Blockchain & Cryptocurrency
                                                    ,
                                                            Cryptocurrency Fraud
                                                    ,
                                                            Fraud Management & Cybercrime
                                                                                                
                    Also: Web3 Lost $889M in Q3, Hackers Stole from HTX, Nansen, OpenSea
                

Every week, ISMG rounds up cybersecurity incidents in digital assets. This week: Mixin Network investigated a $200 million hack, Web3 lost $889 million to hacks, phishing scams and rug during the third quarter, hackers stole $8 million from HTX, Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.
See Also: Live Webinar | Cyber Resilience: Recovering from a Ransomware Attack
Mixin Network
Hackers stole $200 million from Mixin Network over the weekend by targeting the “decentralized” finance company’s cloud service provider’s database, the Hong Kong-based crypto wallet service provider said in a tweet. In a livestream on Tuesday, Mixin Network founder Feng Xiaodong said that the team can currently “only ensure at least half of the assets are secure.”
The company also offered a $20 million “bug bounty reward” to the hacker for the return of the stolen funds. It said in a Wednesday statement on X, formerly Twitter, that the losses were “not as significant as expected.”
Web3 Losses
Web3 collectively lost $889.26 million from hacks, phishing scams and rug pulls in the third quarter of 2023, Beosin said. The amount exceeded the combined sum of the first two quarters, which saw $330 million and $333 million worth of losses in the first and second quarters, respectively. Of the total 43 major attacks that together resulted in a loss of $540.16 million, 29 occurred in the decentralized finance space, contributing $98.23 million to the total. Private key compromise incidents and contract vulnerabilities were the primary reasons behind the losses.
HTX, formerly Huobi
Hackers stole $7.9 million from crypto exchange HTX, but the company “resolved all related issues” as it has “fully covered the losses incurred from the attack,” its advisor Justin Sun said. The attack came two weeks after the 10-year-old company changed its name from Huobi. The stolen amount only represents a “relatively small sum” compared to the $3 billion worth of assets its users hold, he said, adding that the pilfered funds make up about two weeks of revenue for HTX.
The company offered 5% of the stolen funds – nearly $400,000 – as a “white-hat bonus” to the hacker in a bid to have them return the money.
Binance
Binance lawyers on Thursday asked a U.S. district court to dismiss a case by the Securities and Exchange Commission, which alleges market manipulation and wash trading by units connected to the crypto giant’s U.S. arm. Wash trading is a market manipulation tactic where a single trader buys and sells the same security to create the impression of activity in the market. The SEC previously said that Binance was using multiple user accounts held by a Swiss firm called Sigma Chain to carry out illegal activity (see: US SEC Sues Binance and Coinbase Over Securities Violations).
Nansen
Hackers compromised a third-party server to gain admin access and steal emails, password hashes and blockchain addresses of Nansen users, the crypto analytics platform said. The breach impacted 6.8% of its users. The company said it contacted affected users to warn them to change their passwords and be aware of phishing attacks.
OpenSea
A third-party security incident may have reportedly exposed user information of NFT marketplace OpenSea, including API keys. The company did not disclose how many users were affected by the hack. The company said the theft is unlikely to affect any programs that utilize an OpenSea API key, but that if external parties use one of the exposed keys, it could affect rate and usage limits. The company will sunset existing keys by Oct. 2, The Block reported.
