Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • TRADE
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • TRADE
Crypto Flexs
Home»ADOPTION NEWS»DeFi Saver Ownership Phishing, iVest Shuts Down After Attack, Hackathon Clipboard Hacked
ADOPTION NEWS

DeFi Saver Ownership Phishing, iVest Shuts Down After Attack, Hackathon Clipboard Hacked

By Crypto FlexsAugust 26, 20245 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
DeFi Saver Ownership Phishing, iVest Shuts Down After Attack, Hackathon Clipboard Hacked
Share
Facebook Twitter LinkedIn Pinterest Email
Amazon Polly has a voice

Crypto Scams, Hacks and Exploits and How to Avoid Them: Crypto-Sec

Weekly Phish: DeFi Saver Users Lose $55 Million in DAI

A user of the decentralized finance protocol DeFi Saver was hit with an unusual style of phishing attack on August 21. According to a post from blockchain security firm Global Ledger X, the attacker tricked the user into reassigning ownership of the DeFi Saver Proxy contract.

The victim reportedly attempted to trade again but failed. The attacker then changed ownership again and emptied all Dai (DAI) stablecoins from the smart contract wallet, removing a total of $55 million.

Global Ledger's Post on X on DeFi Saver Phishing AttackGlobal Ledger's Post on X on DeFi Saver Phishing Attack
(Global Leisure)

According to blockchain data, the DAI came from a null address rather than the victim’s address, suggesting the attacker minted the DAI using the victim’s collateral rather than directly withdrawing it from the victim’s account.

The victim’s smart contract wallet is listed as “DSProxy #166,776” on Etherscan. On August 20, the account owner called the “Set Owner” function and listed the malicious phishing account as the new owner. The owner was likely tricked by the malicious web app into approving this transaction. This was a costly mistake, as the victim is now $55 million poorer.



Web3 users should consider carefully reviewing the contract address before approving a transaction. Many protocols list official contract addresses in their documentation, and users can check these addresses to see if the address they want to interact with is listed there. This can help users avoid losing funds due to phishing attacks, but no security method is 100% foolproof.

DeFi Exploit: iVest Announces Shutdown After $156,000 Loss

Decentralized finance (DeFi) protocol iVestDAO has announced that it will not be reopening after suffering a $156,000 exploit. The protocol had previously said it would compensate investors and reopen later. However, iVest’s Telegram administrator told Cointelegraph on August 15 that it was shutting down.

“Unfortunately, we cannot continue operations and are having to suspend the project and refund holders out of our own pocket,” the manager said, calling the incident a “tragic event.”

In a public statement on the protocol’s website, iVest claims the team is “refunding holders out of our own pockets,” but the funds are “non-recoverable and there is no way to replace them back to 100% of the team’s own funds.”

The team said they were “bruised and defeated” but would “pick up the pieces and move on with our lives.”

iVest was exploited via a ‘null address’ donation attack on August 12th.

Malware Corner: Copy2pwn bypasses Windows Smart Screen

According to a report from SecurityWeek, malware operators are using a new exploit called “copy2pwn” to bypass the Windows Smart Screen program’s protections. The vulnerability has been patched in recent versions of Windows, but some devices may still be at risk because they have not yet been updated.

These exploits can be used to install malicious software and may result in the private keys of software wallets being leaked.

Also read

characteristic

Tornado Cash 2.0: The Race to Create a Safe and Legal Coin Mixer

characteristic

Lazarus Group’s Favorite Exploits Revealed – Crypto Hacking Analysis

Copy2pwn, disclosed in CVE-2024-38213 and reportedly discovered by Trend Micro’s Zero Day Initiative, is designed to make it easier for users to share and edit web-based content by leveraging the Web-based Distributed Authoring and Versioning (WebDAV) protocol in Windows.

However, cybercriminals have discovered that content hosted on WebDAV shares can bypass the smart screen protection feature by not getting the webmark flag.

According to the report, malware operators have been using copy2pwn to install DarkGate on users’ devices. According to cybersecurity firm Socradar, DarkGate is a sophisticated malware program that is difficult to detect and effective at stealing data.

Cryptocurrency users who use Windows Smart Screen for malware protection are advised to upgrade to the latest version of Windows as soon as possible.

Hackathon participants suffer clipboard hack

On August 25, Porter Adams, a software engineer at Matter Labs, the developer of the ZKsync network, discovered cryptocurrency-stealing malware in an unexpected place. The malware was found on the PC of one of the hackathon participants.

Adams posted video of the reported incident to X.

Porter Adams posted about clipboard hijacking malware on X.Porter Adams posted about clipboard hijacking malware on X.
Source: Potter Adams.

The participant attempted to send Ether (ETH) to a specific address on the Sepolia test network, but Adams discovered that the person’s device was infected with clipboard hijacking software.

Every time a user copies and pastes a cryptocurrency address, the malware pastes the developer’s address instead, causing the user to send their cryptocurrency to the wrong address and lose it forever.

Fortunately, the participants were using a testnet with ETH that had no real value. However, if the participants had gone home and used the device to trade real cryptocurrencies, they could have easily lost all their funds. “I saved a hackathon participant from malware today,” Adams said in his post.

When cutting and pasting an address, crypto users are advised to check that the pasted address is the same address they were trying to copy. If it is different, the device may be infected.

Subscribe

The most interesting articles on blockchain, delivered once a week.

Subscribe to the Cointelegraph Newsletter Magazine.Subscribe to the Cointelegraph Newsletter Magazine.

Christopher Locke

Some say he is a white hat hacker living in the black mining hills of Dakota, pretending to be a children’s crossing guard to avoid the NSA’s eyes. What we do know is that Christopher Locke has a pathological desire to hunt scammers and hackers.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Stablecoin startups surpass 2021 venture capital peaks as institutional money spills.

June 28, 2025

Gala Games improves leader board rewards and introduces preference systems.

June 20, 2025

Ether Leeum Whale starts a $ 11 million leverage betting in the 30% increase in ETH prices.

June 12, 2025
Add A Comment

Comments are closed.

Recent Posts

XRP rebounds are interested in APT miners cloud mining.

July 3, 2025

The market will select US regulatory stable coins more than CBDCS every day of CBDCS every day.

July 3, 2025

Best Crypto PR Agency Packages : What to Look For & Where to Start

July 3, 2025

Looking for an Affordable Crypto PR Agency? Here’s What to Know Before You Spend

July 3, 2025

Crypto PR Packages for Startups: What You Need & How to Choose the Right One

July 3, 2025

Cheap Crypto Press Release: How to Promote Your Project Without Overpaying

July 2, 2025

The Ultimate Guide to Crypto Public Relations Packages

July 2, 2025

Submit Your Website to Crypto Directories and Boost Your Visibility Instantly

July 2, 2025

Cardano (ADA) -It is not damaged, but there is no fireworks that can be moved yet.

July 2, 2025

Verifiable OffChain Compute Framework Powering AI Applications

July 2, 2025

How to Start a Crypto Press Release Side Hustle and Keep 100% Profit (Step-by-Step Guide)

July 2, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

XRP rebounds are interested in APT miners cloud mining.

July 3, 2025

The market will select US regulatory stable coins more than CBDCS every day of CBDCS every day.

July 3, 2025

Best Crypto PR Agency Packages : What to Look For & Where to Start

July 3, 2025
Most Popular

AI Cryptos Crash Due to FOMC Panic, Is WienerAI Best Altcoin to Buy Dip?

June 12, 2024

7 Best Meme Coins to Buy Now – What’s the Next SHIBA INU?

May 2, 2024

According to InvestAnswers, a new Solana-based altcoin is set to explode by up to 700% to ‘do it all’.

February 4, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.