An Estimated $55M Stolen in bZx Phishing Attack

2021-11-8 08:36

On Nov 5, a bad actor managed to steal a trove of BZRX tokens and other cryptocurrencies on BSC and Polygon by using bZx private keys that were obtained in a phishing attack. The attacker was then able to deposit the stolen BZRX as collateral to borrow against other funds on the protocol.

bZx is an L2 DeFi margin lending protocol that runs on Ethereum, Polygon, and BSC. The deployment, governance, and DAO vault on Ethereum were not affected by the phishing attack, nor was the bZx smart contract.

The attack granted the hacker keys to the Polygon and BSC deployment of the bZx protocol and affected lenders, borrowers, and farmers, and those who had given unlimited approvals to those contracts. Funds were then removed from the BSC and Polygon implementation of bZx.

Blockchain ecosystem auditors Slowmist estimated the value of the lost funds to be in the region of $55M.

Timeline of the attack

bZx released a preliminary report on the attack method, timeline, and repercussions. Initially, a developer’s mnemonic wallet phrase was compromised.

Early on, bZx was notified of a negative balance in a user’s account and that utilization rates were high. Thereafter bZx determined there had been suspicious activity on the Polygon and BSC deployments, and tracked stolen funds to wallet addresses. The attacker moved the stolen funds throughout Binance, KuCoin, and Circle, who were notified to take mitigatory action.

Etherscan, a tool to view data on any pending or confirmed Ethereum blockchain transactions, revealed the addresses of the wallets containing the stolen funds.

Polygon:

0xafad9352eb6bcd085dd68268d353d0ed2571af89 (2 million BZRX)

BSC: 

0x74487eed1e67f4787e8c0570e8d5d168a05254d4 (10 million BZRX)

0x967bb571f0fc9ee79c892abf9f99233aa1737e31 (2.5 million BZRX)

0x0ACC0e5faA09Cb1976237c3a9aF3D3d4b2f35FA5 (Primary hacker wallet)

Ethereum:

0x74487eed1e67f4787e8c0570e8d5d168a05254d4 (10 million BZRX)

0x967bb571f0fc9ee79c892abf9f99233aa1737e31 (12 million BZRX) 

0x967bb571f0fc9ee79c892abf9f99233aa1737e31 (82K BZRX)

0x74487eEd1E67F4787E8C0570E8D5d168a05254D4 (4 million ETH, primary hacker wallet)

0x1ae8840ceaef6eec4da1b1e6e5fcf298800b46e6 (USDT was frozen, hacker wallet)

0xAfad9352eB6BcD085Dd68268D353d0ed2571aF89 ($1.4 million DAI, $243K USDC, $15m ETH, hackers wallet)

0x967bb571f0fc9ee79c892abf9f99233aa1737e31 (2 million ETH, hacker wallet)

0x6abcA33faeb7deb1E61220e31054f8d6Edacbc81 (1.5 million BZRX, hacker wallet, internal transactions from KuCoin) 

0x1Ae8840cEaEf6EeC4dA1b1e6e5FCf298800b46e6  (Hacker sent funds out from KuCoin to this address)

bZx response

bZx claims that it is working with law enforcement, exchanges, and investigators to identify the perpetrator and recover the stolen funds. It’s relaunching the Polygon and BSC deployments under Decentralized Autonomous Organization (DAO) control and are developing a compensation plan for affected users.

It’s also published a message to the attacker, encouraging them to return the stolen funds in return for a bounty. Users are reminded to revoke any bZx contract approval on Polygon or BSC.

An earlier bZx attack in February 2020 saw $500.000 in ETH stolen. After that, the DeFi lending protocol team worked to strengthen security on L2 by allowing an external audit of the core protocol.

The post An Estimated $55M Stolen in bZx Phishing Attack appeared first on BeInCrypto.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Bitcoin Zero (BZX) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0038293 (-100%)

attack phishing bzx stolen 55m estimated keys

attack phishing → Результатов: 66


Фото:

Notorious Hacker Group Lazarus Is Targeting The Cryptocurrency Industry Via LinkedIn – Warns Security Firm

Blockchain and cryptocurrency professionals on LinkedIn are under a new phishing threat that’s targeting them disguised as crypto-related job offers advertised on the platform. A new report by Finland-based Cyber Security Firm F-secure has linked the attack to one of the most infamous and allegedly State-backed North Korean hacking group, Lazarus, which targets organizations globally […]

2020-8-26 15:56


Coinbase Reveals How It Averted A Complex Hacking Attack Seeking To Extract Private Keys And Passwords

Coinbase’s security team has revealed that it managed to stop a complex phishing attack that sought to extract user private keys and passwords. In an official blog post the crypto exchange giant revealed that the incident involved the exploitation of two 0-day vulnerabilities on the Mozilla Firefox browser. According to the blog post, the first […]

2019-8-9 21:17


Coinbase рассказала о попытке продуманной хакерской атаки

Крупнейшая американская криптовалютная компания Coinbase сообщила об «изощренной, целенаправленной, продуманной атаке», которая могла позволить хакерам получить доступ к ее системам и средствам на миллиарды долларов.

2019-8-10 16:17


Coinbase раскрыла подробности «изощренной» хакерской атаки

Крупнейшая американская криптовалютная компания Coinbase сообщила об «изощренной, целенаправленной, продуманной атаке», которая могла позволить хакерам получить доступ к ее системам и средствам на миллиарды долларов.

2019-8-9 15:35


Security Researcher Uncovers Witty Phishing Attack On Binance Exchange Users

Security Researcher Uncovers Clever Phishing Attack On Binance Users One of the major issues affecting the cryptocurrency industry and a major hindrance to its popularity is lack of security. Cryptocurrency exchanges have been targeted in hacks that have led to the loss of billions of dollars worth of cryptocurrency. However, it seems the attackers are […]

2019-6-3 22:31


Фото:

Crypto Wallet Manufacturer Ledger Detects Malware Targeting its Desktop Application

Ledger, a crypto wallet startup, tweeted Friday, April 25, 2019, that they have detected a malware that could possibly replace the Ledger Live desktop application with a malicious one. “Only” a Phishing Attack After detecting the malware that had affected their systems, Ledger was quick to warn its users through their tweet.

2019-4-29 21:00


Фото:

Lazarus Hacker Group Continues to Target Crypto Using Faked Trading Software

This article was originally published by 8btc and written by Lylian Tang. The Chinese security service provider 360 Security has issued a warning that a large number of crypto exchanges have been targeted by the North Korean hacker group Lazarus and that the number is still rising after the recent hacks of crypto exchanges DragonEx, Etbox and BiKi.

2019-4-2 21:54


LocalBitcoins Users Scammed of Bitcoin in Phishing Attack, Forum Suspended

Users of the peer-to-peer OTC Bitcoin trading service LocalBitcoins have been targeted by cyber criminals as part of a phishing scam, resulting in the user’s Bitcoin being stolen. Forum users were being redirected to a phishing site, which was prompting the users to input two-factor authentication codes that were used to access user accounts and empty.

2019-1-26 16:37