The SIR.trading platform, an Ethereum-based DeFi protocol, was severely hacked, losing $355,000. This incident adds to the string of threats facing the crypto world, including the recent detection of the Crocodilus malware.
Attack on SIR.trading: Causes and Impact
The DeFi protocol SIR.trading, also known as Synthetics Implemented Right, suffered a major hack on March 30. The total value locked (TVL) in the protocol, then amounting to approximately $355,000, was completely drained. The hack was first identified by blockchain security firms TenArmorAlert and Decurity, who alerted the community via social media. The attack took advantage of a vulnerability in the vault contract's callback function, using Ethereum's transient storage feature. Hackers replaced the real Uniswap pool address in the callback function with one they controlled, enabling them to siphon the protocol’s funds into their wallet.
Crypto's Biggest Ever Hack
The crypto industry was rocked when the North Korea-linked Lazarus Group executed the largest crypto hack in history. In February 2024, they attacked the Bybit crypto exchange, stealing over $1.4 billion. This incident highlighted the vulnerability of even the most secure centralized exchanges to sophisticated cyberattacks. The Lazarus Group's wave of hacking coincided with geopolitical developments, allowing them to focus their efforts on preparing for this massive attack.
Threat to Crypto Wallets: Crocodilus Malware
Researchers from Threat Fabric have uncovered a new malware targeting Android devices, known as Crocodilus. This malware is designed to steal cryptocurrency wallet seed phrases, representing a serious threat to users. It uses fake overlay screens to trick users into divulging their sensitive information. Crocodilus also has the capabilities of modern banking malware, such as screen capture, remote device control, and fake overlay attacks. The malware primarily targets users in Turkey and Spain, but experts caution that its reach may expand.
Recent events have demonstrated the increasing wave of sophisticated cyber threats facing the crypto world. From DeFi protocol hacks to novel types of malware, security remains a pressing concern. Users and developers alike must remain vigilant and work hard to enhance the protection of digital assets.
