Lưu trữ cho từ khóa: CryptoCurrency

DeFi

Post-mortem reveals stealthy malware injection led to $50m Radiant Capital exploit

Để lại phản hồi

Radiant Capital attackers used malware to hijack developer wallets and swipe over $50 million in assets.

According to Radiant Capital’s post-mortem report, the attack on Oct. 16, 2024, which led to losses upwards of $50 million, was “one of the most sophisticated hacks ever recorded in DeFi.”

The attackers compromised the hardware wallets of at least three Radiant developers through a sophisticated malware injection, though it is believed that more devices may have been targeted. 

The malware manipulated the front-end interface of Safe{Wallet} (formerly known as Gnosis Safe), displaying legitimate transaction data to the developers while executing malicious transactions in the background. 

The attack was executed during a routine multi-signature emissions adjustment process, which takes place periodically to adapt to changing market conditions. Despite multiple layers of verification through Tenderly simulations and manual reviews, no anomalies were detected during the signing process, the report added.

The attackers took advantage of Safe App transaction resubmissions, a common occurrence due to issues like gas price fluctuations or network congestion. By mimicking these routine errors, the attackers collected multiple compromised signatures unnoticed, eventually signing the “transferOwnership” function, which transferred control of Radiant’s lending pools to the attackers.

The breach affected Binance Smart Chain (BSC) and Arbitrum, with the attackers using these signatures to alter smart contracts, specifically exploiting the transferFrom function as previously reported by Web3 security firm De.Fi. This allowed them to drain assets from users who had granted approval to the lending pools.

Further, the report added that many protocols might be at risk and suggested several preventative measures. These include implementing multi-layer signature verification, using an independent device for verifying transaction data, avoiding blind signing for critical transactions, and setting up error-triggered audits to catch potential issues before signing.

In an Oct. 18 X post, Independent programmer Daniel Von Fange noted that the attackers were still draining any assets being transferred to the compromised wallets and advised users to quickly revoke any approvals they had given to the affected contracts to avoid further losses.

Post-hack measures

Radiant Capital has since paused its lending markets on BNB Chain and Arbitrum. In an Oct. 17 X post, Radiant confirmed it was working with several cybersecurity firms, including SEAL911, Hypernative, and Chainalysis, to investigate the incident and recover the stolen assets.

The lending protocol’s immediate preventive measures include generating fresh cold wallet addresses using uncompromised devices for each member of the Safe, reducing the number of signers to 7, and increasing the signing threshold to 4 out of 7. Further, contributors will also double-confirm transaction data for each transaction using the input data decoder on Etherscan to ensure added accuracy before signing.

The company is also working with U.S. law enforcement agencies to freeze the stolen funds and trace the attackers while collaborating with ZeroShadow to analyze the digital footprint left by the exploiters.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

POPCAT jumps 13.6% as analysts eye new highs

Để lại phản hồi

Popcat emerged as the top gainer of the day, fueled by improved community sentiment and a notable jump in its futures open interest.

Popcat (POPCAT) is up 13.6% in the past 24 hours and is trading at $1.37 at the time of writing. Its price has also appreciated 90.5% over the last 30 days, with its market cap surging to $1.33 billion. A spike in 24-hour volume to $151.8 million confirms the growing interest.

The broader crypto community remained predominantly bullish on Popcat’s prospects, according to data from CoinMarketCap.

POPCAT’s price rally coincided with a rise in futures open interest. According to CoinGlass data, open interest in futures market jumped by 21% over the last 24 hours, indicating traders’ growing interest in the meme coin.

The number of Popcat holders has also surpassed 80,000, an indicator of expanding community participation and investor confidence.

On the 1D POPCAT/USDT chart, the meme coin’s price currently stands above its middle Bollinger band suggesting a potential continuation of the bullish trend. Moreover, the Relative Strength Index has fallen from its Oct. 12 overbought levels and currently stands at 60 suggesting there is still room for further gains before hitting the overbought zone again.

POPCAT 1D price, Bollinger Bands, and RSI chart — Oct. 18 | Source: crypto.news

Meanwhile, analysts are optimistic about Popcat. Per pseudo-anonymous market analyst Trading Tank, POPCAT is currently heading toward a strong resistance level at $1.54, its all-time high which also serves as the neckline of a bullish double-bottom price action pattern. 

According to the analyst, if POPCAT breaches the neckline, there is a strong possibility that the meme coin could reach a new high in the short term.

They also highlighted Popcat’s next potential targets. According to them, the meme coin faces resistance at $1.9250. Should bulls manage to break above this, the next targets could be $2.3850 and $3.310.

Other analysts have predicted much more bullish targets for Popcat. 

In an Oct. 17 post on X, Trade4ddict suggested that Popcat could continue its ascent toward $4, given its recent breakout above the $1 resistance level. Analyst Murad shared a similar outlook, forecasting that POPCAT could reach $5-$6.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Worldcoin rebrands to ‘World,’ debuts layer-2 network and new features

Để lại phản hồi

Worldcoin has rebranded as World, alongside the launch of its Ethereum layer-2 network World Chain, and unveiled several key developments.

During its Keynote address on Oct. 17, Worldcoin founder Sam Altman announced the rebranding alongside upgrades for its iris-scanning Orb devices. The company has already rebranded to “World,” and the change is now visible across its social media platforms and website.

Meanwhile, the new Orb devices are getting an upgrade with Nvidia hardware, making it up to five times more powerful than before, all while shrinking in terms of its carbon footprint and needing fewer parts. 

The new Orbs will soon pop up in self-service kiosks, though they’ll initially be available only in select markets, the company added. This is expected to accelerate the deployment of proof of human verifications across the globe.

World is also expanding its identity verification beyond the Orbs, and users would be able to verify their identity via other avenues, including a program called World ID Credentials. This allows users to verify themselves using NFC-enabled government-issued passports, adding extra flexibility to the process.

The company also introduced World App 3.0, bringing new features to the platform. One of the standout additions is the World ID Deep Face feature, which the company claims can detect and block deepfakes. This tool is designed to ensure the authenticity of video content, offering users enhanced security in an era of increasing AI-generated media.

Alongside these innovations, World announced integrations with popular apps such as WhatsApp, FaceTime, and Zoom, making it easier for users to verify their identity and access World’s services within platforms they already use.

World Chain mainnet launch

The highly anticipated Ethereum layer 2 network, first announced in April, also went live following the keynote event. World Chain is expected to enhance efficiency and bring new functionality to users by integrating World ID, World App, and the Worldcoin cryptocurrency (WLD).

The network will prioritize onboarding verified human users over bots, giving them access to block space and offering an allowance of free gas to further incentivize participation.

The new blockchain already plays host to some of the top projects in the industry like Uniswap, Optimism, Alchemy, and Dune among others. 

WLD price tanks

Despite strong performance in recent weeks, the price of WLD didn’t react to the latest announcements, slipping 1.4% to $2.20 at the time of writing. However, the token remains up 28.4% over the past week and has gained over 47% in the past month.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

Bitcoin

Spot Bitcoin ETFs record over $2.1b inflows in five-day streak, breaking $20b mark

Để lại phản hồi

Spot Bitcoin exchange-traded funds recorded their fifth consecutive day of inflows on Oct. 17 led by BlackRock’s IBIT for the third straight session.

The combined inflows of the 12 spot Bitcoin ETFs reached an impressive $470.48 million on the day, marking a cumulative total of over $2.1 billion in inflows over the last five trading days.

According to data from SoSoValue, BlackRock’s IBIT ETF led the inflow surge, attracting $309 million on Oct. 17. This performance marked IBIT’s leadership for the third consecutive day.

While BlackRock’s IBIT ETF led the pack, other major players also contributed to the ongoing inflow streak. ARK Invest and 21Shares’ ARKB ETF saw $100.2 million in inflows, while Grayscale’s GBTC ETF attracted $45.7 million.

Additional support came from Fidelity’s FBTC, which recorded $11.96 million in inflows, and Franklin Templeton’s EZBC, with $3.88 million. However, seven other spot Bitcoin ETFs remained neutral with no inflows recorded on Oct. 17.

With these continued inflows, the total net inflows into the spot Bitcoin ETFs crossed the $20 billion mark, standing at $20.66 billion as of Oct. 17.

In an Oct. 17 X post, Bloomberg ETF analyst Eric Balchunas emphasized the importance of this achievement, noting that crossing the $20 billion threshold is one of the most challenging and critical metrics in the ETF world. He compared this milestone to gold ETFs, which took around five years to reach the same level.

ETF Store president Nate Geraci echoed these sentiments, describing the current inflow trend as a “vacuuming up” of capital.

Spot Bitcoin ETFs surpassing $20 billion in cumulative inflows coincides with Bitcoin’s price rising above the key $65,000 level, a milestone that investors have been eagerly awaiting since the price fell below it on Sept. 30.

At press time, Bitcoin (BTC) was trading at $67,839, having experienced a 0.7% increase over the past 24 hours. Its intraday price ranged between $66,738 and $68,159, continuing the bullish momentum in the market.

Spot Ethereum ETFs see modest gains

Meanwhile, Ethereum-focused ETFs have also witnessed positive inflows. On Oct. 17, the nine available spot Ethereum ETFs recorded a combined $48.41 million in inflows, building on the previous day’s $24.22 million.

Fidelity’s FETH and BlackRock’s ETHA ETFs led the charge, attracting $31.12 million and $23.56 million, respectively.

Other contributors included Grayscale’s Ethereum Mini Trust, 21Shares’ CETH, Biwise’s ETHW, and Invesco’s QETH, with inflows of $5.13 million, $2.33 million, $1.49 million, and $518.64K, respectively.

Despite these recent gains, spot Ethereum ETFs have experienced a cumulative total net outflow of $481.9 million to date, reflecting the more volatile nature of the asset in the current market environment. At the time of writing, Ethereum (ETH) was trading at $2,619.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Fracture Labs accuses Jump trading of market manipulation in new lawsuit

Để lại phản hồi

A lawsuit filed by game developer Fracture Labs accuses Chicago-based trading giant Jump Trading of running a pump-and-dump scheme.

According to an Oct. 15 filing, Fracture Labs has accused Jump Trading of misusing its role as a market maker to artificially inflate the value of its DIO token, the native cryptocurrency for the web3 game Decimated, before offloading it for millions in profit.

Per the complaint, the two companies entered into an agreement in 2021 in which Jump would act as a market maker for the initial offering of DIO on Huobi, now known as HTX. As part of the deal, Fracture Labs lent Jump 10 million DIO tokens, worth around $500,000 at the time, and sent another 6 million tokens, valued at $300,000, to HTX.

Fracture Labs further adds that after DIO launched, HTX brought in influencers to hype up the token, which pushed its price up to $0.98, and in turn, inflated the value of the borrowed tokens to $9.8 million.

But then, according to the lawsuit, Jump dumped all its tokens, causing the price to crash down to just $0.005. After the plunge, Jump allegedly bought back the tokens for only $53,000 and returned them to Fracture Labs, effectively ending the agreement.

Fracture Labs argues that this move tanked the token’s value, making it hard for the game developer to reel in investors. 

The suit also claims that Jump Trading breached the agreement by failing to maintain DIO’s price within the limits that Fracture Labs had agreed to with HTX. Jump had promised to help keep the token’s price stable, but it didn’t follow through.

As part of the agreement with HTX, Fracture Labs transferred 1.5 million USDT into a holdings account as a guarantee that they wouldn’t manipulate the market during the first 180 days of trading. But after the price drop, HTX refused to refund most of that deposit.

As such, the lawsuit accuses Jump Trading of fraud, conspiracy, and breach of contract and is seeking a jury trial, damages, and the return of any profits Jump allegedly made from the scheme.

Legal troubles

This isn’t the first time Jump Trading has come under legal scrutiny. Last year, the market maker was implicated in a class-action lawsuit involving the alleged manipulation of Terraform Lab’s stablecoin TerraUSD (UST). 

More recently, The U.S. Commodity Futures Trading Commission launched an investigation into the firm’s investing activities. Just days later, the firm’s former president Kanav Kariya resigned.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

Web3 security firm’s mistake exposes victims of $50m exploit to wallet drainer

Để lại phản hồi

Victims of DeFi lender Radiant Capital’s exploit were thrown into further disarray when a security firm erroneously shared a link to a wallet drainer while attempting to help them.

On Oct. 17,  web3 security startup Ancilia was criticized for its negligence after it redirected victims of the attack to an X account masquerading as the DeFi lender to dupe users into visiting a malicious site designed to drain users’ assets via approval phishing.

Security experts tricked

Ancilia was the first to report the exploit on Oct. 16, which saw Radiant Capital’s smart contracts on BNB Chain and Arbitrum compromised via the ‘transferFrom’ function, allowing attackers to drain over $50 million in assets, including USDC, WBNB, and ETH.

Following the breach, Radiant urged users to revoke all approvals using Revoke.cash, a tool that allows users to disconnect their wallets from potentially malicious smart contracts, to prevent further losses. 

This step was necessary because the attackers had gained control of several private keys, allowing them to control the DeFi protocol’s multi-signature wallet by transferring ownership.

Crypto scammers jumped on the opportunity, impersonating Radiant Capital on X and pushing fake links disguised to mimic the Revoke.cash platform. Ancilia, not realizing the scam, accidentally shared the fake post, while asking users to “follow the link,” which led straight to the wallet drainer.

Deleted post from Ancilia reposting a Radiant Capital impersonator | Source: Spreek/X

If unlucky victims clicked through and connected their wallets, approving the permissions, their funds would’ve been siphoned off.

Eagle-eyed community members were quick to point out the security firm’s blunder and criticized Ancilia’s negligence as a “‘trusted’ security account.” Subsequently, Ancilia deleted the post, issued an apology, and pointed users to the original Radiant Capital account.

The severity of these scams is highlighted by the fact that the bad actors orchestrate these approval phishing campaigns from hijacked X accounts that often bear the golden verification checkmark, which is designated to verified organizations on the social media platform.

Then, by slightly modifying the account’s name and handle, scammers are able to trick web3 users. In this instance, they changed the account name to “Radiarnt Capital” instead of “Radiant Capital” and altered the handle to “@RDNTCapitail” instead of “@RDNTCapital.” While these changes may seem easy to spot, many users often miss them at first glance.

At the time of writing, several instances of the aforementioned phishing post were still live under Ancilia’s posts.

Impersonation scams

Impersonating genuine projects to trick crypto investors has become one of the most common tools for scammers to lure victims onto phishing platforms. 

Earlier this year, cybersecurity firm SlowMist warned that over 80% of the comments under posts from major crypto projects were scams. Meanwhile, a ScamSniffer report pointed out that this tactic was the go-to move for scammers, causing millions of dollars in losses for crypto investors in February.

Just a day before the recent attack, bad actors were seen running a similar campaign to dupe WLFI investors. Scammers have even targeted Revoke Cash users by impersonating the service in early September and promoting a malicious site using Google Ads.

In related news, this was the second time Radiant Capital was exploited this year. Hackers were able to get away with $4.5 million from the protocol in a January flash loan attack. 

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

DeFi Report: Ethereum generated $261m in fees in Q3, its worst performance since Q4 2020

Để lại phản hồi

In a recent analysis published by the DeFi Report, Ethereum’s network fees generated $261 million in Q3-2024, down 47% compared to the last quarter. Ethereum’s layer 1 fees in Q3 were the lowest the network has seen since Q4 of 2020.

In “The ETH Report: Q3-24” published on Oct. 16, Ethereum(ETH)’s layer 1 in Q3 of 2024 were shown to be the lowest since 2020. The DeFi Report believes that this is due to the emerging growth of layer 2 networks, the introduction of EIP 4844, and the decrease of new crypto users in Q3.

Not only that, the report revealed that Ethereum’s Total Value Locked dropped 14% in the quarter but was up 133% over the last year. The token itself was down 21% this quarter, with more tokens being issued than burned on the network.

In their analysis, the DeFi Report stated they predicted the dip in Ethereum’s fees as a result of
the added EIP4844 update, the introduction of modular data availability network Celestia as well as new cheaper data availability networks popping up.

The launch of Uniswap Labs’ new latest layer 2 solution, Unichain, could also bring about more loss to Ethereum.

“The optics don’t look great. Fees are down. Inflation is up. Uniswap (controls 20% of gas fees to Ethereum validators) is now building their own L2,” said the DeFi Report in their latest analysis.

The founder of DeFi Report, Michael Nadeau, said Ethereum validators could use the opportunity to increase transactions and burn more tokens by driving down fees, which could boost token demand and bring in more profit for the network

“We view this as a win, win, win for app developers, users, and ETH validators or holders. With that said, as L2s scale, we expect that there could be a period where L1 validator revenues drop until the new supply of block space is ultimately filled by new use cases coming to market,” he wrote in The Ethereum Investment Framework.

Earlier this week, Nadeau commented in an X post that Ethereum validators and token holders could lose around $368 million in settlement fees paid by Uniswap with the launch of Unichain. Instead, the funds will go to Uniswap Labs and possibly Uniswap token holders.

ETH token holders could also suffer losses due to the protocol burning less ETH and the allocation of settlement fees going to UNI token holders instead.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

MAGA, STRUMP, TREMP rally amid increasing odds of a Trump victory

Để lại phản hồi

Trump-themed meme coins surged as the odds of the former U.S. president winning the 2024 election increased on prediction markets.

MAGA Hat (MAGA), a prominent Trump-inspired token, saw its price increase by 23.8%, bringing its market valuation to $68.7 million. Similarly, Super Trump (STRUMP) climbed by 31.9%, reaching $0.0084 per token, while Doland Tremp (TREMP) rose by 20.4%, with a market cap now at $36.1 million.

The upward momentum was not limited to these coins alone, as Dark MAGA (DMAGA), a token representing a more authoritarian, dystopian version of Trump often depicted with “laser eyes,” surged by 28%, with a daily trading volume of $1.75 billion.

All these gains helped push the total market cap of political-themed tokens past $853 million. Meanwhile, the community sentiment around the tokens had also turned bullish according to Coinmarketcap data.

Trump’s odds of winning the 2024 election are fueling the recent surge in Trump-themed meme coins as the crypto community views him as a more innovation-friendly candidate for the sector. 

According to Polymarket, a crypto-based betting platform on the Polygon network, Trump holds a strong lead over Kamala Harris, with his chances pegged at 59.7% versus Harris’ 40.1%. 

The rally also coincided with the public sale of the WLFI, the governance token for the Trump family-backed DeFi project World Liberty Financial platform. The debut of WLFI, through a public offering, has boosted the visibility of political-themed tokens, drawing attention from both the crypto community and Trump’s supporters.

Political-themed meme coins like MAGA Hat and Dark MAGA often gain traction around election cycles, only to lose relevance after the event concludes. Traders often refer to these tokens as “event coins,” as their value tends to fluctuate based on the timing of political milestones. 

While these coins may witness short-term gains tied to the ongoing election season, their long-term viability remains uncertain. 

That said, if Bitcoin (BTC) makes a notable move, there’s a good chance these meme coins could catch another wave. After all, meme coins have a track record of thriving when Bitcoin is on a bull run, and this time might not be any different.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News

DeFi

DeFi remains popular amid explosion in crypto usage: a16z report

Để lại phản hồi

The decentralized finance ecosystem continues to grow despite recent challenges as overall crypto usage hits record levels, venture capital firm Andreessen Horowitz (a16z) said in a new report.

In its “State of Crypto” report published on Oct. 16, a16z noted that the crypto industry has witnessed a major spike in activity over the past year. The growth trajectory for the industry is “reminiscent of early internet adoption.”

For instance, September 2024 saw 220 million addresses interact with protocols across the blockchain ecosystem—more than triple the figures recorded in late 2023. About 100 million of these active addresses were on Solana (SOL), a blockchain network that has registered a massive spike in activity.

As well as Solana, other networks to see a significant increase in active addresses are Near Protocol (NEAR), Coinbase’s layer-2 network Base, Tron (TRX) and Bitcoin (BTC).

Stablecoin and crypto regulation

The report also highlighted several growth metrics and key issues surrounding the crypto industry since a16z’s first State of Crypto report in 2023.

One major takeaway is that crypto has become a significant political issue amid the U.S. election. However, the United States lags behind the European Union and the United Kingdom in public engagement regarding crypto regulation.

The market has also seen considerable developments around stablecoins, including their regulation and usage. Notably, stablecoins have grown to become one of the top 20 holders of U.S. Treasury securities, with a Coinbase report showing marked growth in Q3, 2024. Major players include Tether’s USDT and Circle’s USDC.

Additionally, infrastructure improvements and the increasing intersection of blockchain technology and artificial intelligence have further bolstered the industry’s growth.

DeFi continues to grow

DeFi has been one of the areas of crypto that saw the most usage across daily active addresses in the past year.

“Since DeFi’s arrival in the summer of 2020, decentralized exchanges, or DEXs, have grown to account for 10% of spot crypto trading activity — all of which occurred on centralized exchanges just four years ago,” the reports reads.

DeFi protocols across the ecosystem now account for over $169 billion in total value locked. Top platforms include Lido, Aave, Uniswap, EigenLayer, WBTC, and ether.fi. These decentralized platforms continue to attract users as traditional financial institutions, such as U.S. banks, face ongoing challenges.

According to a16z, top blockchains in terms of builder activity or interest include Ethereum (ETH), Solana and Bitcoin.

While Ethereum still attracts the most developer activity, with 20.8% of builders, Solana has seen significant growth in this sector, increasing from 5.1% in 2023 to 11.2% in 2024.

Base also recorded a notable jump in developer activity, rising from 7.8% to 10.7% year-over-year. Bitcoin, which has registered a surge in DeFi-related activity, saw an increase in builder interest from 2.6% to 4.2%.

Tổng hợp và chỉnh sửa: ThS Phạm Mạnh Cường
Theo Crypto News