CoinInsight360.com logo CoinInsight360.com logo
A company that is changing the way the world mines bitcoin

WallStreet Forex Robot 3.0
Cryptopolitan 2024-12-24 09:25:33

DPRK-identified addresses have swapped $200K through MetaMask in what looks like a crypto laundry test

Addresses identified as belonging to North Korean hackers have laundered $200K in crypto through MetaMask. This type of swap comes with high fees, but can be an exit point for hackers. A list of addresses linked to previous North Korean hacker exploits has surfaced in a series of MetaMask swaps. The addresses only swapped $200K in crypto assets, leaving $1,985 in swap fees. The MetaMask router is among the high-fee tools to swap crypto, but can be fast and accessible for hackers to obscure the origin of funds or avoid token freezing. While the sum was small, the event itself was ominous, given the perception that DPRK hackers don’t trade, but test. Hacking activity slowed down in the second half of 2024, but there are still signs of mixing and trying to conceal funds. The MetaMask discovery follows another episode of hacker addresses using Web3 services, DEXs and the wallet’s native router. Recently, inflows from hacker addresses were discovered on the Hyperliquid bridge. The perpetual futures DEX was not exploited in any way, but the event was also considered a test for moving funds. Some consider Hyperliquid to be still at risk, due to its limited validator points that can be exploited. MetaMask itself has not been compromised and has remained a secure wallet, barring personal mistakes. Taylor Monahan, @tayvano, also noted the wallet has been targeted in multiple ways by North Korean hackers, who are always looking for ways to unlock stored crypto. “MetaMask is and always has been concerned…We track DPRK carefully because they are the single largest threat to crypto companies. We also track every other crypto threat actors bc DPRK is largest but not the only threat,” said @tayvano in a recent X post . North Korean hackers avoid USDC as lockable asset While slowing down their exploits, North Korean hackers have been swapping funds and moving between chains. The list of wallets that used MetaMask swaps also has a long history of using various decentralized protocols. The wallets swap between Ethereum (ETH) and stablecoins USDT and USDC . Both stablecoins are, in theory, freezable assets, but especially USDC. For that reason, the wallets always swap back to ETH or other tokens, or move to the Arbitrum chain for some of the tasks. The wallets never keep a USDC balance for long, despite the highly active usage of the token. The two addresses were highly active, interacting with ENS accounts, OpenSea users and web3 protocols. The swaps continued in the past few hours, again with the main task of moving funds on a relatively small scale. 0x52263cAEc2e144C3A84cc16d014157360Ac85A89 0x070cA92f568037d351666b3918a0F6ba7ad20ED1 The wallet activities and their counterparties connect to some of the most active recent protocols, meme tokens, NFTs and other assets. However, most of the activity centers around swapping into stablecoins as a temporary step. Wallet activity raises more concerns about the safety of Hyperliquid The recent swaps were relatively minor, with transactions under $500. However, some of the wallet counterparties showed interactions with DEXs and DeFi hubs, often transacting with the Hyperliquid bridge. The alleged hacker wallet histories also contain interactions with Hyperliquid from the past few hours and days. For now, the protocol has not been attacked directly, but some consider it another tool for mixing funds or trading to obscure the origin of tokens. The Hyperliquid bridge is the biggest concern for attacks, since the hub’s value grew exponentially. The bridge holds more than $2B, and may not be sufficiently protected , according to @tayvano. For now, there is no other direct link between the MetaMask swap users and a potential attack against the bridge. The MetaMask swaps may be a part of general activity to move between assets with minimal tracking. North Korean hackers reportedly doubled their haul in 2024, potentially taking up to $1.3B from the crypto market. Most of the activity was concentrated in the first half of the year, with major hacks slowing down in the last quarter. From Zero to Web3 Pro: Your 90-Day Career Launch Plan

Lesen Sie den Haftungsausschluss : Alle hierin bereitgestellten Inhalte unserer Website, Hyperlinks, zugehörige Anwendungen, Foren, Blogs, Social-Media-Konten und andere Plattformen („Website“) dienen ausschließlich Ihrer allgemeinen Information und werden aus Quellen Dritter bezogen. Wir geben keinerlei Garantien in Bezug auf unseren Inhalt, einschließlich, aber nicht beschränkt auf Genauigkeit und Aktualität. Kein Teil der Inhalte, die wir zur Verfügung stellen, stellt Finanzberatung, Rechtsberatung oder eine andere Form der Beratung dar, die für Ihr spezifisches Vertrauen zu irgendeinem Zweck bestimmt ist. Die Verwendung oder das Vertrauen in unsere Inhalte erfolgt ausschließlich auf eigenes Risiko und Ermessen. Sie sollten Ihre eigenen Untersuchungen durchführen, unsere Inhalte prüfen, analysieren und überprüfen, bevor Sie sich darauf verlassen. Der Handel ist eine sehr riskante Aktivität, die zu erheblichen Verlusten führen kann. Konsultieren Sie daher Ihren Finanzberater, bevor Sie eine Entscheidung treffen. Kein Inhalt unserer Website ist als Aufforderung oder Angebot zu verstehen