Recent crypto security breaches highlight phishing, deepfake scams, DeFi exploits, and a critical Outlook vulnerability.
In a significant security breach, a Bittensor (TAO) user fell victim to a phishing attack, losing an astounding $11.2 million in cryptocurrency. This incident marks the most considerable phishing attack reported in June. The victim, whose identity remains undisclosed, had over 28,000 TAO tokens stolen. The cybercriminal behind this attack dispersed the funds across 18 different wallet addresses before consolidating them into 16 accounts. These accounts then bridged the tokens from the TAO network to Ethereum, exchanging them for ETH and USDC through three different decentralized exchanges.
This method of splitting and recombining funds is a known tactic used by scammers to evade detection by money laundering systems on centralized exchanges. Onchain investigator ZachXBT was the first to report this sophisticated attack through his Telegram channel, highlighting the attacker’s modus operandi. Phishing attacks in the crypto world typically involve creating a fake website mimicking a legitimate protocol, tricking users into authorizing transactions that result in their funds being stolen.
Microsoft Patches Critical ‘Zero Click’ Outlook Vulnerability
In cybersecurity news, Microsoft has addressed a critical vulnerability in its Outlook email client. This flaw, discovered by Morphisec, allowed attackers to execute malicious code on a user’s device without needing the user to download or execute any files. The vulnerability was dubbed a “zero-click” exploit because the mere act of opening a malicious email could trigger the attack.
Morphisec’s investigation revealed that the flaw enabled unauthorized data exfiltration, unauthorized system access, and other malicious activities. Crypto enthusiasts were particularly concerned as such vulnerabilities could potentially lead to the theft of key vault files used for signing transactions. While Microsoft released patches for affected versions, users must update their Outlook clients immediately to prevent potential exploitation. The vulnerability impacted older versions of Outlook 2016, Office LTSC 2021, 365 Apps for Enterprise, and Office 2019, but the latest versions remain secure.
UwU Lend Falls Victim to Double Exploit, Loses $23.7 Million
The DeFi protocol UwU Lend on Ethereum experienced a double blow as it was exploited twice within three days, leading to a total loss of $23.7 million. The first attack, which occurred on June 10, resulted in the theft of $20 million. The attacker exploited a vulnerability in the Ethena Staked USD (sUSDe) price oracle, which the team quickly patched. However, on June 13, the same attacker struck again, this time targeting multiple pools, including uDAI, uWETH, uLUSD, uFRAX, uCRVUSD, and uUSDT, draining an additional $3.7 million.
The initial attack involved manipulating the sUSDe oracle to display false prices, allowing the attacker to borrow more than the collateral provided. This tactic involved using flash loans to alter the prices in several liquidity pools, affecting the collateral requirements and enabling the attacker to default on the loans. The stolen funds, predominantly Ether (ETH), were quickly swapped and transferred to various accounts.
Following the first exploit, the UwU Lend team took swift action to repay the bad debt for Tether (USDT), DAI, and crvUSD, allowing these markets to resume operations. However, the second attack led to further financial damage and caused significant instability within the protocol.
Curve $CRV Token Plummets Amid Fake News and Liquidation
The aftermath of the UwU Lend exploit had ripple effects across the DeFi space, notably impacting the Curve CRV token. Following the exploit, the CRV token’s value nosedived, leading to the liquidation of a $140 million stablecoin position held by Curve’s founder, Michael Egorov. The situation became worse by fake news circulating about a proposed 10% burn of the CRV token supply, allegedly suggested by Egorov to stabilize the token’s price.
This misinformation came from an impersonator of Egorov, aiming to deceive users with a phishing scam. The real Egorov later clarified that the news was false and originated from a fake account. This incident highlights the dangers of deepfake scams and the need for rigorous verification of information within the crypto community.
OKX User Loses $2 Million in AI-Generated Deepfake Scam
A sophisticated deepfake scam resulted in an OKX user losing over $2 million. The attackers obtained personal data of the victim, Lai J. Fang Chang, via Telegram and used artificial intelligence to create a convincing video application. This deepfake tricked OKX staff into authorizing changes to Chang’s account, including password, email address, and Google Authenticator device. Consequently, the attackers bypassed all two-factor authentication controls and withdrew the victim’s cryptocurrency into their own wallets.
This incident underscores the growing threat of AI-generated deepfake scams in the crypto world. OKX is currently investigating the breach, but the attack has already raised concerns about the platform’s security protocols and the effectiveness of its identity verification processes.
Lykke Exchange Faces $22 Million Hack Allegations
Blockchain researcher SomaXBT has accused Lykke exchange of covering up a significant hack that resulted in a $22 million loss. The allegations surfaced after several users reported being unable to withdraw funds, with the exchange claiming it was due to maintenance. However, SomaXBT’s investigation revealed substantial transfers of Bitcoin and Ethereum from multiple wallets to a new address, suggesting a security breach.
Despite the initial silence, Lykke later acknowledged the hack, apologizing for the inconvenience caused to its users. The exchange assured customers that it has sufficient capital reserves and a diverse portfolio to cover the losses and promised to repay all affected users. This incident highlights the importance of transparency and timely communication in maintaining user trust within the crypto industry.