Main topic: Hackers stole $62 million from Curve Finance, raising concerns about the strength of the decentralized finance ecosystem.
Key points:
1. Curve Finance is one of the largest decentralized exchanges (DEX) with $1.67 billion in total value locked (TVL).
2. Several DeFi projects' pools were also hacked, resulting in significant losses.
3. The hack was caused by a bug in older versions of the Vyper compiler contract programming language.
4. The hack represents about 4% of Curve's TVL, but a white hat hacker returned $5.4 million to Curve.
5. The hack highlights ongoing challenges and vulnerabilities in the crypto space.
Main topic: Russian state-sponsored hackers posing as technical support staff on Microsoft Teams to compromise global organizations, including government agencies.
Key points:
1. The hacking campaign was carried out by a Russian state-sponsored group known as APT29 or Cozy Bear.
2. The group is linked to the SolarWinds attack in 2020 and is part of Russia's Foreign Intelligence Service.
3. The hackers used previously compromised Microsoft 365 accounts to create new technical support-themed domains.
4. They sent Microsoft Teams messages to manipulate users into granting approval for multi-factor authentication prompts.
5. By gaining access to user accounts, the hackers aimed to exfiltrate sensitive information.
6. Less than 40 unique global organizations were targeted or breached, including government agencies, non-government organizations, and various sectors.
7. Microsoft has mitigated the use of the domains and continues to investigate the activity.
8. The campaign follows a recent incident where Chinese hackers exploited a flaw in Microsoft's cloud email service.
The US Department of Justice (DOJ) is reportedly investigating whether cryptocurrency exchange Binance has violated US sanctions against Russia by facilitating ruble-to-crypto trades, adding to existing allegations of market manipulation and anti-money laundering violations, which could have significant implications for the broader cryptocurrency ecosystem.
The FBI has issued a warning that North Korean threat actors may attempt to cash out stolen cryptocurrency valued at over $40 million, with recent investigations revealing that the group has moved approximately 1,580 bitcoin and is currently holding those funds in six different wallets.
“Max Galochkin: Unmasking the Man Behind the Notorious Trickbot Cybercrime Syndicate”
In this article, the author reveals the true identity of Max Galochkin, a member of the Russian cybercrime syndicate Trickbot. Through an extensive investigation involving leaked data, chat logs, and expert analysis, Galochkin's online persona as "Bentley" is linked to his real-life identity. The article explores Galochkin's role within Trickbot, the inner workings of the syndicate, and its connections to the wider cybercrime landscape and the Russian government. Despite global efforts to disrupt Trickbot and other cybercriminal groups, they continue to thrive, operating with connections to Russian intelligence and security services. Unmasking Galochkin sheds light on the challenges of deterring cybercrime and the impact of naming and shaming these criminals.
North Korea-linked hackers have stolen over $200 million worth of cryptocurrency this year, accounting for more than 20% of all stolen crypto, in order to fund the regime's nuclear weapons programs, according to blockchain intelligence firm TRM Labs.
North Korean hackers breached a Russian aerospace research institute and targeted Russian diplomats, potentially gathering intelligence on Russia's war in Ukraine, according to Microsoft.
North Korean restaurants in Laos, which are in violation of UN sanctions, may be playing a crucial role in laundering money generated through cybercrime activities by North Korean IT workers stationed in China, Russia, and Laos.
Notorious North Korean hacking group Lazarus, which has been increasingly active, is responsible for five major crypto hacks in the past three months, including the recent $54 million hack of global cryptocurrency exchange CoinEx, bringing their total theft to almost $240 million in just 104 days, according to a report by blockchain surveillance firm Elliptic.
The Hong Kong Police Force and Securities and Futures Commission have formed a working group to address illicit cryptocurrency exchange activities, particularly in response to the ongoing crypto scandal involving JPEX exchange, aiming to enhance monitoring, investigation, and collaboration on suspicious activities.
The thieves who stole more than $400 million from FTX may have ties to Russian cybercriminals, according to cryptocurrency tracing firm Elliptic, as they have used services that commingle funds with cryptocurrency from Russia-linked ransomware hackers and dark web markets.