Thursday, December 5, 2024
HomeCryptocurrency hackHackers Stealing More Than $280 Million Per Month From Crypto Transactions

Hackers Stealing More Than $280 Million Per Month From Crypto Transactions

Published on

SIEM as a Service

Due to new traders and an unbelievable increase in value, recently, the decentralized crypto market witnessed extensive penetration. Here the main reason behind this huge influx is the recent unexpected price hikes of bitcoin and Ether.

Moreover, the report of May 2021 has shown that in total more than $58 billion of cryptocurrencies were exchanged across decentralized exchanges (DEXes).

Unlike Coinbase or Binance, the DEXes are fully decentralized, in short, the decentralized exchanges are not operated by any individual entity, here, you can get full control of your funds, transactions, and account.

- Advertisement - SIEM as a Service

Front-runners

In decentralized exchanges (DEXes) all the cryptocurrency transactions that are made, remain open to all, since the decentralized exchanges (DEXes) are not operated by any individual entity, and this is known as “mempools.”

Now here comes the role of front-runners; to loot others’ profit, the front-runners lure or target the naive traders and make them pay extra for their transactions.

Before the completion of others’ transactions on the blockchain, the front-runners can exploit the pending transactions data to jump in with their own; and to do so, they use several techniques since they have access to the mempools.

In general, all the incoming transactions remain locked into a smart contract in decentralized exchanges, but, due to public blockchain technologies the front-runners get access to the mempools and as a result, they can see all the incoming transactions that are locked into a smart contract.

Front-runners or Hackers Steal More than $280 million

The front-runners borrow a higher transaction fee from the innocent traders for placing the order as soon as they see an opening, by skipping the queue with the help of their bots.

In short, here the normal trader becomes the victim of these front-runners, and ultimately they bear hefty losses, as reported by CyberNews.

By utilizing the MEV Explore and MEV Inspect tools of Flashbots the security researchers at CyberNews have claimed that they have managed to discovered the magnitude of the losses induced by the front-runners.

They selected the time frame of 30 days, which is from April 24 to May 24, between this time frame, they have extracted drained value and all the key details.

In their investigation, they found that each day from the overall transactions the front-runners have hacked illicit profit of $12 million. In short, the hackers have hacked $280 million, a hefty amount of monthly revenue from traders, resulting in billions of dollars on a yearly basis. 

Most affected decentralized exchanges

The researchers have listed the most affected decentralized exchanges from where the hackers have extracted millions:-

  • Uniswap: Hackers drained 43%
  • SushiSwap: Hackers drained 23%
  • Balancer: Hackers drained 11%
  • Curve: Hackers drained 8.8%
  • dYdX: Hackers drained 7.7%
  • Other exchanges: Hackers drained 6.5%

Front-running – A big threat to DEXes

Since there’s a lack of mitigating tools or mechanisms, the front-running could be a big unaddressed threat to the DEXes. Eventually, this situation is steadily slow posing the entire ecosystem of decentralized finance.

However, for now, the security experts at CyberNews have strongly recommended the traders to avoid placing the high-value trades on any decentralized exchanges to avoid big losses.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks

I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and...

ChatGPT Next Web Vulnerability Let Attackers Exploit Endpoint to Perform SSRF

Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the...

Cisco NX-OS Vulnerability Allows Attackers to Bypass Image Signature Verification

A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially...

Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data

Brain Cipher has claimed to have breached Deloitte UK and exfiltrated over 1 terabyte...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Beware Of Malicious PyPI Packages That Inject infostealer Malware

Recent research uncovered a novel crypto-jacking attack targeting the Python Package Index (PyPI), where...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

North Korean Hackers Employing New Tactic To Acruire Remote Jobs

North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their...