SCAMSSECURITY

Crypto scams run wild in October, global crypto market hacked for $129 million in a single month

share
Crypto scams run wild in October, global crypto market hacked for $129 million in a single month

October of this year can be referred to as "Crypto Scam Month," with various fraudulent tactics such as hacking attacks, phishing scams, and flash loan attacks, resulting in a total loss of up to $129 million in the global cryptocurrency market.

Latest MetaWin Hack Results in $4 Million Loss

The latest attack occurred on November 3rd, where the cryptocurrency betting platform MetaWin suffered a hack resulting in a total loss of $4 million. MetaWin CEO Skel stated that hackers exploited MetaWin's fast withdrawal system to breach the hot wallet, forcing MetaWin to temporarily halt withdrawals. As of now, withdrawal functionality has been restored for approximately 95% of users.

MetaWin CEO Skel releasing information about the hack to users

According to blockchain detective ZackXBT, the hackers transferred the funds to cryptocurrency exchanges Kucoin and HitBTC for nested transactions, involving over 115 wallet addresses in this fraud scheme.

Wallet addresses for fund transfers uncovered by blockchain detective ZackXBT

Note: According to ACAMS, Nesting refers to the downstream remittance services provided by corresponding banks through their designated correspondent banks to other financial institutions.

October Marked as "Crypto Scam Month," Losses Reach $127 Million

Cybersecurity company CertiK stated that losses in October increased by 2.91% compared to September, reaching $127 million. This marks a 60% decrease from May's $324.7 million. Vulnerability attacks were the primary source of losses, while exit scams and flash loan attacks led to losses of $1.2 million and $1.5 million respectively.

Source: Cybersecurity company Certik ‘X

EP.30 The hard truth about flash loans and flash loan attacks, featuring DINNGO Co-founder Zhu Xuanting

Radiant Capital Hacked, Loss Exceeds $50 Million, October's Most Severe Case

The most severe incident in October occurred on October 16th, where lending protocol Radiant Capital fell victim to a hacker attack, resulting in a loss of over $50 million. The hackers utilized the transferFrom function in the Radiant protocol to carry out attacks on the BNB chain and Arbitrum chain, depleting user accounts of tokens including USDC, WBNB, and ETH. This attack involved control of multi-signature wallets, leading to the theft of private keys from multiple signers, followed by modification of smart contracts to transfer funds.

Cybersecurity company De.Fi warning about the incident on Twitter

Whale Falls Victim to Phishing Attack, Loses Nearly $36 Million, Second Largest Case of the Month

The second-largest scam of the month unfolded on October 11th, where a cryptocurrency "whale" fell victim to a phishing scam, losing approximately $35 million. This whale, holding 15,000 packaged tokens of fwDETH, was tricked by hackers using the phishing software "Ace Drainer" to sign a false "authorization" signature, granting the hackers transfer permissions in the whale's wallet, resulting in the successful theft of 15,079 fwDETH tokens.

Cybersecurity company ScamSniffer issuing a warning about the incident on Twitter

Note: DETH is an ETH derivative token issued by the Duo blockchain protocol, and fwDETH is a wrapped version of DETH.

Cryptocurrency Exchange M2 Hacked, $13.7 Million Stolen, Third Largest Case of the Month

The third-largest scam of the month occurred on October 31st, where cryptocurrency exchange M2 Exchange fell victim to a hacker attack, successfully stealing tokens including Bitcoin, Ethereum, and SOL, resulting in a loss of approximately $13.7 million. M2 later stated that the incident had been resolved satisfactorily, and user funds had been restored.

Cryptocurrency exchange M2 issuing a statement on Twitter regarding the resolution

How to prevent rampant crypto scams in a bull market? Slow Mist introduces various scam tools and phishing methods