Optimism, the group behind the Ethereum Layer 2 scaling project, has reportedly encountered a bug on the Geth fork. According to the latest report, the startup has spotted this issue earlier this month, where the threat actors were able to create "infinite" ETH.
The Optimism team has previously said that the critical bug in early February has undergone a patch in the same month.
The scheme has a special place for the hackers since they could reproduce ETH on their accounts without restrictions. They could multiply its numbers in any way they like.
However, Jay Freeman (Saurik), an iOS jailbreak software developer from Cydia has uncovered this vulnerability. In his tweet on Thursday, Feb.10, he said that he discovered and reported the said bug which has been fully patched by Optimism.
After finding a solution to the issue, Freeman added that he won a $2,000,042 bounty for disclosing the critical bug.
Hackers have stolen roughly $1.9 million from South Korean cryptocurrency platform KLAYswap after they pulled off a rare and clever BGP hijack against the server infrastructure of one of the platform’s providers.
The BGP hijack—which is the equivalent of hackers hijacking internet routes to bring users on malicious sites instead of legitimate ones—hit KakaoTalk, an instant messaging platform popular in South Korea.
The attack took place earlier this month, on February 3, lasted only for two hours, and KLAYswap has confirmed the incident last week and is currently issuing compensation for affected users.
IRA Financial Trust has reported that it lost $36 million in crypto to a hack. The US-based regulated financial institution provides self-directed retirement accounts for its clients.
Earlier on February 8, the official Twitter account of IRA stated that it had discovered suspicious activities affected some customers with accounts on the Gemini crypto exchange.
The institution is taking all the necessary steps to address the situation, including involving law enforcement and forensic experts.
Some users affected by the hack have claimed on Reddit that their funds were transferred to a Roth IRA account under the name of Benjamin Choe. This has led to speculation that the hacker compromised the account of an employee who has admin privileges to perpetrate the act.
Thomasg.eth, has revealed how he almost lost all his ETH to a social engineering scam.
His DAO, Arrow, is building open source VTOL aircraft and air taxi protocol. He claimed that someone named heckshine reached out to him about two weeks ago. Heckshine claimed to be working at Ubisoft and offered help with 3D design and animation.
Linh claimed to be working on the Space Falcon metaverse project and wanted a partnership with Arrow DAO. Before proceeding with the partnership, Thomas claimed he checked Space Falcon to confirm that it’s an actual project on Solana and saw Lihn’s name on it before proceeding.
Linh even went as far as to invite Thomas to a tour of the Wisk facility. The red flags started popping up after Linh informed him of a new staking app for NFT that had just launched. She asked him to receive NFT to help in testing the app.
Instead of receiving the NFT in his main wallet, Thomas opened a new wallet for that purpose. Linh then offered to send another NFT to the main wallet.
Fortunately, Thomas decided to read through the contract first and discovered that it contained a function that would make it possible for the scammers to send all the wrapped ETH in his wallet.
The U.S. government is intensifying efforts to combat the criminal use of cryptocurrencies as federal prosecutors continue to target the business models and logistics of cybercrimes such as ransomware, Deputy Attorney General Lisa Monaco said Thursday.