Cointime

Cointime

Download App
iOS & Android
Home / Security

CFTC Commissioner Warns Hackers in 2023 ‘More Coordinated, Innovative, and Resourced’

June 21 (Cointime) - During her speech at the FIA International Derivatives Expo Conference, Christy Goldsmith Romero, Commissioner at the U.S. Commodity Futures Trading Commission (CFTC), warned that cyber hackers are becoming more coordinated, innovative, and resourced.

She highlighted the trend of cybercriminals seeking refuge in nation-states such as China, Russia, North Korea, and Iran and emphasized that they will exploit any vulnerability they can find.

Romero also noted that the combination of ransomware, zero-day vulnerability, and third-party servicer vulnerability, along with the increasing use of artificial intelligence, poses a challenging landscape for cybersecurity.

To combat this growing threat, she proposed five pillars, including a proportionate and appropriate strategy, adherence to generally recognized norms and best practices, and collaboration between regulators, industry participants, and the government.

Cybersecurity collaboration
Comments

All Comments

Recommended for you

  • Rugpull occurs on Ethereum with fake NOT tokens

    PeckShield has monitored that the fake token Notcoin (NOT) on Ethereum has dropped 100%. An address starting with 0xE0eB sold 1,645,040,633,338,481.95 NOT and exchanged it for 93.5 WETH (valued at $281,000 USD). Note: Rugpull tokens have the same name as legitimate tokens.

  • The Sonne Finance hacker address has exchanged 56 WBTC into about 1,185 ETH

    According to PeckShield's monitoring, Sonne Finance hacker address 0x6277...4c07 has exchanged 56 WBTC for approximately 1,185 ETH and 3 WBTC for 183,000 DAI.

  • Sonne Finance: This attack was a donation attack. We are investigating the attacker and have suspended the market.

    Sonne Finance released an attack analysis report. This was a donation attack. Sonne had avoided this problem in the past by adding a collateral factor of 0% to the market, adding collateral and then destroying it, and only then increasing c-factors according to the proposal. Sonne recently passed a proposal to add the VELO market to Sonne. This transaction was arranged on a multi-signature wallet, and c-factors were arranged to be executed within 2 days due to the time lock. When the 2-day time lock for creating the market ended, the attacker executed 4 of the transactions and then executed the transaction to add c-factors to the market. The attacker was able to use the protocol to obtain approximately $20 million in funds through a known donation attack. Seal contributors quickly noticed this issue and reserved approximately $6.5 million by adding VELO worth approximately $100 to the market. Sonne is investigating the attacker and has suspended the market to mitigate further losses. Sonne is prepared to offer a bounty to the attacker and promises not to pursue the issue further if the attacker returns the funds.

  • Sonne Finance confirms attack, but still has about $6.5 million in funds

    On May 15th, Sonne Finance announced that its Optimism protocol had suffered a known donation attack, resulting in a loss of approximately $20 million. The attack exploited a vulnerability in the newly launched market and within two days of its creation, the attacker used a multi-signature wallet and time-lock function to execute critical transactions, successfully manipulating the market's collateral factors (c-factors). Despite Sonne's team quickly organizing a response to the attack and suspending the market within 25 minutes of discovering the issue to minimize further losses, approximately $6.5 million in funds were still retained. Sonne's team is working hard to track down the identity of the attacker and has offered a bounty to the attacker in the hopes of returning the funds to avoid further investigation. At the same time, Sonne's team sincerely apologizes for this incident and is reaching out to all possible partners to try to recover the funds.

  • A certain address may have lost assets worth about $4.3 million due to private key leakage

    According to CertiK monitoring shows that due to suspicious transactions, preliminary evidence suggests that the private key may have been leaked, and a total of approximately $4.3 million worth of assets have been transferred to the address 0x2705.

  • Chainalysis: Around $24 Million in Crypto to be Stolen by Impostors and Tax Authorities in 2023

    According to Chainalysis, by 2023, approximately $24 million worth of cryptocurrency will be stolen through impersonation and tax authority scams. The company estimates that as of April 2024, the total amount stolen will be close to $17 million.

  • Multisig Exploit hacker-related addresses become active and launder money

    Multisig Exploit's hacker attack was the first hacker attack in ETH's history, with over 150,000 ETH stolen, worth about $30 million at the time (back in July 2017). Today it is worth nearly $450 million, and more than 80,000 ETH is still involved in the addresses starting with 0xb37647. The address has sent about 70,000 ETH to seven different addresses, each with 10,000 ETH. In recent months, these different addresses have been slowly laundering the money. One of the addresses starting with 0x5167052 has recently become active again.

  • TON community member: Some TON wallets received virtual account NFTs starting with "888", which is a phishing project

    On May 13th, according to a member of the TON official community, a new NFT with a virtual number starting with "888" has been added to the TON wallet. However, the transaction fee for each transfer is as high as 1 TON, which is caused by the fishing project changing the Gas.

  • WinRAR Zero-Day Vulnerability Allowed Hackers to Breach Crypto and Stock Trading Accounts

    Developers of the file compression software WinRAR have fixed a zero-day vulnerability that was being exploited by hackers to install malware on unsuspecting victims' computers. The vulnerability allowed hackers to breach online crypto and stock trading accounts. The exploit was used for approximately four months, during which time malicious RAR and ZIP archives were distributed on trading forums, infecting at least 130 devices.
  • Blocknow 大咖访谈 ·

    Conversation with Double Jump Tokyo: Interoperability will be an important factor in the success or failure of Chain Touring

    Interoperability will be an important factor in the success or failure of Chain Touring.
    Conversation with Double Jump Tokyo: Interoperability will be an important factor in the success or failure of Chain Touring

Daily Must-Read

Popular Activities

Delysium $AGI & AI Private Yacht Party

Delysium $AGI & AI Private Yacht Party

March 27 - March 27
Seoul

Popular Tags

Cointime
News
Contents
RSS
Company