Hackers behind $41M Stake heist shifts BNB, MATIC in latest move: CertiK

The hackers behind cryptocurrency casino Stake’s $41 million hack have shifted another $328,000 million worth of Polygon (MATIC) and BNB (BNB) tokens — their latest moves following the Sept. 4 exploit, according to blockchain security firm CertiK.

The most recent transfer involved 300 BNB tokens worth about $61,500 to an externally owned address “0x695…” which were then bridged to the Avalanche blockchain on Sept. 11 at 4:09 pm UTC.

Another 520,000 MATIC tokens worth over $266,000 were also moved to Avalanche seven hours earlier at 7:18 am UTC.

The 520,000 MATIC and 300 BNB — totaling $328,000 — add to the $4.5 million in stolen funds that were bridged to the Bitcoin blockchain (in the form of BTC) on Sept. 7, according to blockchain security firm Arkham.

The hackers are funneling the funds via Avalanche to Bitcoin where they are currently stored, a CertiK spokesperson explained to Cointelegraph:

“The stolen funds are ultimately being bridged to BTC. They are utilizing the Avalanche Bridge to bridge the stolen funds to BTC wallets.”

The total $4.8 million transferred however only represents 1.2% of the total $41 million stolen from the hackers.

It is understood the hacker gained access to the private key of Stake’s Binance Smart Chain and Ethereum hot wallets to perpetrate the hack on Sept. 4.

The United States Federal Bureau of Investigation believes North Korea’s Lazarus Group was behind the exploit.

Estimated funds lost from hacks, scams passes $1 billion

With $41 million stripped from Stake, the industry’s malicious actors have now taken the cryptocurrency hacks and scams toll to well over $1 billion in 2023.

CertiK previously reported the figure to be $997 million at the end of August, though several attacks in the last two weeks will push the figure over the $1 billion mark. 

Related: CertiK drops findings on alleged scammer who stole $1M in crypto

In September, a cryptocurrency whale lost $24 million in staked Ether (ETH) in a phishing attack on Sept. 6, and Vitalik Buterin’s X (formerly Twitter) account was then compromised on Sept. 9, where the hacker then lured several victims into a nonfungible token scam which totaled $691,000.

The three incidents would take CertiK’s August figure to at least $1.04 billion.

Other recent incidents include Pepe (PEPE) coin’s withdrawal incident, which set back investors $13.2 million, Exactly Protocol’s $7.3 million exploit and an exposed security vulnerability on Balancer, which did $2.1 million in damage.

Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.

Magazine: $3.4B of Bitcoin in a popcorn tin — The Silk Road hacker’s story

Source link

You might also like

Comments are closed.