O ecossistema Solana sofreu um golpe significativo na forma de mais um hack. Desta vez, os analistas de segurança dent mais de 8.620 carteiras Solana associadas ao hack do DEXX. As perdas são actualmente estimadas em cerca de 30 milhões de dólares, uma vez que as iniciativas de recuperação estão em curso.
DEXX, um terminal de negociação de moedas meme, foi vítima de uma exploração de segurança em 16 de novembro. Um vazamento de chave privada resultou em perdas para pelo menos 900 usuários únicos, com Mist Trac relatando que a maioria das vítimas sofreu perdas de menos de US$ 10.000. Um usuário, no entanto, perdeu mais de US$ 1 milhão.
O dano geral do ataque foi inicialmente estimado em US$ 21 milhões, tornando-o o segundo maior hack em novembro, depois do hack Thala, que custou US$ 25,5 milhões. Com o tempo, a estimativa subiu para US$ 30 milhões.
O fundador da DEXX, Roy, revelou pela primeira vez na plataforma X que empresas de segurança dent revelariam todos os endereços de hackers. A comunidade foi solicitada a monitorar os endereços e reportar qualquer atividade suspeita às plataformas para que pudessem ser bloqueadas e interceptadas imediatamente.
Eles também tentaram negociar com os hackers. Thala também aplicou a fórmula para negociar com sucesso com os hackers seu protocolo DeFi e recuperou US$ 25 milhões.
Sr./Sra. hacker,
Recebemos tron apoio de agências de segurança, parceiros e bolsas para localizar nosso token roubado. Também estamos monitorando seus endereços para congelar os fundos roubados em tempo hábil. Pedimos que você resolva este dent nas próximas 24 horas. Esse…
— DEXX (@DEXXai_EN) 23 de novembro de 2024
The account added, “Once you have returned the funds, we will immediately destroy all information we currently have about the hack. We will also stop all follow-up tracking and analysis. You will no longer be held responsible. However, if you do not comply, we will continue our investigation with the local police, security agencies, and the exchanges to take enforcement action to protect user assets, however long that takes.”
DEXX claims it is currently getting security upgrades. It also advised users not to make any deposits to the site. However, some users have continued to mke deposits despite warnings, which has led to more theft as the hacker’s script is still operating.
The hacker owns secret keys; hence, it could not be possible to get assets back via the exact same route. They have said that a new pay address will be added to help with fund returns.
Solana deals with hot wallets, always connected online, which let their owners make or get money right away. Sadly, this also generates certain security concerns. How the breach happened, how many people were impacted, and whether the victims could get their money back remain unknown.
Solana is a blockchain that supports builders creating crypto apps and has SOL as its crypto coin. SlowMist, a crypto-security firm, has published a document identifying over 8,620 Solana addresses suspected to be associated with the DEXX criminal.
In August 2022, Solana suffered an attack that affected almost the same number of addresses. The hackers attacked the Solana crypto ecosystem and compromised over 8,000 wallets. They drained over $5.2 million in digital coins, including Solana’s SOL token and USD Coin.
After investigating the incident, Solana quickly concluded that the majority of the victims were those who used mobile wallets. In light of this, they recommended hardware wallets instead, as there is no evidence to suggest that they have been affected by the vulnerabilities.
This new hack has proved that hardware wallets are also in some way vulnerable.
CNBC reported that cybercriminals stole $1.38 billion worth of crypto from January 1 to June 24. The theft levels more than doubled the $657 million stolen in the same timeframe the previous year.
In addition, hackers stole digital assets worth more than $71 million in November. In 2024, this will bring the total value of crypto stolen to more than $1.48 billion.
Crypto is growing bigger, but hackers are becoming more daring. The ongoing cyberattacks by cryptocurrency hackers are clearly tarnishing the industry’s reputation.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan