Hundred Finance Hacker Resurfaces After Year-Long Hiatus | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

In a recent development in the cryptocurrency theft arena, the individual behind the $7.4 million theft from Hundred Finance resurfaced after a year-long hiatus. On May 1, this cybercriminal began transferring assets from Curve’s decentralized exchange, signaling renewed activity.

This individual initially stole these assets by exploiting a vulnerability in the Hundred Finance project on the Optimism blockchain in 2023.

Previously, The Cybercriminal Had Withdrawn $800,000 In Ethereum And Tether

These funds were subsequently converted into Ethereum through the exchange of USDT and smaller quantities of alternative cryptocurrencies such as PAXG and DAI. This series of transactions notably increased the hacker’s Ethereum holdings by over $1 million. Currently, the hacker’s portfolio totals $6.48 million in cryptocurrencies, comprising $4.39 million in Ethereum, $1.24 million in DAI, $426,000 in Wrapped Ethereum, $412,000 in FRAX, and smaller amounts of Wrapped Bitcoin.

The theft was executed by artificially inflating the exchange rate for hWBTC through a donation of 200 WBTC, followed by draining Hundred Finance’s lending pools using minimal amounts of hWBTC. Peckshield, an esteemed on-chain security firm, dissected the breach and identified a blend of flash loans, a critical rounding error, and smart contract manipulation as the components of the exploit.

Token transactions made by the Hundred Finance hacker. Source: Etherscan

This Method Of Transferring Stolen Funds Resurfaced In A Report Earlier This Week

That’s because a similar pattern was highlighted with the Poloniex exchange hacker. The latter had been dormant for months before moving 501 BTC, worth approximately $32 million, to three new wallet addresses in an attempt to obscure the origins of the assets. However, cybercriminals face mounting pressure to conceal their illicit gains, particularly in converting them to fiat currencies without leaving digital traces.

This challenge has grown as regulatory scrutiny intensifies around services traditionally used for such purposes. Crypto mixers, which once offered anonymity for transactions, are increasingly under watch. For instance, the U.S. Department of Justice recently charged the founders of Samourai Wallet with laundering $100 million from illicit activities and facilitating an additional $1.7 billion in money laundering. Similar charges were brought against the co-founders of Tornado Cash, accused of enabling over $1 billion in money laundering.

These crackdowns are part of a broader regulatory trend tightening controls on cryptocurrency operations to prevent money laundering. The European Parliament, for example, voted on April 24, 2024, to ban crypto mixers as part of sweeping new anti-money laundering measures. This regulatory environment complicates the efforts of cybercriminals to break the traceability chain that links stolen funds back to their crimes, making it increasingly difficult to launder stolen funds through conventional crypto services.

Despite All This, April 2024 Has Been The Month With Less Crypto Scams and Hacking

April 2024 stands out as a pivotal month in the realm of cryptocurrency fraud and scam activities. According to recent trends reported by Chainalysis and Blockpit, there has been a notable decline in the revenue generated from crypto scams and hacking, marking a significant shift in the landscape of cryptocurrency-related crimes. Specifically, scamming revenues and funds stolen from hacks both saw considerable reductions, with scamming revenues down by 29.2% and hacking by 54.3% compared to previous years.

This decrease in illicit activities is attributed to a combination of increased regulatory actions, better security practices within the crypto community, and heightened awareness among users about potential scams. The ongoing evolution in scam tactics, including a rise in romance scams where fraudsters target individuals through emotional manipulation, also suggests a shift in how scammers are operating, becoming more sophisticated yet facing greater challenges to succeed.

Despite the downturn in traditional crypto crimes, there has been a rise in ransomware and darknet market activities, indicating that while overall crime might be down, certain areas are seeing an uptick in revenue.


Click Here For The Original Story From This Source.


National Cyber Security