Delphi’s Crypto Security Updates (June 5th)

Last week was a brutal week for crypto-related exploits and hacks. Here are the ones you should be aware of to prepare yourself and put some guard rails in place.

  • Atomic Wallet: Users signed into their Atomic Wallets over the weekend to find all their funds missing. People took to Twitter to report the issues. We still don’t know the cause of the exploit, but Atomic Wallet claims only 1% of their users were affected, with an estimated $14M – $35M lost. However, notable security researcher Tayvano is less than pleased with their response. We recommend users be aware of the risk of using hot wallets. Hardware wallets are cheap and can help mitigate most of these issues.
  • Jimbo Hack: Jimbo Protocol, an Arbitrum-based DeFi protocol, was hacked for 4K ETH. One user, Machibigbrother, lost 1400 ETH in the attack. The attackers either used a flash loan exploit to attack the JIMBO/ETH LP, or it was a simple rug-pull.

Graphic Credit: Coindesk

  • May’s Exploit Count: Although May saw fewer exploits than April, the crypto market still saw over $54M exploited and lost last month. According to Coindesk, BNB accounted for most of the exploits, with over $37M stolen. Additionally, most exploits in May were simple ‘rug-pulls’ where someone in control of the protocol just absconds with user funds. Unfortunately, rug-pulls seem to have become more common – most likely feeding off the recent memecoin craze. Users should be aware that rug pulls could occur when interacting with protocols on chain, especially when chasing memecoin returns with shallow liquidity pools. Exercise caution if you are speculating on low market-cap coins.
  • Spearphishing SIM Swaps and Twitter: Last week, we saw a bunch of compromised Twitter accounts. The large compromised accounts all tweeted links to fraudulent airdrops and websites. If users interacted with the websites, they most likely lost funds. These were not small accounts. Peter Schiff, Bianco Research, and Leoflashcrypto were some of the compromised accounts and have follower counts in the thousands. The attack vector was most likely a targeted Sim Swap and then a password reset, as these accounts may have used SMS 2FA. As readers know, SMS 2FA is not secure, and people should avoid using it all when possible.
Leave your comment...

Hmm it’s quiet here. Be the first to comment on this post!