• In July, Flash Loans and Duplicate Websites continued to plague cryptocurrency platforms

  • There was a flurry of sophisticated cyberattacks on the crypto industry in July. Cybercriminals continued to use a variety of attack vectors to siphon off digital currencies.

    These cybersecurity worries stem from a variety of sources. Blockchain and cryptocurrency are vast and provide a plethora of attack vectors.

    Over the last month, these have included issues with lax security practices, users who do not understand security measures, and DeFi protocols that continue to have flash loan issues.

    The vulnerability of the cryptocurrency trading platform

    Contrary to popular belief, Mac OS, like any other operating system, is vulnerable to malware. Despite the fact that Microsoft Windows is the world’s standard operating system, Apple’s is thought to be more secure.

    This is due to the fact that they are based on the architecture of the Unix kernel. As a result, intrusions become more difficult for the average hacker. Recent events, however, have put this belief to the test.

    Previously, ESET researchers discovered a number of unsuspecting websites that were spreading malware disguised as legitimate cryptocurrency trading apps for the Mac platform.

    A closer look revealed that the malware’s purpose was to steal information from browser cookies, crypto wallets, and secret screen captures.

    Patterns that repeat themselves

    Fake trading apps are not a new phenomenon. Trend Micro reported a similar instance of fake trading applications targeting the Mac OS platform in late 2020. These attackers were luring unsuspecting users in order to steal their information.

    After analyzing the malware’s source code, the ESET researchers who made the more recent discovery concluded that this attack method was a new campaign similar to the one reported by Trend Micro.

    The threat actors rebranded the Kattana trading app with new names and duplicated the Kattana website. As a result, it appeared to be identical to the original.

    It is not difficult to create duplicates with different names. However, distinguishing between websites masquerading as official sites for a product has become a common tactic used by hackers to deceive users.

    DeFi’s flash loan issue

    On July 15, the Bondly Finance decentralized finance (DeFi) platform informed its users via Twitter that their platform had been compromised by an unidentified party.

    They issued an urgent warning, “STOP TRADING BONDLY.”

    As hackers exploited their liquidity pools, they informed users that they were actively working to resolve the issue. The threat actor then generated 373 million BONDLY to trade on the open market, resulting in an 82 percent price drop.

    Before Bondly found itself on the hit list of cybercriminals, DeFi had seen its fair share of exploitation, mostly through shady flash loans and insider fraud.

    A flash loan is a type of uncollateralized lending that criminals can take advantage of. It may enable them to circumvent DeFi protocols and steal millions of dollars. Because the borrowed funds are returned within the timeframe of one transaction, the transactions are instantaneous.

    A DeFi event that occurs on a regular basis

    Often, innovation results in inconvenience. However, when convenience takes the place of security, security gaps are created. These, in turn, provide ripe opportunities for cunning thieves to exploit.

    THORChain, a cross-chain decentralized exchange (DEX), was recently bled for $5 million. This made the transaction a prime target for cyber thieves. This is the third attack of the year, and the second within a week.

    On July 16, THORChain announced that it had lost approximately 4,000 ETH.

    This multi-million dollar cyber heist has become another target in the growing index of abused protocols as flash loan exploits continue to spread.

    PolyBunny Finance was also on that list of targets in July. After successfully executing a flash loan crypto attack, an attacker escaped with 1,281 ETH. This resulted in a $2.4 million theft.

    According to PollyBunny, the attack resulted in the loss of 2.1 million BOLLYBUNNY tokens. As a result, the token’s value dropped from $10 to just under $2.

    In general, Johna Till Johnson, CEO and Founder of Nemertes Research, explains that cybersecurity should focus on protecting against attacks rather than just protecting resources.

    “Part of the problem with cybersecurity is that people have the misconception that it is all about protecting cyber-resources. So the question is, what should we do to protect cloud-based resources, given that they are all in the cloud? That is the incorrect way to think about things,” she explains.

    “Cybersecurity has always meant, and always should mean, that you are protecting the organization from cyber-based attacks. In other words, it is not about safeguarding cyber resources. “It’s about defending against cyber-based attacks,” she explained.

    Offline concerns are influenced by cybersecurity concerns.

    The use of blockchain and cryptocurrencies by illegal networks, including terrorist groups, is problematic.

    These offline security concerns are reflected in government agencies’ online crackdowns. Wherever possible, either through regulation or raids.

    The National Bureau for Counter-Terror Financing (NBCTF) of Israel seized several wallets allegedly belonging to Hamas members in July. This followed a significant increase in crypto donations to Hamas in May, during a period of increased conflict between the group and Israeli forces.

    Quantum Computing is a future blockchain security concern.

    While there are security concerns with blockchain, the inherent benefit is found in its use of cryptography. These complex mathematics provide some protection against human hackers, resulting in the various work-around exploits previously discussed.

    However, Johnson points out that quantum computing poses a future threat to blockchain security.

    “What I’m concerned about with blockchain and all cryptocurrencies is whether quantum computing will blow them out of the water because, in layman’s terms, blockchain relies on the fact that certain things, you know, certain cryptography, simply can’t be hacked by computers known to man,” she explained.

    “The problem with quantum computing is that that assumption is now incorrect. So, basically, one side of the argument is that quantum computing will destroy blockchain. Now is the time to consider the opposing viewpoint. They will convert all of their cryptography to quantum cryptography. As a result, there will be an arms race,” Johnson predicted.

    What's your reaction?