Crypto news outlet CryptoPotato reported that cybersecurity firm Unciphered has discovered a decade-long vulnerability in encrypted wallets that affects browser-based wallets generated between 2011 and 2015. This vulnerability could potentially allow malicious actors to steal up to $2.1 billion from various network wallets, including Bitcoin (BTC), Dogecoin (DOGE), Litecoin (LTC), and Zcash (ZEC).The company stated that assets worth $100 million in wallets generated before March 2012 were vulnerable to being hacked by home computer users. Additionally, at least $500 million worth of assets in wallets created between then and 2015 were at risk. Unciphered has already quietly warned affected users that their assets are at risk.
Welcome Back
Click “Sign in” to agree to Cointime’s Terms of Service and acknowledge that Cointime’s Privacy Policy applies to you.
Join CoinTime
Already have an account?
Click “page.Sign up” to agree to Cointime’s <a class="underline" href="#term-of-service">Terms of Service</a> and acknowledge that Cointime’s a class="underline" href="#privacy-policy">Privacy Policy</a> applies to you.
Sign in with email
Sign up with email
Your email
Check your inbox
Click the link we sent to to sign in.
Click the link we sent to to sign up.
Ancient crypto wallet vulnerability could lead to $2.1 billion stolen
-
Wechat scan to share
Recommended for you
-
Slurpycoin on BSC was attacked by flash loans, and the attacker used the repurchase mechanism to manipulate the token price for profit
According to CertiK Alert monitoring, Slurpycoin on BSC has suffered a flash loan attack. The attacker manipulated the token price using a buyback mechanism and made a profit of about $3,000 from sandwich arbitrage. This attack is also responsible for the $10,000 loss of MRP tokens on July 2. -
Europol seizes over $26 million in crypto from nine drug traffickers
On December 19th, the European police organization collaborated with law enforcement agencies from six countries to dismantle an international drug trafficking group that used cryptocurrency. The operation resulted in the arrest of 9 suspects. During the operation, valuable items including gold and luxury goods, €35,000 in cash, and €25 million in cryptocurrency (equivalent to $26.23 million) were seized. The total value of assets seized was €27 million, equivalent to $28.33 million. -
Phishers forge Ledger emails, send fake security breach notifications to trick users into sharing seed phrases
scammers are forging support emails from hardware wallet manufacturer Ledger, in order to trick users into sharing their seed phrases under the guise of checking for security vulnerabilities. Ledger users have reported that phishing scammers are forging support emails from the cryptocurrency hardware wallet provider in order to trick users into revealing their wallet keys. -
Anthropic X account was hacked, it has been restored and confirmed that no system was damaged
official X account of the artificial intelligence startup company Anthropic was hacked this morning and an unknown token contract address was posted. The tweet has since been deleted. Anthropic stated that the root cause of the unauthorized post on the account has been identified and confirmed that no Anthropic system or service was compromised or involved in this incident. -
Nigeria raids crypto fraud den, nearly 800 suspects arrested, including citizens of many countries
the Economic and Financial Crimes Commission (EFCC) of Nigeria raided a cryptocurrency scam center in Lagos on December 10th, arresting 792 suspects, including 148 Chinese citizens and 40 Filipino citizens. The organization primarily targeted North American and European users for Ponzi schemes, forcing victims to transfer funds for false cryptocurrency plans and other non-existent projects. -
ZachXBT: LastPass attackers stole approximately $5.36 million in crypto assets from more than 40 addresses
On December 17th, Chain analyst ZachXBT revealed that LastPass attackers launched attacks on more than 40 victim addresses, stealing approximately $5.36 million in encrypted assets. The attacker then exchanged the stolen funds for ETH and transferred the assets from the Ethereum network to the Bitcoin network through multiple instant exchanges, attempting to conceal the flow of funds. -
On-chain trading tool SolTradingBot suspected of being attacked
On December 17th, according to community reports, the on-chain trading tool SolTradingBot was suspected to have been attacked, and some users reported that their funds were stolen. Please be aware of the risks. -
Arizona man allegedly impersonated Uber driver to steal $300,000 in cryptocurrency
According to a report by Cointelegraph, a man in Arizona, USA is suspected of impersonating an Uber driver and stealing $300,000 worth of cryptocurrency. The Scottsdale Police Department has charged Nuruhussein Hussein with pretending to be an Uber driver twice in March and October of this year, and specifically talking to passengers by name to lure them into waiting outside the W Hotel in Scottsdale. Once in the car, Nuruhussein Hussein asked to borrow the passengers' phones, then used them to access their Coinbase accounts and transfer cryptocurrency. Nuruhussein Hussein will appear in court again on December 18th. -
SlowMist CISO: Cryptocurrency Stealing Trojan MacOS Stealer Open Source
23pds, the Chief Information Security Officer of SlowMist, tweeted that the cryptocurrency theft Trojan MacOS Stealer has been open-sourced. Previously, its attack source code was sold for 1 BTC, but now that it is open-sourced, more malicious attackers can easily obtain this tool. This may not only allow attackers to have an attack library at their disposal, but may also give rise to more covert and complex attack methods, posing greater challenges to the security of cryptocurrency assets. -
Pudgy Penguins Security Director: Appeared in PENGU token-related phishing email attacks, reminding the community to be cautious
Beau, the security person in charge of the blue-chip NFT project "Pudgy Penguins", posted on X platform that phishing emails related to PENGU tokens have been found in the community. The community is reminded to be cautious and to verify all content on official channels to ensure their legitimacy. Token news will only be released on Pudgy Penguins' official X account and Discord channel. In addition, Pudgy Penguins has not provided any website for token listing and claiming so far.
Daily Must-Read
-
Uniswap Labs, UNI holders could make $468M a year from new L2: DeFi Report
-
Avalanche Foundation to buy back nearly 2M AVAX sold to Terra in 2022
-
Gold Fever Hits Costco: 77% of Stores Sell Out Amid Soaring Demand for Bullion
-
$500M Bitcoin Buried in Landfill: Man Sues City After Decade-Long Battle for Recovery
-
Former BAYC creative director Jeff Nicholas joins Meta’s Reality Labs
-
Why is Solana's Dogwifhat (WIF) memecoin crashing?
All Comments