A Recap of Significant Crypto Hacks This Week: From False Airdrops to Rug Pulls
The previous week was filled with a whirlwind of events in the crypto world. From multiple accounts being hacked to a significant drop in token values, it was a chaotic time. Let’s delve into the details of the crypto hack roundup for the week and witness the alarming number of hacks that occurred.
MicroStrategy, the largest corporate holder of Bitcoin, fell victim to a hack. The hackers gained unauthorized access to the company’s X credentials and used them to post malicious phishing links. Although the links were eventually removed, the losses amounted to nearly half a million dollars. The hacker also stole various altcoins, resulting in a total loss of $424,786 worth of $wBAI, $wPOKT, and $CHEX. It is astonishing that a single user lost such a substantial amount, highlighting the severity of the hack. The hackers tricked users by misleading them with a fake airdrop for an “official” Ethereum-based MSTR token. Clicking on the provided link led users to a counterfeit MicroStrategy page, where they were prompted to connect a wallet for the airdrop. This allowed the attackers to drain the users’ tokens.
Serenity Shield, once praised as a “crypto legacy solution,” experienced a massive downfall in its token value. The value plummeted by almost 99% after approximately 6.9 million SERSH tokens, worth $5.6 million at the time, were reportedly stolen from one of the team’s MetaMask wallets. In response, Serenity Shield temporarily halted all trading, deposits, and withdrawals of SERSH on centralized exchanges. The team assured their community that they are actively working to restore liquidity and will replace all lost liquidity through a new SERSH token and a robust smart contract.
Seneca protocol suffered a bug approval that compromised users’ funds. The attacker exploited a function in Seneca’s Chamber.sol contract, allowing them to send tokens to their own address. The attack resulted in a theft of $6.4 million, but fortunately, 80% of the funds, approximately $5.3 million, were recovered through a Whitehat request. The remaining 20%, valued at $1.04 million, was kept as a bounty. It’s important to note that the breach did not directly affect funds deposited into Seneca, but rather targeted assets held in users’ wallets.
The Grayscale Capital official website became inaccessible due to an attack by the anti-capitalist hacker group Capital Killers. The group claimed the attack as a gift to the AVAV community in support of fairness and anti-capitalism. Although the Grayscale official website is currently inaccessible, the page for Grayscale’s Bitcoin ETF GBTC remains accessible.
Aleo, a privacy-focused blockchain project, faced privacy leak issues. The project accidentally emailed private identification documents, such as selfies and government identification cards, to the wrong users. Aleo acknowledged the mistake and blamed it on a copy/paste error in email metadata. They reassured the affected individuals that the exposed information was promptly removed, and an investigation was conducted to prevent future incidents.
The decentralized cross-chain protocol Shido Network on the Ethereum blockchain fell victim to a rug pull. The owner of the SHIDO token staking contract upgraded the contract, withdrew a large amount of SHIDO tokens, and dumped a significant portion of them, resulting in a loss of 692 ETH worth $2.1 million.
In conclusion, the past week was eventful in terms of crypto hacks. It’s important to stay vigilant and informed about the latest developments in order to protect oneself in this ever-evolving landscape. Stay tuned for our upcoming weekly roundups to stay up-to-date with the crypto world.