The company said that the new tool works by allowing users to submit transactions directly to validators.
Exchange aggregator 1inch released a new tool called “Rabbithole” on Nov. 25, which the company says will protect traders against malicious “sandwich attacks.” The team announced the launch of the tool in a press release that has been made available to Cointelegraph.
Rabbithole works by allowing users to submit transactions directly to Ethereum nodes, bypassing the mempool. In order to use it, users need to change the remote procedure call (RPC) endpoint in their crypto wallet. After that, each swap initiated via 1inch will be analyzed by the private tx routing algorithm developed by the 1inch team and then sent to validators directly if there is a possibility of a sandwich attack.
Blockchain and decentralized finance (DeFi) focused security platform Certik’s investigation led to the discovery of the professional “KYC actors” who bypass KYC processes to scam crypto communities, according to a Nov. 17 Certik blog post. A KYC actor is defined as an individual who rogue developers hire to spoof the KYC process on crypto projects. Certik uncovered tactics used to carry out hacks and exit scams from an interview with a KYC actor and through probing into activities taking place in over 20 over-the-counter (OTC) underground markets, mainly concentrated on Telegram, Discord, low-requirement phone-based applications, and job advertisements. Certik found that of 4,000 to 300,000 KYC actors based in South-East Asia.https://cryptoslate.com/certik-investigates-kyc-actors-hired-to-scam-the-web3-community/
Hackers profited $657 million in 44 DeFi exploits last month after returning about $100 million to a few platforms. Last month was quite spooky for the crypto industry as it saw the highest number of DeFi hacks this year. While October was expected to be “Uptober,” it quickly turned to “Hacktober” as cyber criminals ransacked top crypto projects for hundreds of millions of dollars.
According to PeckShield, the biggest amount of funds was stolen from the BNB Chain exploit that saw hackers wipe a whopping $586 million from the blockchain network. It was followed by the Solana-based crypto lender, Mango Markets, which was exploited for $100 million. A recent tweet by the blockchain security company PeckShield pointed out that October was the biggest month for hacking activities this year. The DeFi market suffered from 44 exploits that impacted 53 protocols in the tenth month, with the hackers. https://cryptopotato.com/hacktober-finished-with-657-million-losses-from-crypto-exploits/
DeFi’s recent lending market economic attacks, risk monitoring and management has become a key factor for success within the ecosystem. Appropriate procedures need to be taken into account in order to ensure the future growth of the space. This article aims to explore the recent Mango Markets economic attack, how it was orchestrated, and possible mitigation strategies.
In order to understand how susceptible DeFi protocols are to each specific type of risk, we delve into the 62 largest incidents that have taken place to date. This includes hacks in the hundreds of millions for bridges, economic collapses of algorithmic stablecoins, and outright robbery of user funds. Here is the distribution of the main risk factors behind the 62 largest DeFi attacks. Over $50B in losses are accounted for economic risks. This estimate includes the collapse of the infamous Terra ecosystem.https://cryptoslate.com/deep-dive-into-the-mango-markets-economic-attack/
Gate.io Twitter account was hacked and used to promote phishing scams. The gate.com URL directed users to a landing page promising a $500,000 USDT giveaway. Users who connect their wallets to the site would have their assets stolen because it gives hackers access to the wallet.
Gate.io is one of the largest crypto exchanges in the industry. The centralized exchange had a trading volume of over $600 million in the last 24 hours, according to CoinMarketCap data.The exchange has regained control of the compromised account as of press time. The website URL has since been fixed and the scam promotional post removed. The prevalence of this kind of scam has led to several security experts warning investors to always confirm the URL before clicking. Twitter Account Hacked to Promote Phishing Scam Gate.io Twitter account was hacked and used to promote phishing scams. Tte.com URL directed users to a landing page $500,000 USDT giveaway. Users who connect their wallets to the site would have their assets stolen because it gives hackers access to the wallet. Gate.io is one of the largest crypto exchanges in the industry. The centralized exchange had a trading volume of over $600 million in the last 24 hours, according to CoinMarketCap data.The exchange has regained control of the compromised account as of press time. The website URL has since been fixed and the scam promotional post removed. The prevalence of this kind of scam has led to several security experts warning investors to always confirm the URL before clicking. https://beincrypto.com/gate-io-twitter-account-hacked-to-promote-phishing-scam/
Controversial crypto entrepreneur Jason Falovitch on Sunday reported that hackers breached his crypto wallet on OpenSea and stole four NFTs and six ETH. In a similar incident, earlier this month, famous American actor and comedian Bill Muray became a victim of hackers and lost 119.2 ETH worth $185,000 that he had just finished raising through his NFT action for a charity.
Asking to fix responsibility on the wallet service provider, a user sued OpenSea for $1 million after he lost his Bored Ape NFT in a phishing attack. The plaintiff claimed that OpenSea must accept some responsibility for the heist. The four NFTs that hackers illegally transferred out of his wallet included a Bored Ape Yacht Club (BAYC) NFT and a Mutant Ape Yacht Club (MAYC) NFT, and two Doodles. Both Mutant and Bored Ape NFTs were sold for 15.99 ETH and 82.69 ETH, equivalent to $20,700 and $107,000, respectively.
Malicious software designed to mine cryptocurrency has been spreading across hundreds of devices under the appearance of a Google Translate app. The malicious software, referred to as “Nitokod,” was designed as a desktop program for Google Translate and was built by an organization located in Turkey, according to Check Point Research (CPR) on August 29.
In the lack of an official desktop client for Google’s Translate services, a large number of Google users have downloaded this program on their computers. When this program is installed on a smartphone, it immediately begins setting up a sophisticated cryptocurrency mining business on that device. Following the downloading of this malicious application, the process of installing malware is initiated via the use of a scheduled task mechanism. In a later stage.#Web3GrandPappa
A Briton Christopher Hamilton will be extradited to the U.S. to face money laundering and wired fraud charges after being indicted in the $ 4 billion OneCoin scam, according to Law360. Hamilton and his co-accused Robert McDonald had filed to be tried outside of the US since the majority of the crimes took place in Britain.
A U.K District Judge Nicholas Rimmer, however, ruled against their plea and ruled for extradition given that the victims were based in the US. While Hamilton will be tried in the U.S., McDonald was exempted from the extradition on claims of human rights. He claimed that his wife was critically ill and his absence may expose her to suicidal tendencies. The duo is facing legal charges for taking part in the $4 billion OneCoin Ponzi scam pioneered by “CryptoQueen” Ruja Ignatova.#web3grandpappa
Acala is still attempting to restore operations more than a week after suffering an exploit that collapsed its stablecoin. The project said today that “many of the services have been paused… including XCM transfer out.” This means that cross-chain transfers between Acala and other Polkadot parachains are not currently available.
Various other services are also non-functional. Users cannot transfer most tokens, use bridge services, mint the aUSD stablecoin, perform token swaps, use instant unstaking, or engage with the protocol’s various earn features. Only three services are operating normally. The first active service concerns basic on-chain transactions that involve the project’s native ACA token. The other two operational services concern staking: both liquid DOT staking and normal unbound period unstaking are operating as normal.