The Drug Enforcement Agency (DEA) lost over $55,000 in seized cryptocurrency to a common scam after falling victim to a crypto address spoofing attack. The scammer was able to trick the DEA by airdropping a fake address that resembled the real one used by the United States Marshals Service, resulting in the agency mistakenly sending the funds to the scammer's account. The scammer then converted the funds into ether and moved them to a new wallet, with over $425,000 received since June, and over $300,000 of that amount being moved in the last three weeks. The FBI is leading the investigation into the theft.
A hacker group, suspected to be Lazarus with ties to the North Korean government, stole $37.3 million in cryptocurrency from Estonia's CoinsPaid after tricking an engineer with a fake job offer.
Vitalik Buterin, co-founder of Ethereum, transferred 3,000 ETH ($4.9 million) to an unknown address, possibly to diversify and secure his funds, following previous transfers totaling about $6 million in ETH.
An alleged hacker made suspicious withdrawals totaling $16 million from the crypto gambling site Stake.com, raising concerns about stolen funds and the security of crypto gambling platforms.
North Korea-linked hackers have stolen over $200 million worth of cryptocurrency this year, accounting for more than 20% of all stolen crypto, in order to fund the regime's nuclear weapons programs, according to blockchain intelligence firm TRM Labs.
Ethereum creator Vitalik Buterin's Twitter account was hacked, resulting in the theft of $691,000 from users who clicked on a malicious link and connected their wallets, raising concerns about Twitter's security and the compensation for victims.
Hackers behind the $41 million hack of cryptocurrency casino Stake have moved an additional $328,000 million worth of Polygon and BNB tokens to the Avalanche blockchain, bringing the total transferred funds to $4.8 million, representing 1.2% of the total stolen amount.
Vitalik Buterin explains how hackers used a SIM swap attack to take control of his Twitter account and steal $691,000 from his followers, highlighting the vulnerability of using phone numbers for account recovery.
The Milady Maker NFT project on the Ethereum blockchain has been exploited, resulting in the diversion of around $1 million in fees and the takeover of social media accounts, according to co-founder Charlotte Fang. However, user assets and reserves are reportedly safe, and the individuals involved in the exploit have been terminated and will be pursued legally.
A phisher who stole $24.2 million worth of staked Ethereum is using the crypto mixer Tornado Cash to move their stolen assets, according to crypto security firm PeckShield.
CoinEx, a global cryptocurrency exchange, suffered a hack where large amounts of digital assets were stolen, with preliminary estimates suggesting a loss of around $43 million, possibly linked to the North Korean hacking group Lazarus.
Hong Kong-based cryptocurrency exchange CoinEx has confirmed that compromised private keys allowed hackers to steal over $70 million worth of tokens, and is working on rebuilding its wallet system to restore functionality and compensate affected users.
A cryptocurrency holder has lost $4.46 million in a phishing scam after funds were withdrawn from a Kraken exchange wallet and sent to a scammer's address, with scammers stealing around $337.1 million in total through similar attacks.
A hacker stole customer information from crypto data firm Nansen by breaching a third-party vendor, exposing the personal information of 6.8% of users, including email addresses, password hashes, and blockchain addresses.
Ethereum co-founder Vitalik Buterin's wallet has been flagged for multiple transactions totaling over $3.9 million, including a recent transfer of 400 ETH worth $632,000 to Coinbase.
Hong Kong-based crypto company Mixin announced that hackers breached its cloud service provider and stole approximately $200 million, leading to the temporary suspension of deposit and withdrawal services while the vulnerabilities are fixed. The company has engaged the help of Google and SlowMist to investigate the incident. The hack on Mixin is the largest theft in the crypto world this year, surpassing the previous record set by Euler, a crypto lending platform.
Scammers are targeting Friend.tech users through SIM-swap attacks, with one scammer stealing $385,000 worth of Ether in less than 24 hours, prompting calls for increased security measures such as two-factor authentication.
Hackers are selling leaked user data from 23andMe accounts on the dark web, but the company claims its security systems have not been breached and the data was likely obtained from leaked usernames and passwords from other platforms.
Hackers stole and posted for sale the data of 23andMe users, using a technique called "credential stuffing" to guess logins and gather more information through an opt-in feature, with a particular focus on Ashkenazi Jews and users of Chinese descent, although the sample data has not been verified by the company.