Cointime

Cointime

Download App
iOS & Android
Home / Security

Cardano ( $ADA ) Investors Report Unauthorized Transactions and Losses from Nami Wallets

June 20 (Cointime) - A growing number of Cardano investors are reporting unauthorized transactions and losses from their Nami wallets, with their ADA assets being transferred without their consent. These incidents are likely due to weak passwords and compromised devices rather than a flaw in the Nami wallet itself.

Investigations have failed to identify a common link between victims based on the decentralized applications associated with their compromised wallets, indicating that the problem lies with the security measures taken by users.

There is a possibility that a "zero-day" exploit in Google Chrome could be the cause of these breaches, posing a serious threat to all browser-based cryptocurrency light wallets. It is important for users to take additional security measures, such as using strong passwords, enabling two-factor authentication, and regularly updating software, to protect their assets.

Chainlink Chainlink $12.91
-4.07%
Cardano Cryptocurrency
Comments

All Comments

Recommended for you

  • Sonne Finance: This attack was a donation attack. We are investigating the attacker and have suspended the market.

    Sonne Finance released an attack analysis report. This was a donation attack. Sonne had avoided this problem in the past by adding a collateral factor of 0% to the market, adding collateral and then destroying it, and only then increasing c-factors according to the proposal. Sonne recently passed a proposal to add the VELO market to Sonne. This transaction was arranged on a multi-signature wallet, and c-factors were arranged to be executed within 2 days due to the time lock. When the 2-day time lock for creating the market ended, the attacker executed 4 of the transactions and then executed the transaction to add c-factors to the market. The attacker was able to use the protocol to obtain approximately $20 million in funds through a known donation attack. Seal contributors quickly noticed this issue and reserved approximately $6.5 million by adding VELO worth approximately $100 to the market. Sonne is investigating the attacker and has suspended the market to mitigate further losses. Sonne is prepared to offer a bounty to the attacker and promises not to pursue the issue further if the attacker returns the funds.

  • Sonne Finance confirms attack, but still has about $6.5 million in funds

    On May 15th, Sonne Finance announced that its Optimism protocol had suffered a known donation attack, resulting in a loss of approximately $20 million. The attack exploited a vulnerability in the newly launched market and within two days of its creation, the attacker used a multi-signature wallet and time-lock function to execute critical transactions, successfully manipulating the market's collateral factors (c-factors). Despite Sonne's team quickly organizing a response to the attack and suspending the market within 25 minutes of discovering the issue to minimize further losses, approximately $6.5 million in funds were still retained. Sonne's team is working hard to track down the identity of the attacker and has offered a bounty to the attacker in the hopes of returning the funds to avoid further investigation. At the same time, Sonne's team sincerely apologizes for this incident and is reaching out to all possible partners to try to recover the funds.

  • A certain address may have lost assets worth about $4.3 million due to private key leakage

    According to CertiK monitoring shows that due to suspicious transactions, preliminary evidence suggests that the private key may have been leaked, and a total of approximately $4.3 million worth of assets have been transferred to the address 0x2705.

  • Chainalysis: Around $24 Million in Crypto to be Stolen by Impostors and Tax Authorities in 2023

    According to Chainalysis, by 2023, approximately $24 million worth of cryptocurrency will be stolen through impersonation and tax authority scams. The company estimates that as of April 2024, the total amount stolen will be close to $17 million.

  • Multisig Exploit hacker-related addresses become active and launder money

    Multisig Exploit's hacker attack was the first hacker attack in ETH's history, with over 150,000 ETH stolen, worth about $30 million at the time (back in July 2017). Today it is worth nearly $450 million, and more than 80,000 ETH is still involved in the addresses starting with 0xb37647. The address has sent about 70,000 ETH to seven different addresses, each with 10,000 ETH. In recent months, these different addresses have been slowly laundering the money. One of the addresses starting with 0x5167052 has recently become active again.

  • TON community member: Some TON wallets received virtual account NFTs starting with "888", which is a phishing project

    On May 13th, according to a member of the TON official community, a new NFT with a virtual number starting with "888" has been added to the TON wallet. However, the transaction fee for each transfer is as high as 1 TON, which is caused by the fishing project changing the Gas.

  • The address that defrauded 1,155 wBTC has returned more than 96% of the funds to the victims

    Blockchain data shows that the address poisoning attacker lured users to send 1,155 Wrapped Bitcoins (wBTC) (valued at $68 million at the time) to them. The attacker has returned almost all of the stolen funds. These funds were exchanged for Ethereum (ETH) during the attacker's holding period, and the price of ETH has since fallen. However, the attacker returned about 22,960.07 ETH, worth about $65.7 million, which accounts for over 96% of the initial stolen funds in terms of US dollar value.

  • TrumpAI tokens on Ethereum have been RUG

    PeckShield has monitored that the TrumpAI token on the Ethereum blockchain has fallen by 100%. An address starting with 0x935A sold 5,000,000,000,000,000,000,000 TrumpAI tokens, which is about 26.57 WETH (approximately $80,000). Note: rugpull tokens have the same name as legitimate tokens.

  • WOOFi attacker address has transferred 100 ETH to Tornado cash

    PeckShield monitoring shows that the address marked by the WOOFi attacker has transferred 100 ETH to Tornado cash. The WOOFi attacker has already transferred 2200 ETH (worth about $6.5 million) to Tornado cash.

  • Market News: South Africa authorizes 75 companies as cryptocurrency service providers

    According to Jinshi news, South Africa has authorized 75 companies as cryptocurrency service providers.

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company