KEY POINTS
- The industry lost over $251 million last week, including the ETHTrustFund DAO rug pull
- Last week's losses prove that many protocols aren't doing enough: Chimp Exchange's Akshay Nassa
- In the first half of 2024 alone, more than $920 million was lost to hackers and fraudsters
Security has been a key talking point in the cryptocurrency industry since the technology first started making waves in the financial realm, and as companies evolve their safety and security measures, threat actors are also changing their ways.
Over $251 million lost in a week
Blockchain security firm SlowMist revealed in its weekly report about security losses in the digital assets space that the industry lost more than $251 million to security incidents in the week of July 15-21.
🚨 SlowMist Weekly Security Report (July 15th to 21st)
— SlowMist (@SlowMist_Team) July 23, 2024
This week has been eventful🤮, with several high-profile security breaches making waves in the crypto community. Here’s a detailed summary to keep you informed and vigilant:
Total Losses: Over ~$251.52M
Incident Types and…
Among the past week's security incidents as the apparent rug pull of ETHTrustFund DAO (decentralized autonomous organization), which transferred $2 million from its treasury to crypto mixers Tornado Cash and Railgun. On-chain security and analytics firm PeckShield later said "the scammers have already bridged the stolen funds to Ethereum and laundered them" on crypto mixing tools.
RUG ALERT 🚨
— Octoshi.eth (@0ctoshi) July 21, 2024
Yesterday, the project known as ETHTrustFund (@ethtrustfund_ now deleted) sent +$2M from the treasury to a new wallet, after months of intentional inactivity by the dev, it seems that he has decided to steal the funds 👇 pic.twitter.com/YcswifyHmQ
#PeckShieldAlert #rugpull @0ctoshi reported that @ethtrustfund_ rugged ~$2m worth of cryptos on #Base.
— PeckShieldAlert (@PeckShieldAlert) July 22, 2024
The scammers have already bridged the stolen funds to #Ethereum & laundered them via #Tornadocash & #Railgun https://t.co/jmKVgiQb8C pic.twitter.com/MzJsvQ1pyV
Last week's most significant loss was suffered by Indian cryptocurrency exchange giant WazirX, which bled $230 million after one of its multisig wallets was breached by hackers that blockchain security researchers have associated with Lazarus Group, a hacker group linked to North Korea.
Of the stolen funds, more than $102 million were in Shiba Inu ($SHIB) tokens. The exploiters have since sold off the pilfered tokens, as per Arkham Intelligence. The exploit caused $SHIB to plunge by over 8%.
'Trend' points to evolution among threat actors: expert
The ongoing "exploit trend" in the crypto industry solidifies the fact that the Web3 ecosystem remains vulnerable, Akshay Nassa, the founder of 100% encrypted decentralized exchange Chimp Exchange, told International Business Times.
"The Web3 ecosystem is not invincible to cybercriminals and many protocols are still not doing enough to safeguard their ecosystem," he noted. His comments are backed by data, as shown in a June report by Immunefi which revealed that in the first half of 2024, the digital assets space lost a staggering $920.9 million to hacks, frauds and scams.
"As much as the broader crypto ecosystem is evolving, so are the mischief makers. While the industry continues to work on sophisticated security measures to keep these bad actors at bay, crypto traders and investors can implement MFA (multi-factor authentication) on their accounts," Nassa said.
Blockchain educator Tayler McCracken wrote that users should enable MFA "anytime" option. For instance, two-factor authentication (2FA) will not allow hackers to access an account unless they also have the user's phone or device where 2FA is enabled.
