Coinbase has promised compensation to all affected users. The company will also cover losses for users deceived by social engineering attacks during this process, aiming to maintain user trust. Additionally, Coinbase created a $20 million reward fund to incentivize information leading to the identification of the attackers. The crypto exchange has started implementing new security measures to prevent user harm. 

Coinbase Cyber Attack

In a clear stance shared on X , Coinbase CEO Brian Armstrong stated: 

“We will not pay ransom to extortionists. Instead, we offer a $20 million reward to those who provide information leading to the identification and prosecution of the perpetrators.” 

Following the attack, Coinbase increased its security measures. A new customer support center was established in the US, where identity verification and fraud awareness notifications became mandatory. Moreover, additional identity verification processes were added for high-value transactions. These steps aim to protect user accounts. The company also announced that it will provide regular updates to users in the coming days. 

The Method Behind the Attack 

The attackers attempted to infiltrate the system by bribing some customer representatives working abroad. Coinbase described this as an unusual and complex social engineering attack. However, the attackers did not gain access to sensitive systems. 

Coinbase estimates that less than 1% of users’ data was affected. Nevertheless, it warned customers to remain vigilant against potential fraud risks. This incident has once again highlighted the growing cyber threats in the crypto sector. Last year, India-based WazirX lost $230 million in a similar attack. Coinbase’s breach underscores the urgent need for data security and regulatory measures. 

Security at crypto exchanges has become not only a technological but also a strategic priority. Users should protect their accounts with two-factor authentication and strong passwords. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Coinbase Hit by Cyber Attack: CEO Sends Message of No Ransom appeared first on Coin Engineer.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

Two of these companies are even legally registered in the U.S., adding a layer of legitimacy. During the interview, applicants receive a fake error message while trying to record a video, leading them to copy-paste a fix that actually installs malware.

Malware Targets Wallet Keys and Clipboard Data

The campaign utilizes three malware strains: BeaverTail, InvisibleFerret, and Otter Cookie. While BeaverTail is designed for initial compromise and further payload delivery, Otter Cookie and InvisibleFerret focus on extracting crypto wallet keys and clipboard contents.

Silent Push also discovered that hackers are using AI-generated images and stolen real photos to create fake employee profiles for the companies, boosting credibility. Analyst Zach Edwards noted that some images were subtly altered using AI tools to resemble the original person but appear unique.

The campaign has been active since 2024, and at least two developers were directly affected—one of whom had their MetaMask wallet compromised. The FBI has since shut down BlockNovas, but SoftGlide and other parts of the operation remain online.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post North Korean Hackers Target Crypto Devs! appeared first on Coin Engineer.

In several now-deleted posts, hackers falsely claimed that Kaito wallets had been compromised and warned users that their funds were no longer safe. However, the Kaito AI team quickly regained control of the accounts and reassured users that Kaito token wallets were unaffected by the breach.

KAITO Token Price Drops!

According to DeFi Warhol, the attackers opened short positions on KAITO tokens before spreading the false information. The goal was to trigger panic selling and cause a price crash, allowing the hackers to profit from their short positions.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The Kaito AI team addressed the incident with the following statement:

“Despite having high-standard security measures in place, we were still compromised. It seems to be similar to other recent X account hacks.”

Rising Cyber Threats in the Crypto Industry!

This incident adds to a growing list of social media hacks, social engineering scams, and cybersecurity concerns within the crypto space. In recent weeks, the Pump.fun and Jupiter DAO accounts were also compromised using similar tactics.

Additionally, Canada’s Alberta Securities Commission issued a warning about the CanCap scam, where malicious actors used fake news and fabricated endorsements from Canadian politicians to promote fraudulent crypto investments. The scammers exploited concerns over a potential trade war between Canada and the United States to lure investors.

Lazarus Group Strikes Again!

State-sponsored hacker group Lazarus has also launched a new scam. They pose as venture capitalists in Zoom meetings and claim to experience audio-visual issues. Victims are then redirected to malicious chatrooms where they are instructed to download a “patch.” This software is designed to steal private crypto keys and other sensitive data from the victim’s device.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Kaito AI and Founder Yu Hu’s X Accounts Hacked! appeared first on Coin Engineer.

North Korea-Linked Lazarus Group in Action!

According to a pseudonymous crypto analyst, the Lazarus Group, linked to North Korea, has successfully laundered the majority of the funds stolen from Bybit on February 21. Only 156,500 ETH remains to be moved, which is expected to happen within the next three days.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

The FBI has flagged 51 Ethereum addresses, while Elliptic has identified over 11,000 wallet addresses connected to the hackers. Chainalysis reports that the attackers have converted portions of the stolen Ether into Bitcoin (BTC), Dai (DAI), and other assets using DEXs, cross-chain bridges, and instant swap services.

THORChain Under Fire!

Hackers have been utilizing decentralized protocols to obscure their transactions. One of the most criticized platforms in this process has been THORChain. Developer “Pluto” announced they would no longer contribute to the protocol after a proposal to block North Korean hacker-linked transactions was overturned.

The Bybit hack, with a $1.4 billion loss, is the biggest exploit in crypto history, surpassing the $650 million Ronin Bridge hack from March 2022 by more than double.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Bybit Hackers Resume Laundering! appeared first on Coin Engineer.

FBI and Bybit Hack Investigation

The FBI has confirmed that North Korea was behind the $1.4 billion Bybit hack on October 21. In a public service announcement on February 26, the agency referred to the attack as “TraderTraitor.”

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

According to the FBI, TraderTraitor is also known as Lazarus Group, APT38, BlueNoroff, and Stardust Chollima. The agency stated that the group had rapidly converted some of the stolen assets into Bitcoin and other cryptocurrencies.

Bybit Hack and Money Laundering Process

The FBI revealed that over 135,000 Ethereum (ETH) have already been laundered, with the attackers using decentralized exchanges, cross-chain bridges, and instant swap services with no KYC protocols to move the stolen assets.

Additionally, 363,900 ETH (~$825 million) remain untouched. The FBI has shared 51 Ethereum addresses linked to the hackers and urged industry players to block or avoid interactions with these addresses.

Blockchain analytics firm Elliptic has already flagged 11,084 crypto wallet addresses linked to the Bybit exploit. The FBI has called on anyone with relevant information to report it to the Internet Crime Complaint Center.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post FBI Calls for Blocking Transactions Linked to Bybit Hack appeared first on Coin Engineer.

As one of the leading cryptocurrency exchanges, Bybit has been at the center of a major security crisis. Company officials stated that a serious technical collapse in the exchange’s infrastructure allowed hackers to infiltrate the system. This vulnerability compromised Bybit’s security mechanisms, enabling attackers to steal $1.5 billion worth of assets.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

How Did the Attack Happen?

According to Bybit’s report, attackers identified security loopholes within the infrastructure and exploited them to gain unauthorized access. Initially appearing as a user account breach, the attack was later revealed to have directly targeted the company’s internal systems. Hackers managed to transfer massive amounts of funds to their own wallets by taking advantage of these weaknesses.

Are Bybit Users at Risk?

Following the large-scale attack, Bybit assured users that their funds would remain secure. The company announced that most of the stolen assets would be covered from its reserves and that user losses would be reimbursed. However, some analysts have raised concerns about how Bybit will manage such a significant financial hit in the long run.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Massive Bybit Hack: $1.5 Billion Loss Explained! appeared first on Coin Engineer.

Affect on Hot wallets

With more than 5 million users, BtcTurk verified that the assault mostly targeted software-based crypto wallets linked to the internet, hot wallets. Though they enable regular transactions, hot wallets are more vulnerable to hacking than cold storage. “Only a portion of the balances of 10 cryptocurrencies in our hot wallets were affected by this cyber attack; most of assets held in our cold wallets remain safe,” BtcTurk said on June 22.

This Might Interest You: Bitcoin Mining Faces Challenges but Remains Stable

Teng told his 299,800 X followers that security personnel and investigations by Binance are assiduously seeking further data. “As part of our proactive efforts to keep the ecosystem free from criminal actors, our investigations and security teams operate nonstop. As pertinent, we will provide further updates, Teng said. Blockchain investigator ZackXBT commended Binance for its actions, pointing out, “Binance gets crucified by the media when in reality their security team generally does more for victims + goes out of their way to assist in incident response.”

BtcTurk CEO Özgür Güneri has not yet said anything publicly on the topic.

Recent Crypto Exchange Security Events

This event followed a previous hack on June 4, wherein Lykke, a crypto exchange located in Switzerland, stopped withdrawals following a security compromise. “@lykke CTX got exploited and lost $19.5.5 million worth of crypto assets but the team is still trying to hide this fact,” blockchain security expert SomaXBT said accusing Lykke of trying to cover the vulnerability.

Click here to get the latest news from Coin Engineer! 

The post Binance Aids BtcTurk in Recovering Stolen Funds After Cyber Attack appeared first on Coin Engineer.

The CISO of Io.net, Husky.io responded immediately by locking down the network with patches and improvements. Due to the powerful permission layers of their GPUs, the real hardware of the GPUs survived the attack.

Between 07:27:43 and 07:29:05 AM PST on April 25, write operations increased within the GPU metadata API to trigger the breach detection and the alarm activation.

The security measures included making it more complex to inject SQL queries into the APIs and helping to document illegal attempts better. To complement the problems of universal authorization tokens, a user-specific authentication solution was promptly deployed using Auth0 with OKTA.

Furthermore, the anticipated reduction in supply force participants was aggravated by the fact that this security patch update happened at the time when one of the reward program snapshots occurred. As legitimate GPUs did not restart and update, they were unable to use the uptime API, resulting in a drastic drop in the number of active GPU connections from 600,000 to 10,000.

In response to these issues, we initiated Ignition Rewards Season 2 in May to stimulate the participation of the supply side. The supply chain collaboration regarding device upgrades, reboots, and reconnections is a continuous process.

Io.net API Vulnerability Exposed

The problem with the intruder was flaws in the proof-of-work (PoW) method used to detect fake GPUs. Attacking tactics intensified as a result of all aggressive security measures that were applied even before the incident, thus proving the need for continuous security research and advancement.

To present the content in input/output Explorer, the attackers exploited a vulnerability in an API. Therefore, in the process, user IDs were exposed upon device ID searches. Data had been dumped into the database by some malicious attackers a few weeks before the incident.

The attackers managed to get into the ‘worker-API,’ which allowed them to alter device metadata without needing user-level authentication by using a valid universal authentication token.

For early threat detection and neutralization, Husky.io emphasized continuous full assessment and penetration testing of public endpoints. Despite hurdles, we continue to rebuild network connectivity and stimulate supply-side participation in order for the platform to remain operational and deliver hundreds of thousands of compute hours per month.

Io.net wanted to integrate Apple silicon chip technology in March to enhance its AI and ML offerings.

The post Io.net Faces Cyberattack: Security Breach Impacts GPU Network appeared first on Coin Engineer.