Tag:

drain

North Korean Hackers Drain $1.2M From Seedify Bridge

by admin September 24, 2025

In brief

North Korean hackers compromised Web3 gaming incubator Seedify’s cross-chain bridge, draining $1.2 million across BNB Chain networks.
The attack exploited a developer’s private key to mint unauthorized SFUND tokens through an audited bridge contract that should have prevented such minting.
Blockchain sleuth ZachXbt linked the theft addresses to past North Korean “Contagious Interview” incidents through on-chain analysis

North Korean state-affiliated hacker groups have claimed another victim in the DeFi sector, exploiting Web3 gaming incubator Seedify Fund’s token bridge infrastructure to steal $1.2 million while devastating the platform’s native token SFUND across multiple exchanges.

The attack on Tuesday targeted Seedify’s cross-chain bridge on BNB Chain, allowing hackers to mint unauthorized tokens and systematically drain liquidity pools across Ethereum, Arbitrum, and Base networks before converting proceeds on BNB Chain, the platform said in its official statement.

Today at approximately 12:05 UTC, a DPRK state-affiliated group known for many hacks in Web3 gained access to one of our developer’s private keys. Using these, they were able to mint a large amount of SFUND tokens through a bridge contract that had previously passed audit.

The…

— Seedify (@SeedifyFund) September 23, 2025

“The Seedify theft addresses are tied onchain to past Contagious Interview incidents (DPRK),” blockchain sleuth ZachXBT tweeted following the breach, linking the the attack to an ongoing campaign that has claimed over 230 victims between January and March alone, per a recent SentinelLABS intelligence report.

The SFUND token has plunged nearly 35% in the last 24 hours, now trading at $0.28, according to CoinGecko data. It was trading at $0.42 before the hack was reported.

“DPRK/Lazarus decided to take everything we built over 4.5 years in one hack,” Seedify founder Meta Alchemist tweeted in response to the breach.

“The Seedify hack stemmed from a compromised developer key that let DPRK-linked actors mint unauthorized $SFUND tokens via a bridge contract,” Hakan Unal, Senior Security Operations Center Lead at Cyvers, told Decrypt.

“This contract should not have been able to mint these tokens without any token being bridged,” Seedify explained in its official statement, revealing the fundamental vulnerability that allowed unauthorized token creation.

“The hacker wallets connect on-chain to prior DPRK operations, highlighting how aggressive their ongoing rampage across Web3 has become,” Unal explained, recommending platforms monitor on-chain activity and enforce multi-signature approvals.

The crypto industry mobilized quickly in response, with Binance founder Changpeng Zhao (CZ) saying security experts helped freeze $200,000 at HTX exchange, and “the rest seem to remain on-chain.”

Talked to a few security guys in the industry. I believe they were able to help track it and froze $200k at HTX, the rest seem to remain on-chain. Looks like North Korea DPRK.

Major CEXs probably have these addresses on blacklists now. Good luck!

— CZ 🔶 BNB (@cz_binance) September 24, 2025

‘Contagious Interview’ campaign threat actors operate in “coordinated teams with real-time collaboration, likely using Slack and multiple intelligence sources such as Validin, VirusTotal, and Maltrail” to monitor their infrastructure exposure, SentinelLABS said.

The report also found that despite DPRK hackers “thoroughly examining threat intelligence and identifying artifacts that can be used to discover their infrastructure,” they “did not implement systematic, large-scale changes to make it harder to detect,” instead quickly deploying new infrastructure when disrupted.

“The competitive pressures stemming from North Korea’s annual revenue quotas” drive operatives to protect individual assets and ‘outperform colleagues’ rather than coordinate security improvements,” the cybersecurity firm said.

A recent Cisco Talos intelligence report showed that North Korean groups are continuing to refine their attacks with new malware like “PylangGhost,” targeting crypto professionals through fake Coinbase and Uniswap job postings.

With known DPRK-related losses in 2024 totaling $1.3 billion, the ByBit hack’s $1.5 billion alone has already made 2025 “by far their most successful year to date,” according to Chainalysis’ 2025 Crypto Crime Mid-year Update.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.

Source link

September 24, 2025 0 comments

GameFi Guides

Critical Chrome Exploit Could Drain Your Crypto, CTO of French Hardware Wallet Giant Warns

by admin September 18, 2025

Charles Guillemet, chief technology officer at Ledger, has issued a security warning about a major Chrome vulnerability that could potentially allow hackers to drain one’s crypto wallet.

The “Type Confusion” bug, which was recently discovered by security researchers, makes it possible for bad actors to run malicious code by treating one type of data as another. It has been found within V8, the engine that executes JavaScript and WebAssembly.

Simply visiting a malicious website could make it possible for attackers to steal highly sensitive data, including private keys, seed phrases, or wallet files.

Google’s urgent response

Within just 48 hours of the critical vulnerability being detected, Google swiftly moved to publish an emergency update. Chrome users have to make sure that they are using the fixed version (140.0.7339.185).

It is worth noting that all Chromium-based web browsers have been affected, including Brave, Opera, and Vivaldi.

Source link

September 18, 2025 0 comments

Crypto Trends

Stablecoins Don’t Drain Bank Deposits, Calls It a ‘Myth’

by admin September 16, 2025

Leading U.S. cryptocurrency exchange Coinbase has refuted claims that stablecoins threaten the US banking system by causing “deposit erosion.” It called this idea a myth.

In a blog post on September 16, the exchange dismissed concerns about stablecoins pulling funds from bank deposits as unfounded. Coinbase also cited that recent analysis highlighted that there is no significant connection between stablecoin use and deposit outflows at community banks.

Further, the exchange argued that stablecoins, which are dollar-pegged cryptocurrencies, function primarily as payment tools rather than savings accounts. “Stablecoins don’t threaten lending—they offer a competitive alternative to banks’ $187 billion annual swipe-fee windfall,” it stated, emphasizing that users choosing stablecoins for international payments are not reallocating savings but opting for faster, cheaper transactions.

The exchange also challenged a U.S. Treasury Borrowing Advisory Committee report projecting $6 trillion in potential deposit flight against a $2 trillion stablecoin market by 2028, calling the figures inconsistent. Coinbase’s accompanying paper noted that most stablecoin activity, over $1 trillion of $2 trillion in 2024 transactions, occurs outside the U.S., particularly in Asia, Latin America, and Africa, where financial infrastructure is weaker.

Coinbase: Stablecoins boost USD, coexist with banks

Coinbase argued that this international use strengthens the U.S. dollar’s global dominance rather than undermining domestic banks. It further highlighted positive correlations between bank stock performance and crypto firms like itself and Circle after the passage of the GENIUS Act, suggesting banks and stablecoins can coexist.

The exchange’s stance aligns with comments from Bitwise’s Investment Chief Matt Hougan, who last week criticized U.S. banks in an X post for offering low deposit yields while resisting stablecoin competition instead of improving services. The debate follows August 2025 calls from U.S. banking groups, led by the Bank Policy Institute, urging Congress to address a perceived loophole in the GENIUS Act that could allow stablecoin issuers to indirectly offer yields through crypto exchanges.

Also Read: Hong Kong To Simplify Crypto Rules To Support Stablecoin Banking

Source link

September 16, 2025 0 comments

NFT Gaming

Shibarium Bridge Falls Victim To $2.4 Million Drain Attack

by admin September 14, 2025

Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

Shibarium, the Ethereum-based Layer 2 scaling solution built around the Shiba Inu ecosystem, has suffered a major security breach, leading to the loss of about $2.4 million in assets. The drain attack has since prompted intense immediate emergency responses.

Hacker Uses Bridge Funds To Seize 4.6M BONE

In an X post on September 13, the development team behind the Shiba Inu (SHIB) token revealed that a hacker leveraged funds from an earlier bridge hack to acquire 4.6 million BONE tokens in a single block, mimicking a flash loan-style transaction. This maneuver temporarily granted the malicious actor significant validator voting power to sign a malicious state on the Shibarium network, where BONE functions as the governance token.

Notably, the flash loan-like transactions were settled using assets transferred directly from the bridge in the form of 224.57 Ethereum (ETH) ($1.05 million) and 92.6 billion SHIB ($1.30 million). However, the BONE tokens remain locked with validators due to staking mechanisms, preventing the attacker from withdrawing them immediately.

Nevertheless, the validator compromise highlighted a critical issue for the Ethereum layer 2 solution. The Shiba Inu team notes that evidence suggests that 10 of 12 validators’ signing keys were breached, leaving only K9 Finance and Unification validators resisting the malicious signing attempt.

In addition, other assets, including LEASH ($645,000), ROAR ($284,000), TREAT ($50,000), BAD ($17,000), and SHIFU ($10,000), were also drained but have not been sold. Meanwhile, the hacker’s attempt to offload approximately $700,000 worth of stolen KNINE tokens was thwarted after the K9 Finance DAO multisig blacklisted their address, effectively freezing 248 billion KNINE permanently.

Shibarium Team Shares Security Response And Next Steps

In the immediate aftermath, the Shiba Inu team has halted staking and unstaking functions to safeguard community assets. Meanwhile, stake manager funds were also moved from proxy contracts into a secure 6-of-9 hardware multisig wallet. In addition, Blockchain security teams such as Hexens, Seal911, and PeckShield have also been onboarded to conduct a forensic investigation into the breach.

In other developments, Shiba Inu developer with X username Kaal Dhairya confirmed that while damage control and investigations are underway, the team is open to negotiating with the hacker, offering leniency and even a potential small bounty should the stolen assets be returned.

Following the hack, the Shibarium ecosystem tokens have varying degrees of a negative price reaction. Notably, the Shiba Inu (SHIB) trades at 0.000014 following a slight 1.67% decline in the last day. Meanwhile, LEASH and BONE are down by 5.69% and 21.98% respectively, within the same period.

SHIB trading at $0.00001396 on the daily chart | Source: SHIBUSDT chart on Tradingview.com

Featured image from Dreamstime, chart from Tradingview

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.

Source link

September 14, 2025 0 comments