a major hack with potential losses surpassing $60 million. The suspicion arose when tokens from the Poloniex address '0xA910' began being transferred to a new address '0x0A59' in a rapid operation lasting around 40 minutes. Nearly $60 million worth of assets were involved in this suspicious transfer. Currently, '0x0A59' is seen to be dispersing funds to an array of addresses and converting them into Ethereum (ETH). The assets being converted include 11 million USDT already exchanged for ETH at the '0x5c2a' address, and 4.98 million USDC at the '0x8e4a' address. The analysis unveils atypical movement of funds from a specific Poloniex hot wallet, Poloniex 4. The total outflow from this wallet alone is estimated to be around $31 million. Cryptocurrencies that include Dogelon Mars (ELON), Shiba Inu (SHIB), and Wrapped Bitcoin (WBTC) are reported as sold. In response to the ongoing events, Poloniex has disabled the exchange wallet for maintenance and announced that an update will follow once service is restored. The situation is ongoing and further updates will be provided as they become available. Detailed transaction activities can be reviewed at: Poloniex 4 Address: https://scopescan.ai/address/0xa910f92acdaf488fa6ef02174fb86208ad7722ba?network=eth

In a surprising revelation emerging from Sam Bankman-Fried's ongoing fraud trial, former Alameda Research CEO, Caroline Ellison, testified to strategizing increased regulatory burden on Binance to enhance FTX's market share. Ellison confessed that inducing regulatory "crack down" on Binance was part of her and Bankman-Fried's plans to bolster FTX's position. This revelation came during her discussion about her attempts to support FTX and Alameda during the trial. Ellison has previously pleaded guilty to aiding Bankman-Fried in the misappropriation of FTX's assets worth billions. As per a lawsuit filed by the U.S. Securities and Exchange Commission (SEC) in June 2023, regulators had "promised" looming regulatory issues on Binance to Bankman-Fried. A report from Reuters suggests that a potential conflict of interest might be associated with Bankman-Fried's pre-arrest Zoom call with SEC Chair Gary Gensler in March 2022, which snagged attention due to blatant disregard of SEC protocols. Prior to its failure in November, FTX was the world's second-largest crypto exchange, and trailed Binance, according to Watcher Guru. However, Bankman-Fried's trial has shed light on the alleged foul play by FTX aiming to up the ante against Binance via regulatory sanctions. This six-week trial has raised ethical concerns related to business practices in the highly competitive and rapidly evolving cryptocurrency industry.

Changpeng Zhao (CZ), CEO of Binance, recently commented on Square with a post reflecting on Bitcoin's price surge over the past year. His statement, "Bitcoin was $15,588 a year ago today. You are so "lucky" you bought then," highlighting the cyclic nature of the cryptocurrency market

Interop Ventures, an early-stage venture fund devoted to investments in cross-chain economies, has finalized its financing round, amassing $3.85 million in funds, reported Coindesk on November 9, citing BlockBeats as the source. Notably, this funding round witnessed the participation of reputable entities such as KR1, LBank Labs, and industry executive, Sunny Aggarwal. Interop Ventures has emphasized their significant focus on the Cosmos blockchain ecosystem, outlining it as the primary beneficiary of their investment strategy. The infusion of such substantial funding in Interop Ventures confirms the growing interest in cross-chain technology and the Cosmos ecosystem. The capital raised is expected to fuel the development and expansion dynamics of new projects supported by Interop Ventures, bolstering the cross-chain economy's growth. More updates on the fund's disbursement and its impact on the Cosmos ecosystem will follow as developments transpire.