CoinInsight360.com logo CoinInsight360.com logo
A company that is changing the way the world mines bitcoin

WallStreet Forex Robot 3.0
Cryptopolitan 2024-12-17 11:45:52

ZachXBT explores $5.36M wallet-draining attack

On-chain researcher ZachXBT has noticed another wallet-draining attack, spanning dozens of addresses. The seemingly random hauls have all been connected to the Last Pass data breach, potentially exposing multiple wallets. ZachXBT reported a total of $5.36M taken from personal wallets containing Bitcoin and assets from the Ethereum ecosystem. All the seemingly random addresses had one thing in common – using Last Pass as their password storage and protection. After a data leak in 2022, the list of wallets turned out to be compromised. ZachXBT also identified the attackers as a cohesive entity, the ‘Last Pass threat actor’. The attackers had a similar approach of draining the wallets, then immediately swapped through instant exchanges for Ethereum and Bitcoin. The attack affected multiple tokens, but the hackers were trying to simplify their holdings. Last Pass victims face another round of wallet attacks Apparently, some of the wallet owners also stored private keys on the service, leaking direct access to the wallets. The actual attack happened long after the data leak, and there may be more wallets that are potentially exposed, but not drained yet. The recent batch of drained wallets includes crypto influencers with ENS names, as well as active DEX and DeFi users. Despite being experienced, the exposed addresses led to total losses. Wallets automated to receive funds or rewards from smart contracts may be especially at risk. In one of the cases, the funds received came from an OpenSea user, potentially from the sale of an NFT. In this case, the receiving wallet may be automated and already linked to the NFT marketplace. The wallet was drained soon after that, with the funds sent directly for an anonymous swap. More than 40 addresses in total were drained to date. In some cases, the addresses show evidence of being watched, as the draining happened right after a recent deposit of funds. Some of the wallets received funds from exchanges for storage or as intermediate holding, and were drained within a short time after the incoming transaction. ZachXBT had already tracked an earlier batch of 22 addresses, with losses exceeding $6.2M even at the earlier stage of the bull market. Other on-chain researchers have also sounded the alarm on potentially exposed wallets. It’s been 2 years since Path sounded the alarm. Since then we’ve investigated thousands of these thefts. Including 2 more in the last few hours. Please migrate your funds to fresh wallets if you’ve used LastPass. Please tell your friends. Please. Begging you. 🙏 https://t.co/5xd5oYxbwb — Tay 💖 (@tayvano_) December 16, 2024 The only solution for users is to abandon all potentially exposed wallets. The risk remains for anyone using Last Pass before the exploit in 2022. All funds must be moved to new addresses, as the old ones are already monitored for incoming transactions. The latest wallet attack follows a previous batch of wallets linked to Last Pass data. In October 2023, a total of 25 wallets were drained of $4.4M worth of digital coins and tokens. As previously reported, some of the wallets had substantial funds and belonged to crypto insiders, even VCs and DeFi developers. The previous hack did not alert all wallet owners exposed to Last Pass. ZachXBT has previously warned about potentially exposed wallets, though the hackers still managed to attack more accounts. Hacks sent straight to exchanges Unlike other hacking attempts, the wallets were drained directly onto exchange accounts. This suggests the hacker had full control and decided to trade the funds as a way of concealing them. In one case, a wallet was drained of 15 ETH, which were sent directly to a swapping address. Another wallet lost 32 ETH, which was sent to the FixedFloat hot wallet. The exchange was used for other wallets as well. The exchange itself is not affected and is completely neutral to the hack. However, the DEX is a regular target for hackers, used to transform funds and cover their tracks. Previously, analysts have tracked funds from an attack against Rocket Pool to the same DEX. FixedFloat offers a simplified swap service with relatively high fees, without requiring an account or KYC. The exchange itself has been a target of hackers, when it was exploited in March for $26M in ETH and BTC. Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap

면책 조항 읽기 : 본 웹 사이트, 하이퍼 링크 사이트, 관련 응용 프로그램, 포럼, 블로그, 소셜 미디어 계정 및 기타 플랫폼 (이하 "사이트")에 제공된 모든 콘텐츠는 제 3 자 출처에서 구입 한 일반적인 정보 용입니다. 우리는 정확성과 업데이트 성을 포함하여 우리의 콘텐츠와 관련하여 어떠한 종류의 보증도하지 않습니다. 우리가 제공하는 컨텐츠의 어떤 부분도 금융 조언, 법률 자문 또는 기타 용도에 대한 귀하의 특정 신뢰를위한 다른 형태의 조언을 구성하지 않습니다. 당사 콘텐츠의 사용 또는 의존은 전적으로 귀하의 책임과 재량에 달려 있습니다. 당신은 그들에게 의존하기 전에 우리 자신의 연구를 수행하고, 검토하고, 분석하고, 검증해야합니다. 거래는 큰 손실로 이어질 수있는 매우 위험한 활동이므로 결정을 내리기 전에 재무 고문에게 문의하십시오. 본 사이트의 어떠한 콘텐츠도 모집 또는 제공을 목적으로하지 않습니다.