Decentralized exchange and betting platform MonoSwap announced it fell victim to a significant hack and urged users to stop betting or depositing additional funds on the platform.
The platform also advised users to withdraw their funds from staked positions to avoid capital loss.
Details of The Hack
The platform also identified a suspicious link in a social media post and urged users not to interact with it. It also shared details about how the hack occurred. According to MonoSwap, one of its developers accidentally installed a malicious phishing application and was lured into a call with fraudsters pretending to be capital entrepreneurs. During the call, the fraudsters managed to install malicious software on the developer’s computer.
“WARNING: MonoSwap has been hacked. DO NOT add liquidity or stake at this time. If you have staked positions, withdraw immediately to avoid capital loss. Yesterday, one of our developers installed a phishing app to engage in a call with fraudsters pretending to be VC. Intruders installed botnet on his office computer, which has access to all wallets and contracts related to MonoSwap. Subsequently, hackers withdrew most of the staked liquidity, causing damage to the protocol.”
The compromised computer had access to MonoSwap wallets and contracts. With malicious software installed on the laptop, fraudsters managed to withdraw a significant portion of the platform’s staked liquidity. MonoSwap stated it is investigating the incident and working to build a better future for the platform.
“We are investigating this attack and will soon announce our next steps. We were trying to collaborate with VC to build a better future for MonoSwap. However, unfortunate events happened, and now we are doing our best to resolve this issue.”
Alarming Rise in Crypto Hacks
CoinGecko founder and Chief Operating Officer Bobby Ong warned of the alarming rise in crypto intrusions and urged users to be cautious when interacting with crypto sites or those linked to crypto. According to Ong, the sudden surge in crypto hacks is mainly due to Google selling its domain business to SquareSpace. Ong explained that the forced domain migration removed two-factor identity checks, creating security vulnerabilities exploited by hackers.
Recent High-Profile Breaches
Crypto researcher Onchain ZachXBT recently warned about Compound Finance, whose website redirected users to a malicious phishing page. Compound Finance’s team has since resolved the issue. Another major hack was reported on July 18, when popular Indian cryptocurrency exchange WazirX was breached, resulting in a loss of $235 million. The most recent exploit is that of the dYdX v3 website, which fell victim to an apparent DNS attack.
Disclaimer: This article is provided for informational purposes only. It is not intended nor should it be construed as legal, tax, investment, financial, or other advice.
No Comment! Be the first one.