This week, CoinEX and investor Mark Cuban were counting losses as hacks persisted. Despite these setbacks, Deutsche Bank, PayPal, and Franklin stepped into the crypto limelight.
A slew of hacks
Much like the previous weeks, crypto-related hacks dominated the scene this week. Vitalik Buterin, co-founder of Ethereum, faced a cybersecurity breach on his X account.
Sadly, this breach resulted in significant financial losses, totaling $691,000 for unsuspecting users who fell victim to a phishing scam spread by the hackers using Buterin’s account.
Shortly after the attack on Buterin’s X account, reports revealed that Seychelles-based crypto exchange Remitano had fallen victim to a hack, leading to up to $2.7 million in losses. The attack occurred on Sept. 14 and involved the movement of tokens such as USDT and USDC across three chains.
Furthermore, hackers leveraged a flaw in GALA’s contract following the project’s recent upgrade which resulted in the creation of another GALA token. These bad actors began spamming the old GALA token in deposits to several exchanges to exploit fake top-up vulnerabilities.
CoinEX suffers multi-million dollar exploit
Hong Kong-based cryptocurrency exchange CoinEX also faced a security breach on Sept. 12. Reports suggest there were losses of up to $27.8 million in various crypto assets from their Ethereum hot wallet.
As the incident continued to unfold, subsequent reports revealed that losses amounted to as much as $54 million.
The notorious Lazarus Group, a hacker organization with suspected ties to the North Korean government, again came under scrutiny in connection with the CoinEX hack.
Reports from blockchain platform SlowMist and on-chain sleuth ZachXBT pointed the finger at Lazarus as the likely perpetrators of the recent attack on the cryptocurrency exchange CoinEx.
Notably, the same wallets implicated in the CoinEx breach are believed to have been involved in stealing a substantial $41 million from Stake.com, a crypto-based sports betting platform.
The FBI had previously attributed the Stake.com attack to Lazarus. Interestingly, on-chain data further supports this suspicion by connecting a network of addresses to both the CoinEx and Stake.com thefts.
On Sept. 15, CoinEx adopted a unique strategy to retrieve the funds. They reached out to the hackers in an open letter on X, inviting them to discuss a possible solution. CoinEx even offered a reward for the return of the stolen assets, along with contact information and guidance to contact their team.
Lazarus Group’s shenanigans
Interestingly, investigations from this week drew a worrisome connection between North Korea’s Lazarus Group and a string of cryptocurrency hacks.
These cyberattacks, occurring over a mere 102 days, have resulted in the staggering theft of over $270 million in digital assets from major crypto platforms.
This revelation comes to light through a comprehensive list of the most recent and massive crypto-related breaches, thoughtfully compiled by MetaMask’s lead product manager, Taylor Mohana, with valuable contributions from the well-known on-chain investigator, ZachXBT.
Moreover, on Sept. 12, before the CoinEX attack, blockchain security firm SlowMist disclosed that the Lazarus Group might have set its sights on the cryptocurrency sector.
Findings from SlowMist uncovered a disconcerting reality of the hacking group employing advanced persistent threat (APT) attacks to infiltrate platforms in the cryptocurrency scene.
Mark Cuban loses $870K in MetaMask hack
On-chain investigator Wazz revealed on Sept. 16 that one of billionaire Mark Cuban’s crypto wallets was exhibiting strange behavior amid multiple outflows in minutes.
Cuban substantiated the claims in a statement to DL News, noting that the exploit could have resulted from a bogus MetaMask wallet he downloaded. The investor managed to save $2 million worth of assets by transferring them out of the wallet before the hackers got a hold of them.
PayPal, Sony dive deeper into web3
Amid these hack-related challenges, adoption persisted into this week. Payments giant PayPal delved deeper into the crypto scene with the introduction of a comprehensive on and off-ramp feature.
The feature essentially gave PayPal’s merchants the opportunity to present web3 payments access to their customers using PayPal’s services. The development marked PayPal’s latest foray into the crypto scene.
On Sept. 12, Sony and Startale Labs revealed plans to forge a partnership to pioneer a blockchain project that could revolutionize the web3 landscape. Under the name “Sony Network Communications Labs Pte. Ltd.,” this venture aims to redefine the future of digital infrastructure.
Deutsche Bank and Franklin showing interest
PayPal and Sony were not the only giants looking to leverage blockchain offerings this week. Deutsche Bank, a global German-based financial institution, made an entry into the crypto and blockchain sphere on Sept. 14 in collaboration with Swiss firm Taurus.
In this partnership, Deutsche Bank’s primary focus is to offer custody services for specific cryptocurrencies and stablecoins, with a particular emphasis on serving institutional clients within their domestic regions.
Additionally, Franklin Templeton, a large asset management firm overseeing $1.5 trillion in assets, took a significant step by formally applying for regulatory clearance to introduce a Bitcoin exchange-traded fund (ETF) in the United States.
Their strategy entails the debut of the Franklin Bitcoin ETF on the Cboe BZX Exchange, aligning with Coinbase as the fund’s custodian. Additionally, they designated the Bank of New York Mellon to safeguard the financial capital of the investment vehicle. Franklin joined a slew of financial giants looking to launch similar products.
Binance US downsized its staff significantly, parting ways with 100 employees, which represents a reduction of one-third of its workforce. This restructuring followed the departure of CEO Brian Shroder.
According to Bloomberg News, Chief Legal Officer Norman Reed will step in as the interim CEO during this transitional period.
BinanceUS attributed the layoffs to regulatory hurdles posed by the SEC, which have impacted their operations and hindered their innovative efforts. The parent firm, Binance, had filed a joint motion with the SEC to seal confidential information in the ongoing lawsuit.
Interestingly, the U.S. SEC came up on Sept. 15 to allege that BinanceUS was not complying with the investigation into its operations.
The regulatory agency claimed that the exchange was leveraging a custody service called Ceffu facilitated by its parent firm. According to the SEC, this move violates the earlier agreement to prevent the movement of assets outside the U.S.
A few days after reports of Shroder’s departure, BinanceUS lost two more prominent staff members. The firm’s legal head Krishna Juvvadi and its chief risk officer Majalya Sydney were the latest to leave.