SIR Trading Protocol Suffers ~$355K Loss Due to Exploit in Vault Contract

A hacker stole ~$355,000 worth WETH, WBTC and USDC from DeFi protocol SIR Trading by exploiting a flaw in its Vault contract. The attacker brute-forced a custom address to trick the system into thinking their malicious contract was a legitimate Uniswap pool. The funds were swapped for WETH and later sent to Railgun, collapsing the protocol on March 30, 2024—just 38 days after its launch.

Read the full article: https://lnkd.in/gvhyUZ-7

The graph below shows the movement of funds.

U.S. Authorities Seize $23M in Stolen Crypto from LastPass Breach

U.S. authorities have recently seized over $23.6 million in cryptocurrency linked to the theft of $150 million from Chris Larsen’s wallet, co-founder of Ripple. The stolen funds were traced through exchanges like Kraken, OKX, and WhiteBIT. This theft is tied to the 2022 LastPass breach, which highlights the risks of compromised password managers.

Key Details:
• The Theft & Seizure: In January 2024, hackers stole 283M XRP (~$150M) from Larsen’s wallet. Authorities traced $23.6M of that stolen amount and seized it from various exchanges.
• Connection to LastPass: Cybercriminals likely accessed private keys by exploiting stolen LastPass vaults. No malware was used; instead, the hackers relied on cracked password vaults.
• Other Crypto Theft: This attack is part of a larger trend of using compromised password managers to steal crypto from different targets.

What We Can Learn:
• Strong Passwords Matter: Your password manager is only as secure as your master password.
• Update Your Passwords: If you used LastPass, make sure to update your passwords.
• Use Hardware Wallets for Crypto: For better protection, consider using a hardware wallet to store your cryptocurrency.

As cybercrime tactics continue to evolve, it’s important to stay vigilant and protect your digital assets.

Read the full article: https://lnkd.in/dRPQyu6P

The graph below shows the movement of funds.

We're excited to announce that Blockchain Intelligence Group has entered into a strategic agreement with NYC-based Blockpliance to transition their client portfolio, sales pipeline, and key digital assets to BIG.

This strategic move strengthens our position in the U.S. market while expanding our reach into the rapidly growing Latin American compliance space.
Blockpliance has built a strong reputation for helping companies navigate cryptocurrency compliance complexities across the U.S. and Latin America. We're honored to welcome their clients and partners to the BIG ecosystem.

As part of this agreement, we're pleased to welcome Guillermo Fernandes, Blockpliance's Founder and CEO, to our advisory board. His extensive expertise in financial technology and blockchain compliance will be invaluable as we continue to innovate and expand globally.

This transition reinforces our commitment to providing robust compliance solutions that empower organizations to operate securely and transparently in the digital asset space.

To learn more, read the full press release below.

Voltage Finance Exploit Results in ~ $300K Theft on Fuse Blockchain

On March 18, Voltage Finance suffered an unauthorized withdrawal on the Fuse blockchain, resulting in the theft of $175,032.41 in USDCE and $121,769.33 in WETH. The attacker exploited a smart contract by changing its implementation to execute unauthorized withdrawals. The stolen assets were bridged to Ethereum, converted to ETH, and consolidated back to the exploiter’s main address, where 147.62 ETH (~$291,155.44) remains unspent.

Read the full article: https://lnkd.in/gC9SQYKM

The graph below shows the movement of funds.

Bybit Suffers Largest Cryptocurrency Hack in History

Bybit has confirmed via an official tweet that it fell victim to the largest cryptocurrency hack ever, with ~$1.4 billion worth of tokens stolen from its cold wallet.

Bybit's Statement: https://lnkd.in/ggENrJ6X

Here’s what we know so far:
The Exploit: Bybit’s cold wallet was compromised, leading to the theft of the following tokens:
• 401,346.8 ETH (~$1,078,012,779.74 USD)
• 90,375.547 stETH (~$239,683,183 USD)
• 15,000 cmETH (~$42,075,150 USD)
• 8,000 mETH (~$22,379,920 USD)
• 90 USDT (~$90 USD)

Exploiter Activity Timeline:
Pre-Exploit Testing (February 18–21): The exploiter appears to have conducted smaller-scale tests prior to executing the full exploit, presumably to identify vulnerabilities. One of the exploiter’s addresses was funded through an exchange.

Post-Hack Movements:
• Stolen tokens were split and sent to two new addresses.
• One of these addresses converted the tokens to ETH and transferred 98,048.8 ETH to another address in 3 transactions.
• The 2nd address received cmETH tokens which were not immediately swapped, but the exploiter has already requested a withdrawal, which is still pending.
• Majority of the stolen ETH was distributed across 49 addresses, each receiving 10,000 ETH. These funds are currently unspent.
• Two other addresses including the main exploiter's address still have a total of 9,394.82 ETH unspent.

This is an ongoing investigation, we will continue monitoring the proceeds and post an update when these funds move again.