Recent Cryptocurrency Thefts: MicroStrategy and Others Who Fell Victim

MicroStrategy, renowned as the largest corporate Bitcoin owner globally, was targeted in a cryptocurrency theft totaling approximately $500,000 on February 26. The assailants managed to breach MicroStrategy’s X account, perpetrating a sophisticated scam.

Hackers initiated their attack by disseminating a fraudulent message endorsing a fictitious cryptocurrency named “MSTR” via MicroStrategy’s compromised X account. Despite swift action from MicroStrategy to remove the deceptive communication, a copy was preserved by crypto personality Spreek.

Screenshots revealed the hackers’ attempt to dupe individuals into believing that MicroStrategy was launching a new Ethereum-based coin named MSTR. The scheme entailed luring victims to click on a provided link, promising “free MSTR” in exchange for their credentials.

Blockchain investigator ZachXBT’s examination suggests that the hackers may have already siphoned over $440,000 in cryptocurrency. Notably, a significant portion of the stolen funds has been laundered through various exchange platforms, including KYBERSwap, ParaSwap, and POKT Network.

0xe7645b8672b28a17dd0d650a5bf89539c9aa28da

~$440K stolen from the compromise so far

— ZachXBT (@zachxbt) February 26, 2024

As of the time of publication, MicroStrategy has not issued an official statement regarding the incident. However, this breach occurred just days after Michael Saylor, MicroStrategy’s founder, reaffirmed the company’s commitment to maintaining its substantial Bitcoin reserves, currently exceeding 190,000 BTC valued at over $9.7 billion.

Cryptocurrency Security Landscape Riddled with Hacks and Exploits in 2024

PlayDapp’s Massive Loss

In early February, PlayDapp, a platform for crypto gaming and NFTs, encountered security breaches resulting in the creation of 1.79 billion PLA tokens, valued at a staggering $290 million. The hacker, according to Elliptic, a blockchain analysis firm, began laundering the stolen funds shortly after the breaches.

In an attempt to reclaim the stolen assets, PlayDapp initiated negotiations with the hacker through an on-chain transaction. They offered a $1 million reward for the return of the funds by February 13, but negotiations proved fruitless as the hacker refused to cooperate. Consequently, PlayDapp announced the suspension of the PLA smart contract on February 13.

🚨SlowMist Weekly Security Report (Feb 4-10)🚨

Total loss at: ~ $31.16M

- PlayDapp Heist: Attackers minted 200M PLA tokens, valuing a massive $31M loss. A significant portion, $5.9M worth, found its way to the Gate platform. The exploit was due to a security vulnerability.

-…

— SlowMist (@SlowMist_Team) February 12, 2024

Abracadabra Finance ($6.5 Million)

Abracadabra Finance, the platform behind the stablecoin Magic Internet Money (MIM), fell victim to a hack on January 30, resulting in a loss of approximately $6.5 million. As a result, the value of MIM deviated from its intended stability.

CoinMarketCap data indicated a drastic drop in the stablecoin’s market capitalization, plummeting from $100 million to $0.76 before swift action from the project’s team restored its price, leading to a rebound.

We are aware of an exploit involving certain cauldrons on Ethereum.

Our engineering team is triaging and investigating the situation.

To the best of its Ability, the DAO treasury will be buying back MIM from the market to then burn.

More updates are coming.

— 🧙🏼‍♂️ (@MIM_Spell) January 30, 2024

Concentric.fi ($1.8 Million)

Concentric.fi experienced a significant security breach due to a targeted social engineering attack. The attacker compromised a deployer wallet, exploiting the protocol’s vulnerabilities. Despite having audited vaults, the protocol’s upgradability rendered it vulnerable.

CertiK, a blockchain security platform, disclosed losses exceeding $1.8 million. The report also suggests a potential connection between this incident and a previous exploit on the OKX decentralized exchange.

BREAKING:https://t.co/vWXdNgfpfA on Arbitrum suffers a hack with the attacker making off with around $1.72M in crypto, exchanged to 716 ETH. Funds distributed to 3 addresses including OKX DEX. #CryptoHack #Arbitrum #ConcentricFi @PanewsLab

— Sharpe Signals (@SharpeSignals) January 22, 2024

Shocket.Tec($3.3 Million)

Socket.Tech suffered an exploitation on January 16, affecting various Web3 applications. The attack targeted Bungee Exchange, a crucial component of Socket Protocol bridging Ethereum and 12 EVM chains, resulting in a $3.3 million loss.

The attacker exploited a flaw in SocketGateway, facilitating unauthorized fund transfers from users with unrestricted access. Approximately 700 victims were impacted, with substantial losses reported, including $656,000 USDC.

Hi @SocketDotTech, you may want to take a look: https://t.co/EQGnWELlie

— PeckShield Inc. (@peckshield) January 16, 2024

Gamma Strategies ($3.4 Million)

Gamma Strategies, a DeFi protocol, faced a $3.4 million loss due to a vulnerability in its accounting mechanism. The exploit involved the withdrawal of over 1500 ETH by exploiting high price change thresholds in LST and stablecoin vaults.

PeckShield, a security firm, confirmed the incident. The protocol has since disabled deposits to public DeFi vaults while maintaining active withdrawals for users, addressing inconsistencies in accounting mechanisms.

it looks like only gamma-managed pegged strategies

only got 3.4M to ethereum but total hack was 6.3M

gdai/dai 3M uniswap (hacker still sitting on 2.6M gdai + LP tokens)
wsteth/eth $500k camelot
usdt/usdc 400k camelot
usdt/usdc 290k camelot
usdt/usdc 128k camelot
usdt/usdc 27k…

— penguin.lens (@itspublu) January 4, 2024

CoinsPaid ($7.5 Million)

CoinsPaid, an Estonia-based digital asset processor, encountered its second breach within six months, resulting in a $7.5 million loss. The unauthorized withdrawals involved Tether, Ether, USD Coin, and CPD tokens, with significant exchanges to Ethereum and other assets.

Despite previous investigations, including potential links to the Lazarus Group, CoinsPaid has not commented on the recent breach. Security firm Cyvers has made public the hacker’s digital address.

Radiant Capital ($4.5 Million)

Radiant Capital, a cross-chain lending platform, suspended lending and borrowing on the Arbitrum network following a flash loan attack on its newly launched USDC market. The exploit, occurring seconds after launch, led to a $4.5 million loss.

PeckShield and Beosin identified the vulnerability and manipulation of the ’index parameter’ as the root cause. Radiant has assured users that existing funds are secure but has postponed further actions pending a full review.

Today's hack on @RDNTCapital results in the loss of 1.9k eth (~$4.5m).

The root cause is not new: It basically exploits a time window when a new market is activated in a lending market (forked from the popular Compound/Aave). The exploitation also relies on a known rounding… https://t.co/XogWUVO3po pic.twitter.com/x5X9ql8AGA

— PeckShield Inc. (@peckshield) January 2, 2024

Orbit Chain ($80 Million)

South Korea’s Orbit Chain suffered a massive loss exceeding $80 million due to a hack involving compromised multisig signers. The breach affected various cryptocurrencies, including stablecoins and wrapped Bitcoin, underscoring ongoing security challenges in the crypto space.

The incident highlights persistent risks associated with multisig wallets and private key management, emphasizing the need for enhanced safeguards and learning from past breaches. As of now, there is uncertainty regarding the recovery of stolen funds by the victims.

Currently, a comprehensive analysis identifying
the root cause of this issue is being carrried out with
with Theori.

We are actively engaging with international law enforcement agencies.

— Orbit Chain (@Orbit_Chain) January 1, 2024

Shiba Inu Community Warned Against Fraudulent Giveaways Amid Rising Scams

The Microstrategy hack event only adds to the longlist of hacks so far this year. Amid the growing concern’s Lucie, a spokesperson for Shiba Inu, issued a stern warning against fraudulent giveaways targeting investors within the Shiba Inu community. These scams exploit the recent success of initiatives like SHEboshi and the adoption of the DN404 standard.

Beware of scammers posting about airdrops and phishing links!

THERE IS NO AIRDROP - It's a trap designed to steal your assets.

Before you click ON ANY LINKS ON PLATFORM X.

ALWAYS visit the OFFICIAL TELEGRAM OR DISCORD and DOUBLE CHECK everything for your safety.$SHEB… pic.twitter.com/fc3yhs45Wa

— 𝐋𝐔𝐂𝐈𝐄 | SHIB.IO 🧜🏼‍♀️ (@LucieSHIB) February 24, 2024

Lucie highlighted a specific scheme masquerading as “@thesheboshis,” falsely associating itself with the SHIB-backed Sheboshis project. The Shibarmy scam warnings team emphasized the potential phishing risks associated with engaging with such fraudulent initiatives.

In light of these scams, Lucie urged SHIB users and investors to exercise caution, advising thorough research before engaging with any promotional material or new sites. Community members were encouraged to report any suspicious accounts or activities to safeguard the interests of the Shiba Inu ecosystem.

These incidents underscore the critical need for heightened security measures and greater awareness within the cryptocurrency market. As the industry continues to evolve, stakeholders must remain vigilant against evolving threats and vulnerabilities to safeguard assets and maintain trust in the crypto ecosystem.