Bankroll Network DeFi Hacked
DeFi Exploits: Bankroll Network Drained
On September 22, 2024, the decentralized finance (DeFi) protocol Bankroll Network was targeted in a significant attack. According to a post by blockchain security platform TenArmor, the attacker managed to siphon off $230,000 from the protocol.
Details of the Attack
TenArmor’s analysis revealed multiple suspicious transactions involving the transfer of Binance Coin (BNB) from a BankrollNetworkStack contract to itself. Each transfer was valued at $9,679,645.51. Additionally, there were two other substantial transfers worth $9,435,877.94 each. One of these transactions originated from a PancakeSwap exchange pool and was sent to an account ending in “47D7”. The other transfer moved funds back to the BankrollNetworkStack contract.
The discrepancy between these transfers and the amount lost, $243,767.57, aligns closely with the reported loss of $235,000. This suggests the attacker exploited a vulnerability that allowed them to withdraw more than they deposited, possibly using flash loans to make the initial deposit.
Blockchain data confirms these transactions occurred at 4:50 pm UTC on September 22. Despite attempts to reach the Bankroll Network team for comments, no response was received by the time of publication.
Phisher Moves Stolen Crypto on CoW Protocol
Phishing Attack Details
A phishing attacker, already infamous for draining $55.4 million from a crypto whale’s wallet, made headlines again on August 28, 2024. The attacker attempted to launder $250,000 through the CoW decentralized finance protocol. This was detected by blockchain security platform PeckShield.
Using the CoW protocol, the attacker converted stolen DAI stablecoin to Ethereum (ETH). PeckShield identified the transaction on September 14 when the attacker moved the ETH to a new address. The transaction, labeled “MoooZ1089603480”, consisted of 33 individual trades, converting $260,000 worth of DAI into approximately 106.29 ETH.
The attacker used a third-party account to call the function, hoping to evade detection. However, the strategy failed, and the funds were traced back to the original phishing attack.
Phishing Attack Techniques
Phishing attacks in the cryptocurrency world often involve tricking users into authorizing token approvals. Once the victim grants these approvals, the attacker drains their wallet. To protect themselves, crypto users must carefully inspect addresses they interact with to avoid falling victim to such scams.
In this case, the phishing attack involved multiple steps to obscure the trail of stolen funds. The attacker moved the funds through several intermediate addresses, hoping to evade analytics systems. Despite these efforts, security firms have been able to trace the funds, providing hope that authorities may eventually recover them.
Malware Alert: D-Link Router Vulnerabilities
Disclosed Vulnerabilities
On September 16, 2024, networking device manufacturer D-Link disclosed five vulnerabilities in some of its router models. These vulnerabilities, identified by cybersecurity firm CyberRisk Alliance, could allow attackers to gain access to a user’s home network, potentially compromising devices holding crypto wallets.
The first two vulnerabilities, CVE-2024-45695 and CVE-2024-45694, involve a “stack-based overflow” that allows attackers to execute arbitrary code on the device. The first affects the DIR-X4860 and DIR-X5460 router models, while the second affects only the DIR-X5460.
Three other vulnerabilities affect the DIR-X4860 and the discontinued COVR-X1870 models. These allow hardcoded credentials to log in if Telnet is enabled. The vulnerability CVE-2024-45697 allows attackers to activate Telnet service whenever the internet or WAN port is plugged into the modem.
Mitigation Measures
D-Link has urged users to upgrade their devices to the latest firmware to protect against these vulnerabilities. Crypto wallet users should ensure their home network is secure to prevent cybercriminals from monitoring their online behavior and planning further attacks.
Conclusion
The recent exploits in the DeFi space and vulnerabilities in networking devices highlight the importance of robust security measures. Users must remain vigilant, conduct thorough research, and ensure their devices are updated to protect against potential threats. As the crypto landscape evolves, so do the tactics of malicious actors, making security an ongoing and critical concern.
