Major crypto platforms in July are still plagued by lightning loan attacks and phishing websites
Several attacks occurred in the encryption circle in 1.7.
2. There are still flash loan attacks on DeFi platforms.
In July of this year, a series of cyber attacks occurred in the encryption industry. Cybercriminals continue to use various attack methods to steal digital currency.
These network security issues come from multiple sources, because the blockchain and cryptocurrency industries are large in scale and provide a variety of attack vectors.
In the past month, there have been many reasons for network attacks, including security negligence, some users have insufficient understanding of security, and the DeFi protocol flash loan problem has continued.
Encrypted trading platform has security issues
Contrary to popular belief, Mac OS, like other operating systems, is vulnerable to malware attacks. Although the Microsoft Windows operating system is a universal standard operating system in the world, people think that Apple’s system is more secure.
This is because Apple’s system is based on the Unix kernel, which is more difficult for ordinary hackers to invade. However, recent attacks have tested this view.
Earlier, ESET researchers found that various websites disguised as legitimate cryptocurrency trading applications on the Mac platform, spreading malicious software, and these websites are difficult to arouse people’s suspicion.
After closer inspection, the researchers found that the malware was trying to steal information through browser cookies, encrypted wallets, or desktop screenshots.
Malicious software pretending to be trading applications is certainly nothing new. At the end of 2020, Trend Micro reported a similar incident, including a fake trading application targeting the Mac OS platform. Hackers use these programs to lure unsuspecting users and steal information.
After analyzing the source code of the malware, ESET researchers came to a conclusion that these software belong to a new type of hacking activity reported by Trend Micro.
Hackers will give the malicious program a variety of names, and the phishing website is exactly the same as the Kattana website. In these ways, users can’t distinguish between malware and official software.
It is not difficult to create a fake website. However, users need to judge fake websites that pretend to be a product, which has become a common strategy for hackers.
Flash loan attack problem
On July 15, the Bondly Finance Decentralized Financial DeFi platform notified its users via Twitter that the platform was attacked by an unknown hacker.
Bondly Finance issued an emergency warning and stopped trading of BONDLY tokens.
According to the agreement, due to hackers attacking the liquidity pool, it is actively working to repair it. The hacker subsequently minted 373 million pounds of BONDLY tokens and sold them on the open market, causing the price to plummet by 82%.
Before this attack, DeFi has experienced quite a few attacks, mainly flash loan attacks and internal fraud.
A flash loan is an unsecured loan. The loan transaction occurs instantly. Because the borrowed funds are returned in one transaction, hackers can use the flash loan to break the DeFi protocol and steal millions of dollars.
Attacks continue to occur in the D eFi field
Innovation can often bring convenience. However, sacrificing security in exchange for convenience will create security loopholes. In turn, these vulnerabilities have become good opportunities for hackers.
Recently, the cross-chain decentralized exchange (DEX) THORChain lost $5 million, which means that the exchange has become a “frequent visitor” of cyber hackers. This is the third attack that THORChain has suffered this year and the second in a week.
On July 16, THORChain announced that it had lost approximately 4000 ETH.
In July, PolyBunny Finance also became one of the targets of hacker attacks. After a hacker successfully executed a lightning loan encryption attack, he stole 1281 ETH, resulting in a loss of 2.4 million US dollars.
PolyBunny Finance stated that 2.1 million BOLLYBUNNY tokens were lost in this attack, causing the value of the tokens to fall from $10 to less than $2.
In terms of network security, Nemertes Research CEO and founder Johna Till Johnson explained that network security should focus on preventing attacks, not just protecting resources.
Network security issues cause offline security issues
Blockchain and cryptocurrency will be used by illegal organizations such as terrorist organizations, which in turn causes problems.
In the crackdown on network security issues of government agencies, offline security issues are very prominent. The government can solve such problems through supervision or raids.
In July of this year, Israel’s National Counter-Terrorism Financing Agency (NBCTF) seized several crypto wallets held by suspected Hamas members. In May of this year, the conflict between Hamas and the Israeli army escalated, and the donation of cryptocurrency to Hamas increased significantly.
Future blockchain security issues
Although there are some problems with blockchain security, its inherent advantage lies in the use of encryption technology. These complex mathematical encryption calculations provide a protection against hackers. However, Johna Till Johnson pointed out that in the future blockchain security will be threatened by quantum computing.
Johna Till Johnson said that some people believe that quantum computing will destroy blockchain technology, but another group of people believe that quantum computing can take encryption technology to another level in the future and produce quantum encryption technology. This is an arms race.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/major-crypto-platforms-in-july-are-still-plagued-by-lightning-loan-attacks-and-phishing-websites/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.