In a startling revelation by ZachXBT, a well-known investigator in the crypto space, Ripple, the blockchain-based digital payment protocol and currency exchange, faced a monumental security breach. Approximately 213 million XRP, valued at $112.5 million, were stolen in this sophisticated cyber heist.

It appears @Ripple was hacked for ~213M XRP ($112.5M)

Source address
rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm

So far the stolen funds have been laundered through MEXC, Gate, Binance, Kraken, OKX, HTX, HitBTC, etc pic.twitter.com/HKGYsLQeMv

— ZachXBT (@zachxbt) January 31, 2024

The Intricacies of the Ripple Heist

Source of the Breach The hack originated from the address rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm, according to details shared. This breach underscores the persisting challenges faced by even the most established players in the blockchain and digital currency world when it comes to securing assets against unauthorized access.

Laundering Tactics Following the theft, the stolen funds have reportedly been laundered through several prominent cryptocurrency exchanges, including MEXC, Gate, Binance, Kraken, OKX, HTX, and HitBTC. This movement of illicit funds highlights the sophisticated methods employed by cybercriminals in attempting to obscure the origins of stolen assets.

Theft Addresses Involved Several addresses have been implicated in this heist, including rGhR13XyM43WdDaSMznHd5rZ4cJatybvEg, rHQVKntyfkDCPhEBL2ctryuEAkDZgckmmV, rLsUemhuBZtF44rqqzneb2F9JgyrRYYd4t, rKPERax7t9iFvT3RHXn5nifyNpzp9a4hBa, rpjs4HLX1gJoEenH69PsQmXaXY22QhCYAT, and rLRhugR4ysNa2xkt4E6fKN8krs9jatCp6w.

Understanding Ripple’s Role in Blockchain Technology

Ripple, as a major player in the blockchain industry, focuses on real-time gross settlement system, currency exchange, and remittance network. Created by Ripple Labs Inc., a US-based technology company, Ripple aims to enable secure, instant, and nearly free global financial transactions of any size with no chargebacks. It’s widely recognized for its digital payment protocol more than its cryptocurrency, XRP.

Implications and Precautions

This incident is a stark reminder of the importance of robust security measures in the blockchain and digital asset world. It emphasizes the need for continuous vigilance and the implementation of advanced security protocols by entities dealing with digital assets.

TL;DR

Ripple suffered a major hack, losing about 213M XRP ($112.5M). Funds were laundered through multiple exchanges. Ripple is a key blockchain technology for real-time settlements and currency exchange. This incident highlights the need for enhanced security in digital asset management.

The post Ripple’s Security Breach: A Deep Dive into the $112.5M Heist appeared first on NFT CULTURE.

If you’re a user of SushiSwap, it’s time to be on high alert. The decentralized exchange has suffered an exploit resulting in the loss of $3.3 million from at least one user, and those who have interacted within the last four days may be at risk.

Here’s what you need to know: the exploit involves an approve-related bug on the RouterProcessor2 contract. By approving the bad contract, users unwittingly allow the exploiter to steal their tokens through the “yoink” function, which was used by the first attacker. Reports indicate that only those who have interacted with SushiSwap within the last four days are potentially at risk.

DeFi Llama’s @0xngmi has published a list of contracts across all chains that should be revoked, and has even built a tool to check if any of your addresses have been impacted. However, it’s important to note that this is not a comprehensive list, and there may be other contracts that are vulnerable to attack.

SushiSwap Head Chef Jared Grey has tweeted that they are working with security teams to mitigate the issue. But what can you do to protect yourself?

First and foremost, if you have interacted with SushiSwap in the last four days, you should check your addresses against the information provided by DeFi Llama’s @0xngmi. Revoking the RouterProcessor2 contract on all chains is also recommended to prevent further potential attacks.

It’s concerning to see yet another exploit in the DeFi space, especially one that could potentially impact so many users. Stay vigilant and take action to protect yourself and your assets.

The post Decentralized Exchange SushiSwap Suffers $3.3M Exploit appeared first on NFT CULTURE.

What was the cause and how often does this happen?

It all started when’s tweet in the ETH Security Telegram channel. Although I had no idea what was going on at the time, just the sheer volume of assets leaving the bridge was clearly a bad sign.

One of the biggest gotchas is how many people followed the hackers copy/paste code on doxxed wallets essentially admitting to theft or some explanation on why they participated in the plundering of Nomad. 

At first, we thought there was a mistake with the decimals on the token. We checked and there has been a “send 0.01 WBTC, get 100 WBTC back” promotion in general; however, the action on our Moonbeam transaction was 0.01 WBTC so it’s not a misconfiguration

https://moonscan.io/tx/0xcca9299c739a1b538150af007a34aba516b6dade1965e80198be021e3166fe4c https://etherscan.io/tx/0xa5fe9d044e4f3e5aa5bc4c0709333cd2190cba0f4e7f16bcf73f49f83e4a5460

What’s worse is that the transaction to bridge in the WBTC didn’t actually prove anything. It simply called `process` directly. It would be extremely Not Good if you were able to process messages without proving first at this point, as there are two possibilities for the format:

Either the proof had been submitted separately in an earlier block, or there was something extremely wrong with the Replica contract. However, there was absolutely no indication that anything had been proven recently.

This left only one possibility – there was a fatal flaw within the Replica contract. But how? A quick look suggests that the message submitted must come from an acceptable root.

Unfortunately, this time around the hackers had a tiny side effect of auto-proving every message they sent. This is why the hack was so chaotic – you didn’t need to know about Solidity or Merkle Trees to be affected by this.

All you had to do was find a transaction that worked, give it your address instead of the other person’s and then re-broadcast it.

  tl;dr a routine upgrade had the effect of allowing messages to be spoofed on the Nomad network. This was exploited by attackers to make a copy/paste transaction and quickly drain the bridge in an attempt to steal funds from other users.

Shout out to @samsczsun for the original thread that was rewritten here.

1/ Nomad just got drained for over $150M in one of the most chaotic hacks that Web3 has ever seen. How exactly did this happen, and what was the root cause? Allow me to take you behind the scenes pic.twitter.com/Y7Q3fZ7ezm

— samczsun (@samczsun) August 1, 2022

The post Nomad was drained for over $150M in one of the most chaotic hacks seen. appeared first on NFT CULTURE.

Ronin Network, the L2 used to power the Axie Infinity Economy has been compromised resulting in the loss of > $600m in ETH and USDC.

• The Ronin bridge has been exploited for 173,600 Ethereum and 25.5M USDC.
• The Ronin bridge and Katana Dex have been halted.
• We are working with law enforcement officials, forensic cryptographers, and our investors to make sure all funds are recovered or reimbursed. All of the AXS, RON, and SLP on Ronin are safe right now.

The discovery was made on March 23rd that an attacker was able to used hacked private keys to forge fake withdrawals.

This level of breach could be catastrophic for both the Ronin Network as well as Axie Infinity.  The hacker has kept most of the funds in their wallet.

https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96

The Ronin Team released an official statement saying that they are “… working with law enforcement officials, forensic cryptographers, and our investors to make sure that all funds are recovered or reimbursed. All of the AXS, RON, and SLP on Ronin are safe right now.”

According to substack there is still an ongoing investigation but 5 validator keys were hacked resulting in a new attack vector that allowed the hacker to use a backdoor into the RPC node resulting in the ability for the hacker to extract funds.

The Sky Mavis team discovered the breach on 3/29 after a user was unable to remove funds from the bridge.

Additionally, the hacker went on to short Ronin knowing that the negative press would have a negative impact on the project.

As of right now users are unable to withdraw or deposit funds to Ronin Network. Sky Mavis is committed to ensuring that all of the drained funds are recovered or reimbursed.

The post Ronin Network (Axie) Hacked in biggest crypto loss in history appeared first on NFT CULTURE.