Safemoon Hack: Hackers Exploit ‘Burn’ Bug Resulting in $8.9 Million Loss from Liquidity Pool
- Written by Ari Denial Cybersecurity & Tech Writer
The SafeMoon cryptocurrency token suffered a security breach resulting in the loss of $8.9 million from its liquidity pool, as hackers took advantage of a recently added “burn” smart contract function to inflate the token’s price and sell it for a high profit. SafeMoon has acknowledged the incident and assured its community that measures are being taken to address the issue.
DeFi platforms rely on liquidity pools, which are sizable cryptocurrency funds that enable smooth trading, provide market liquidity, and allow exchanges to operate independently without seeking funds from external sources.
According to John Karony, the CEO of SafeMoon, the attack on the platform took place on March 28, and impacted the SFM:BNB liquidity pool alone, while the exchange remained unaffected.
Karony’s statement reassures that the suspected exploit has been identified, and the vulnerability has been fixed. Additionally, the platform has engaged the services of a chain forensics consultant to assess the nature and extent of the exploit.
PeckShield, a team of blockchain security experts, has disclosed further information about the vulnerability that was exploited by the hacker responsible for the $9M heist against SafeMoon.
By utilizing the burn function, the hacker was able to burn significant amounts of SafeMoon tokens, which resulted in a significant increase in the token’s value.
Once the value of SafeMoon surged, another address took advantage of the manipulated price and sold SafeMoon, causing a drain of $8.9 million from the SafeMoon:WBNB liquidity pool.
The individual who had converted the SafeMoon to BNB a few hours after the attack claimed that they were not the original hacker, but had accidentally executed a front run, taking advantage of the artificially inflated price due to the exploitation of the burn() function.
It remains unclear whether the wallet owner is the same person who exploited the vulnerability. However, they have come forward and expressed their willingness to return the stolen funds to SafeMoon.
Although, the person has subsequently transferred 4,000 Binance Coins (BNB) valued at $1,264,440,00 to another address, raising questions about the legitimacy of the front run being accidental.
IRS Tax Forms Pose Malware Threat, Experts Warn
- Written by Ari Denial Cybersecurity & Tech Writer
According to cybersecurity experts at Palo Alto Networks and Malwarebytes, hackers often impersonate the IRS in their efforts, and they have recently uncovered two distinct phishing campaigns using varied methods.
A phishing campaign discovered by cybersecurity researchers reveals that hackers are sending fake W-9 tax forms through email, impersonating the IRS. However, the form is a disguised Emotet malware, capable of stealing sensitive information from infected endpoints and propagating itself. The Emotet malware can also serve as a dropper, enabling attackers to distribute various other types of malware, such as ransomware.
Following Microsoft’s decision to block macros in downloaded Office documents by default, Emotet adopted a new strategy, utilizing Microsoft OneNote files containing embedded scripts to install the malware.
When initiating the embedded VBScript file, Microsoft OneNote will alert the user of the possible malicious nature of the file. However, it has been observed that many users tend to disregard these warnings and proceed to run the files, as evidenced by past experiences. Upon execution, the VBScript downloads the Emotet DLL and triggers its operation via regsvr32.exe.
If you receive an email requesting W-9 or other tax forms, it is recommended that you scan the documents first with your local antivirus software. However, as these forms contain sensitive information, it is not advisable to upload them to cloud-based scanning services like VirusTotal.
Typically, tax forms are disseminated in the form of PDF documents rather than Word attachments. Therefore, if you receive a tax form as a Word attachment, it is advisable to refrain from opening it and enabling macros.
It is highly unlikely for tax forms to be distributed as OneNote documents, so it is recommended that you delete the email immediately and avoid opening it if you receive one.
