Hacker steals $55 mn after a bZx developer falls for phishing attack


By MYBRANDBOOK


Hacker steals $55 mn after a bZx developer falls for phishing attack

The Block, a crypto blog reported, crypto company bZx said that a hacker stole millions in various currencies after one of its developers fell for a phishing attack. SlowMist, an outside security company, estimated the total haul at $55 million. bZx said on Twitter, "Roughly 25% of this figure is personal losses from the team wallet that was compromised".

 

bZx posted what it said were details of the hacker's accounts, which included Ethereum totaling $21 million. The company, a decentralized-finance platform, or DeFi, said it was still investigating the hack. It said the breach affected "lenders, borrowers, and farmers" with funds on two platforms, Polygon and Binance Smart Chain.

 

The company said in its unsigned technical analysis of the hack, "A limited number of users who had approved the unlimited spend had funds stolen from their wallet. The developer's wallet had all funds drained from their wallet."

 

bZx said the breach began with a phishing email sent to a developer's personal computer. That email had "a malicious macro in a Word document that was disguised as a legitimate email attachment, which then ran a script on his Personal Computer. This led to his personal mnemonic wallet phrase being compromised," the company said.

 

At about 8:30 am EST on Friday, the company received a series of notifications about suspicious activity, including a flagged wallet. The company tracked the hacker's wallet. It posted a list of balances, along with a few transactions, on its blog.

 

The company said it was still working to determine the total amount of funds stolen. It said it was working with law enforcement to recover the funds and identify the hacker.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org