Image: d3sign/GettyImages
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
Advertisement
In the last week alone, hackers have stolen almost $300 million in cryptocurrency in two separate hacks: the recent attack suffered by BitMart, and last week’s web-based scam targeting blockchain "bridge" protocol BadgerDAO. This has been a really, really, bad year for cryptocurrency platforms and security, with much activity occurring in the fast-moving world of decentralized finance, or DeFi. According to one tally, 16 different crypto projects and companies have been hacked, including the crypto lending service C.R.E.A.M., which got exploited via a complex "flash loan" and lost $130 million, and the popular platform Poly Network, which lost and then recovered $600 million in a bizarre public exchange with the hacker, which the company called “Mr. White Hat.”Do you research vulnerabilities on cryptocurrencies and their networks? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email lorenzofb@vice.com
Advertisement
It’s unclear exactly how much money the hackers took in the BitMart hack. BitMart said it was around $150 million, but crypto security company PeckShield said it was around $196 million. BitMart CEO Sheldon Xia said in a Twitter thread that the breach was “mainly caused by a stolen private key that had two of our hot wallets compromised.” He did not say how the hackers stole the private key. He also said the company will use its own funds to compensate the affected users. Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.