During the WOO X hack, bad actors used social engineering to gain access to the development environment, according to Rob Behnke, chairman of Halborn.
News
Bad actors and scammers stole at least $142 million from the crypto space in July across 17 separate attacks, with the exploit of crypto exchange CoinDCX accounting for the most significant loss.
The total monthly losses represented a 27% increase from the $111 million in June, blockchain security firm PeckShield in an X post on Friday.
However, it’s still a , when July 2024 saw $266 million taken by hackers, with the $230 million breach of Indian crypto exchange WazirX accounting for the lion’s share at the time.
PeckShield said the attacker who exploited the GMX decentralized exchange for $40 million in crypto on July 11, the second largest hack for the month, .
CoinDCX hack the biggest for July
Indian cryptocurrency exchange CoinDCX was hacked on July 18 for $44 million, in what CEO Sumit Gupta said was “a sophisticated server breach.” A CoinDCX employee with the incident.
Only a few days earlier, on July 16, crypto exchange BigONE infrastructure, resulting in a loss of at least $27 million.
Rounding out the top three for July was crypto trading platform WOO X, which was compromised through a phishing attack on July 24, being taken.
WOO X team member’s device accessed
Rob Behnke, chairman of blockchain security firm Halborn, in a report on Tuesday that bad actors responsible for the WOO X hack used to target one of the firm’s team members and access their devices.
“In this case, the attacker used social engineering to compromise a team member’s computer. From there, they could pivot to the development environment and exploit trust in the system to drain user accounts,” he said.
“The attacker successfully performed multiple malicious transactions over the course of two hours before the suspicious activity was noticed and the platform disabled withdrawals.”
Funds were stolen on multiple chains, including Bitcoin (), Ether (), BNB (), and Arbitrum ().
The accounts impacted by the incident later had their balances restored from the company’s treasury.
Related:
Hackers targeting offchain systems
There has been a recent trend among hackers to for high-value hacks, according to Behnke.
“Instead of looking for exploitable smart contract vulnerabilities, which can be identified and addressed via smart contract security audits, attackers look for weaknesses in back end infrastructure and processes,” he said.
“As DeFi hackers grow more sophisticated and increasingly target back end systems and infrastructure, projects need to have strong security controls and processes in place to mitigate these threats.”
Magazine:
