Bilaxy Rekt: $ 450 million lost after a market hack

Exchange hacks are one of the well-known teething troubles in the crypto space. The latest victim was Bilaxy, where the damage could amount to 450 million US dollars.

Less than three weeks after the spectacular attack on the DeFi platform PolyNetwork, the biggest hack to date in the crypto space with stolen cryptocurrencies worth over 600 million US dollars, the crypto exchange Bilaxy fell victim to a cyber attack. The exchange, which has been registered in Seychelles since 2018, is one of the less well-known representatives in the exchange landscape. The attack is hardly inferior to that on PolyNetwork. According to initial estimates, the hack could amount to 450 million US dollars. Bilaxy has not yet commented on the speculation.

Hack on the bilaxy hot wallet

The exchange reconstructed the incident in a Telegram post. Accordingly, the hack occurred on Saturday, August 28, between 6:00 p.m. and 7:00 p.m. The hacker succeeded in relieving the hot wallet by “around 295 ERC20 tokens”. The tokens were then transferred to an address that had already been given a warning on Etherscan. Otherwise, nothing is known about the course of events.

The exchange then announced that it would perform “emergency maintenance” on the website and “move hundreds of tokens from the hot wallet to cold wallets to secure the assets”. The case will be reported to law enforcement agencies. In addition, Bilaxy promised, “in the coming days, together with security institutions, to carry out a thorough check and investigation of the system security”. The website is not yet available at the time of going to press.

Clarification takes two weeks

According to Bilaxy, the work can take another two weeks:

Bilaxy suffered heavy losses from the hack and the issue is still unresolved which will take a lot of work and time to get the Bilaxy services back on. It can take at least two weeks to thoroughly investigate the hack and rebuild the system architecture to secure the system and assets.

Bilaxy has not taken a position on the amount of the stolen tokens. Hoge Finance said in a tweet that Hoge tokens worth $ 22 million alone were affected by the hack. Initial estimates suggest that the hack could run to $ 450 million. Whether Bilaxy is as lucky as PolyNetwork remains to be seen, but it is unlikely. The attacker on the cross-chain platform quickly turned out to be a “white hat”, ie a well-meaning hacker who finally returned the stolen assets. PolyNetwork reacted confidently and offered the hacker a job as a security advisor.

Comments

From offchain to offchain: Statechains meets Lightning

Without a doubt, the most significant off-chain Bitcoin solution is the Lightning network. But in its wake, the statechain has emerged as an intriguing replacement. There is currently a proposal to link the two offchain networks. From an ocean, for example, you can see sunbeams glistening in the water, waves rippling, and possibly a jellyfish drifting toward the light. But you only see a small portion of it. The distance from the sea's surface to its bottom is hundreds of meters. It has dozens of different fish species swimming in it, crabs and starfish crawling on the bottom, shells clinging to rocks, and sea plants climbing up. A completely new world starts where your gaze diverges. You can picture a blockchain like Bitcoin, just like the sea. What you see on the outside is only a small portion of what is actually there; the set of UTXOs (coins) and transaction history that full nodes store are just the beginning of a much larger world. It's the plan, at least. With Bitcoin...

Phishing attack on popular crypto sites tries to empty wallets

Several major crypto sites such as Etherscan, CoinGecko, DeFi Pulse, and others report malicious pop-ups scammers use to try to trick users into connecting their MetaMask wallets. The phishing attack came from a domain displaying the Bored Ape Yacht Club (BAYC) logo. "We are investigating the root cause of this attack to fix the threat as soon as possible," CoinGecko founder Bobby Ong tweeted. The phishing attack appears to have been triggered by a malicious ad script from Coinzilla, a crypto ad network, according to CoinGecko. Etherscan also advises its users not to confirm any transactions that may appear on the website. The attackers attempted to use the hype around the “bored monkeys” non-fungible tokens (NFT) to gain access to the cryptocurrencies of unsuspecting website visitors. Although the websites affected by the scam attempt have reacted in the last few hours and deactivated the advertising pop-up, it is still recommended not to connect your MetaMask wallet to ne...

Bored Ape Yacht Club NFTs stolen through phishing on Instagram

Bored Ape Yacht Club ( BAYC ) developers announced on Monday that hackers have hijacked the official Instagram page of the popular NFT collection and posted links to a fake airdrop. Crypto enthusiasts who connected their MetaMask wallet to the rogue website subsequently had their Ape NFTs stolen. Apparently, the attack was planned to coincide with the one-year anniversary of the BAYC collection. This increased the "perceived credibility" of the phishing link. About 100 NFTs are said to have been stolen in the phishing attack . According to CoinGecko data , the minimum price for a BAYC NFT is 139 Ether ( ETH ) or $400,726. So if reports are correct, over $40 million worth of NFTs were stolen in the attack. These numbers are only the lowest estimate, however, as they are based on the lowest price. At the time of writing, it was still unclear how the hackers gained access to BAYC's official Instagram account. Social media users have pointed out the importance of two-fact...

Cryptostreet

Search This Blog