Cryptohack Roundup: Solana npm Package Attack’s Wallet Risks – Source: www.govinfosecurity.com

Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime

Also, Man Who Stole $3.5M of Cloud Computing to Mine $1M in Crypto Pleads Guilty Prajeet Nair (@prajeetspeaks) • December 5, 2024    

Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, malicious npm versions targeted Solana users, Brazilian banking giant entered cryptocurrency trading, a Nebraska man pleaded guilty to cryptojacking in Brooklyn federal court, Australia tightened rules for crypto businesses and crypto losses in 2024 dropped 15%. Japanese cryptocurrency exchange DMM Bitcoin said it will cease operations.

See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation

Cybersecurity researchers uncovered a supply chain attack targeting the widely used @solana/web3.js npm package, which helps developers interact with the Solana blockchain. Researchers from Socket found two malicious versions, 1.95.6 and 1.95.7, containing code designed to steal private keys and drain cryptocurrency wallets. The affected package, downloaded over 400,000 times weekly, has since been removed from the npm registry.

The attack allegedly occurred after attackers compromised the npm account of the package’s maintainers through a phishing attack. The malicious code in these versions of the package added a backdoor that exfiltrated private keys via seemingly legitimate CloudFlare headers, sending them to a remote server.

This breach targeted projects handling private keys, such as decentralized applications, but did not impact non-custodial wallets that don’t expose private keys during transactions. Users of the package are advised to update to the latest secure version and rotate their keys if compromised.

Brazilian bank Itau Unibanco, launched cryptocurrency trading services on Monday through its investment platform. Clients of Brazil’s largest bank can initially trade Bitcoin and Ether, with plans to expand offerings as crypto regulations evolve, said Guto Antunes, head of digital assets.

Founded in 1924 Itau Unibanco manages over $526 billion in total assets and will safeguard customers’ digital assets through its in-house custody services, according to BeinCrypto.

The move positions Itau to compete with local players like MB and BTG Pactual’s Mynt and global giants such as Binance. Itau distinguishes itself by acting as a custodian, safeguarding users’ digital assets.

The launch follows recent exits by Brazilian firms XP and PicPay, highlighting regulatory uncertainties in the country’s growing cryptocurrency market.

A Nebraska man who stole $3.5 million worth of cloud computing services to mine just under a million dollars worth of cryptocurrency plead guilty Thursday to wire fraud in Brooklyn federal court.

Prosecutors indicted the man, Charles O. Parks III – known online as “CP30” – with six criminal counts. Parks ran a cryptojacking operation from January 2021 through August of that year, using a variety of names, corporate affiliations and email addresses to register accounts with cloud providers. He created email domains for two corporate entities he created in the names of “MultiMillionaire LLC” and “CP3O LLC.”

He laundered the cryptocurrency through exchanges, a non-fungible token marketplace, an online payment provider and traditional bank accounts. Once converted into dollars, Parks used the ill-gotten gains on purchases including a Mercedes Benz luxury car, jewelry and first-class hotel and travel expenses. He faces up to two decades in prison in sentencing.

The Australian Securities and Investments Commission proposed stricter licensing requirements for crypto businesses to enhance consumer protection and market integrity.

Released through Consultation Paper 381, the updates clarify existing financial product definitions, including 13 examples illustrating their application to digital assets.

ASIC Commissioner Alan Kirkland emphasized the balance between fostering responsible financial innovation and ensuring consumer confidence. The advisory also outlines transitional approaches for businesses adapting to the new framework.

Stakeholders have until Feb. 28, 2025, to provide feedback. The final guidance is expected in mid-2025, shaping the future of Australia’s crypto industry.

Cryptocurrency losses in 2024 reached nearly $1.49 billion across 209 incidents, marking a 15% decrease compared to $1.75 billion in the same period last year, according to Immunefi’s Crypto Losses Report.

Hacks remained the primary cause, accounting for 99.96% of the losses, while rug pulls made up a small fraction.

May and July saw the highest losses, with over $359 million and $282 million, respectively. November reported $71 million in losses, mainly affecting DeFi projects like Thala Labs and DEXX.

The BNB Chain was the most targeted, suffering 46.7% of attacks.

Japanese cryptocurrency exchange DMM Bitcoin announced it will cease operations and transfer its assets to SBI VC Trade Co., a subsidiary of SBI Holdings, by March 2025.

The move follows a major hack in May, which led to the loss of 4,502.9 bitcoins, worth approximately $303 million.

SBI VC Trade plans to take over DMM Bitcoin’s 14 cryptocurrency trading offerings before the asset transfer. Both companies are finalizing details, including the transfer method and timeline.

DMM Bitcoin, part of the DMM Group, stated the decision aims to prevent further customer inconvenience as investigations into the hack continue.

With reporting from Information Security Media Group’s David Perera in Washington, D.C.

Original Post URL: https://www.govinfosecurity.com/cryptohack-roundup-solana-npm-package-attacks-wallet-risks-a-26987

Category & Tags: –

Views: 0