New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Approximately $55 Million Stolen from bZx DeFi Platform

Blockchain security firm SlowMist has estimated that $55 million (USD) or more in cryptocurrency was stolen by cyber criminals from the bZx Decentralized Financing (DeFi) platform. bZx publicly disclosed that one of their platform developers clicked on a phishing email attachment that contained a malicious macro embedded into it. The later stages of the attack emptied the developer’s personal cryptocurrency wallet and stole private keys that were being utilized by the platform for integration with the Polygon and Binance Smart Chain (BSC) blockchains. As a result, criminals were able to use these private keys to steal cryptocurrency from the Polygon and BSC funds, as well as from any users who enabled unlimited spending tokens for Polygon and BSC on their accounts. bZx has said it is working with cryptocurrency exchanges to track the attacker and freeze exchanges in an effort to return as many of the stolen funds as possible.

Analyst Notes

bZx has made a public announcement that it is willing to pay a bounty to the alleged perpetrators if the funds are returned. This strategy was successfully pursued in the larger $600 million (USD) hack of PolyNetwork earlier this year. In that incident, all of the stolen funds were returned in exchange for a legally paid bug bounty and a contract that would discourage law enforcement prosecution. It remains to be seen whether the alleged criminals behind the bZx theft respond favorably to this announcement. The ease of this theft illustrates that is essential that private keys for production environments are protected and separated from development and other work environments.