The past week saw a tornado of events from x accounts getting hacked to 99% of token downfalls. From platforms recovering stolen funds to hackers hijacking the official websites. Deep dive into this weeks crypto hack roundup and witness with us the herald of crypto hacks that happened over the week.
MicroStrategy’s X account hacked; malicious links posted to a fake airdrop
Hackers got unauthorized access to the largest corporate holder of Bitcoin’s X credentials through which they posted malicious phishing links. Though the links were later deleted from the account, the losses reached nearly half a million.
Web3 anti-scam platform scam sniffer shed more details and revealed that the hacker stole multiple altcoins and that the exact loss was $424,786 worth of $wBAI, $wPOKT and $CHEX. What is surprising is that a single user lost all this crypto, highlighting the intensity of the hack.
The airdrop post was misleading users with links to a fake “official” Ethereum-based MSTR token airdrop. Clicking the link led to a phony MicroStrategy page, prompting users to connect a wallet for the airdrop which allowed attackers to drain tokens.
Serenity Shield plunges into chaos as $5.6M theft triggers token downfall
The Serenity Shield token once hailed as a “crypto legacy solution” has witnessed a staggering decline of almost 99% in its value after approximately 6.9 million SERSH tokens worth $5.6 million at the time were reportedly siphoned off from one of the team’s MetaMask wallets.
Serenity Shield confirmed the breach in a tweet on February 27th, announcing to its community that they are temporarily halting all trading, deposits and withdrawals of SERSH on centralized exchanges.
The team assured the community that they are actively working to restore liquidity to all new token contracts and will replace all liquidity lost due to the exploit.They are also launching a new SERSH token through a robust smart contract to safeguard the whole of their ecosystem.
Seneca protocol recovers 80% of $6.4 Million stolen through white hat bonus
On Wednesday, 28th of February, Seneca’s Chamber contracts, previously audited by Halborn Security, were affected by a bug approval and user’s funds were compromised. In the attack, Seneca’s Chamber.sol contract was implicated. The attacker exploited Chamber’s performOperations() function, allowing calls to functions in other contracts using the Chamber contracts to send tokens to their address.
$6.4 million were stolen during the attack and 80% of funds approximately $5.3 million were recovered through a Whitehat request while keeping 20% valued at $1.04 million as bounty. Good news was that the breach didn’t affect funds directly deposited into Seneca but rather targeted assets held in users’ wallets.
Capital killers render Grayscale Capital official website inaccessible
Capital Killer, an anti-capitalist hacker group, revealed on twitter that they have attacked the Grayscale official website, claiming it as a gift to the AVAV community in support of fairness and anti-capitalism. Currently, the Grayscale official website is inaccessible, but the page for Grayscale’s Bitcoin ETF GBTC remains accessible.
Privacy focused Aleo faces privacy leak issues
On 26th February, Aleo, a blockchain project that advertises it’s a place for fully private applications with built-in privacy emailed private identification documents such as selfies and photographs of government identification cards to the wrong users.
Aleo released a statement regarding the Know Your Customer (KYC) information exposure addressing the issue. The zero-knowledge platform blamed the leak on a copy/paste error in email metadata.
Aleo said in a post on X that the KYC information leak affected only about 10 participants from its recent Aleo Learn and Earn events. Aleo stated that it removed the exposed information, investigated the cause and informed the affected individuals.
The Shido Network rugpulls to $2.1Million
The decentralized cross-chain protocol Shido Network on the Ethereum blockchain rug pulled.The owner of the SHIDO token staking contract first upgraded the staking contract, then withdrew a large amount of SHIDO tokens and finally dumped a significant amount of SHIDO tokens for 692 ETH worth $2.1 million.
Wrapping up, that was what the week witnessed in the world of crypto hacks. Keep an eye out for our next weekly round up especially bought for you. Stay tuned!