Bitcoin News, Crypto News
Crypto-Sec Update: DeFi Saver Ownership Phishing Incident, iVest Closes Following Attack, and Hackathon Clipboard Hijacking
Aug
Latest on Crypto Scams and Security Threats
Understanding emerging threats in the cryptocurrency space and how to protect yourself.
Phishing Incident: $55 Million Lost by DeFi Saver User
On August 21, a user of the decentralized finance management platform DeFi Saver experienced a significant phishing attack. A report from Global Ledger, a blockchain security firm, indicated that the attacker misled the victim into ceding control of their DeFi Saver Proxy contract.
Following this transaction, the victim attempted to execute another transaction, which failed. Subsequently, the attacker seized ownership once again and drained the smart contract wallet, extracting over $55 million in DAI stablecoin.
Blockchain data indicates that the DAI was generated from a null address, implying that the attacker likely minted the stablecoin using the victim’s collateral rather than draining it directly from the victim’s funds.
The affected account, identified as “DSProxy #166,776” on Etherscan, was compromised when the owner unwittingly initiated a “Set Owner” function, assigning a fraudulent account as the new owner. This misstep highlights the importance of cautious transaction approvals.
iVestDAO: Closing Doors After $156K Hack
The decentralized finance protocol iVestDAO has announced a permanent halt to its operations after suffering a $156,000 exploit. Initially, the team had indicated plans to compensate investors and resume services, but recent communications confirmed the project’s closure.
The project’s Telegram admin expressed the decision as unfortunate, stating they are refunding investors with their own resources. However, they also noted that not all funds are recoverable, leading to a significant loss for the team and its community.
The exploit was executed through a ‘null address’ donation attack on August 12, which proved disastrous for the protocol.
New Malware: Copy2pwn Compromises Windows Smart Screen
A newly identified malware exploit named “copy2pwn” allows attackers to bypass the Windows Smart Screen security layer, according to findings from SecurityWeek. Although the latest Windows updates address this vulnerability, some systems may remain unprotected.
This exploit can lead to unauthorized installations of malware, posing a risk to private keys stored in software wallets. It has been documented as CVE-2024-38213 and is linked to recent threats detected by Trend Micro’s Zero Day Initiative.
Copy2pwn exploits the WebDAV protocol in Windows, originally designed to simplify web content sharing. Cybercriminals took advantage of a shortcoming that allowed unflagged content to sidestep Smart Screen protection, thereby increasing the risk of malware installation.
Reports indicate that this exploit has been utilized to deploy DarkGate malware, a sophisticated threat known for its stealthy nature and ability to harvest sensitive data.
Users relying on Windows Smart Screen should ensure they have the latest updates installed to mitigate potential risks.
Clipboard Hijacking Incident at Hackathon
On August 25, a software engineer from the ZKsync network community encountered clipboard-hijacking malware during a hackathon event. Porter Adams documented this unusual incident, noticing that a fellow participant’s device was compromised.
While attempting to send Ether (ETH) on the Sepolia test network, Adams discovered the participant’s clipboard had been hijacked. Instead of the intended crypto address, the malware would insert a different address controlled by the attacker, leading to potential loss of funds.
Fortunately, because the transactions were conducted on a testnet, no financial loss occurred. However, the incident serves as a cautionary tale for users engaged in cryptocurrency transactions. It underscores the importance of verifying addresses before confirming any transactions.
Final Thoughts
As fraudulent schemes and cybersecurity threats continue to evolve, it is vital for users to stay informed and vigilant. Regularly checking contract addresses, updating software, and being cautious with transaction approvals can significantly reduce the risk of falling victim to scams in the cryptocurrency space.