Pages:
Author

Topic: Hacker attacks again (Read 424 times)

full member
Activity: 1092
Merit: 227
August 17, 2023, 11:41:01 AM
#39
The smart choice here would be to just take the 10% and live freely. I know highly-technical crypto users can evade traceability by doing things correctly, but it only takes one mistake mistake to get yourself in handcuffs. Having more money isn’t worth it if you’ll be on-the-run(virtually) forever.

Haha, that is really funny because the hacker seems to be complete idiot to me. I am not sure how he ended with such bullshit decision of not accepting the offer. I can not imagine someone just leaving the millions of dollars just like that.

Now to identiy the hacker himself they are offering bounty of millions of dollars. According to the source mtnioned in the OP we can clearly read that anyone who identify it will get:

Quote
anyone who can identify the attacker will now be rewarded with assets worth $1.85 million.

That is a whopping $1.85 million just to identify. Obviously this not gonna be easy and will be riddle for many but those who were close to this case from beginning must have kept an eye on the initial hacker who supported the case. Now its all about the "back tracing" and also keeping keen eye on the movement of any funds during this transition from their wallets.
sr. member
Activity: 1610
Merit: 264
August 17, 2023, 10:10:22 AM
#38
I haven't followed this incident but there have been cases before that it happened too. Offered a bounty to the hacker but then, in a way that I don't know how the authorities managed to get probably a footprint or trace from the logs or whatsoever in technicality, the hacker got caught. It could possibly be an ego thing or whatnot but I agree that it's best to just take the offer and then let it call quits and that's it. No need to prove that he's the best and just stop fooling around with people's money.
There could have been possibly an internal investigation within the pools. Surely they had user of interest, but hey we'll never know who's who.
Yup, we'll never know if there's an internal attack or inside job regards to this hack. But they better be sure and do all investigations that they can and if they're suspecting one or a few of their people is part of it, they need to do in-depth investigations just to prove if the malice is wrong or right.
I doubt that everything would be brought to light anyway. I mean scams even outside crypto are so bad that there are authorities willing to be paid or bribed just to avoid getting exposed. It surely will kill the reputation of any company.

Crypto or not, people will find a way to remove traces or footprints in the best way they can do so.

I've been following some scambaiters for quite a while, so this kind of topic is a bit familiar to me.
hero member
Activity: 1106
Merit: 912
Not Your Keys, Not Your Bitcoin
August 17, 2023, 09:23:54 AM
#37
Now, let's have an update about the curve finance. recently it had an issue where a hacker entered it and it happened on July 30, 2023. So what Curve did was they offered the hacker to return its fund and they will give 10% bounty rewards. And it will not be charged or imprisoned. The offer was accepted and the stolen assets were returned. But the hacker did not complete its full refund from other pools.

Because it has a deadline now it has passed. Now the rewards are offered just to identify the attackers. Also, what do you think is the reason and why did the hacker return the funds to another protocol? he said
Quote
He doesn't want to ruin the project.
and that's not the reason he's afraid of being identified.

Because it seems that what the hacker wants to release or make him look like is that the authorities cannot identify him. Let's see what happens here, because we know that the hacker is not invincible because there are and still are others caught. What happened to the Bitfinex hacker even after a long time was still caught. But if it turns out that a north Korwan hacker was able to access curve finance, it is unlikely to be recovered for sure.

Source: https://m.investing.com/news/cryptocurrency-news/curve-finance-opens-bounty-after-exploiters-return-deadline-expires-3146166

It still baffle me how decentralized exchanges and protocols are insecured and prone to hacking, even the centralized exchanges don't get this level of hack exposures like the way this protocol does and it beg the question whether they need to be fully audited for the safety of the public, special auditing by other firms that focus on decentralization, at least seeing them exposed to some hacked attempt of beta test before the public, if that will save the sanity of these public theft, I will love it.

It obvious that whoever that hacker is, must have some information within the group or perhaps it was a fully insider work and the person is playing mind games just to avoid tracing or who knows he is not that expert in hacking to cover his tracks, otherwise there are people that are very good in hacking and will get away with whatever they stole, the coins or tokens they stole could be trace but their identity will remain unknown forever; there are some BTC that have been stolen for ages, they are visible in some wallets but how they move those BTC are steal unknown.
hero member
Activity: 938
Merit: 605
Leading Crypto Sports Betting & Casino Platform
August 15, 2023, 01:40:52 AM
#36

What beautiful is there in life in having so much money but with no peace of mind and freedom of movement to spend it. Always on the look if you're being chased with every stranger in your path looking like a suspect.
Why not be contented with a 10% of that stolen amount that gives you a free life. And there's a probability that the company might wanna hire him to make use of his skills in their advantage (all things been equal).


You know, you're right about it dude. Just from the 10% that will be paid to him as bounty rewards that he got without any difficulty, he will be able to live luxuriously there in truth. Then he can even be given a good job because of his skills.

That's why the hacker was still greedy, he was still stubborn, as if he wasted the opportunity to correct the mistake he made, that's why he ignored the opportunity that he can't get back. I'm sure he'll regret it in the end and as you also said, there's no peace of mind either, 100% sure of that.
Hackers are difficult to understand, after all someone with the level of knowledge could have been easily hired by many top companies and could be making a lot of money legally without the risk of ever facing jail time.

And yet that is precisely the decision they took when they became hackers, so as illogically as it may seem to us the decision to not return the money despite the huge bug bounty offered is consistent with the decision to become a hacker to begin with.
I think this very hacker in question has sworn to do things always and only in the way in life, and there's nothing short of that. There are people in life that are excited doing things they could have done legally in an illegal way, and if an opportunity emerges for them to move over to the legal side of such thing they will deliberately resist just in the case with this very hacker. From all indication it's not that the 10% bounty offered to him is too small an amount but because he love what he's doing in the way he's doing it and wouldn't wanna stop in the easy way unless force is used on him.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
August 15, 2023, 12:16:14 AM
#35
As I learnt from a news article I read online, the hacker or hackers carted away with $62 million dollars, thats a lot of money to be honest, and i wonder what the hacker will be doing with all that money if he decides to keep it, and like we all have learnt that curve finance is offering to pay the hacker 10 percent of the money if he returns it, 10 percent of $62 million dollars is exactly $6.2 million dollars, now, thats another hefty sum of money to get for(is it right if i use the word..) free, if i am the hacker, i did take this offer and forget everything about hacking, $6.2 million dollars if rightly invested, the person and his generation will never know what is called poverty anymore, and the good part is that, you live your life free without having to watch your back to know when been chased by the authorities..

Anyways, every man to his own, lets see how this plays out in the end .
full member
Activity: 1540
Merit: 219
August 14, 2023, 11:38:10 PM
#34
The smart choice here would be to just take the 10% and live freely. I know highly-technical crypto users can evade traceability by doing things correctly, but it only takes one mistake mistake to get yourself in handcuffs. Having more money isn’t worth it if you’ll be on-the-run(virtually) forever.
Nah, the fact that they offered a bounty for the identity of the hacker means that the hacker still has the time advantage to cover his tracks which I am sure is what's going to happen, although not all hackers are created equal, this hacker probably doesn't know how to clean his online tracks which is a good thing for the investigators and online sleuths. Technically, if he was anonymous all throughout the hack and he has a way to transfer the stolen money without the people who he stole it from being able to track it, he won't be on the run forever.
hero member
Activity: 2814
Merit: 734
Bitcoin is GOD
August 14, 2023, 10:52:20 PM
#33

What beautiful is there in life in having so much money but with no peace of mind and freedom of movement to spend it. Always on the look if you're being chased with every stranger in your path looking like a suspect.
Why not be contented with a 10% of that stolen amount that gives you a free life. And there's a probability that the company might wanna hire him to make use of his skills in their advantage (all things been equal).


You know, you're right about it dude. Just from the 10% that will be paid to him as bounty rewards that he got without any difficulty, he will be able to live luxuriously there in truth. Then he can even be given a good job because of his skills.

That's why the hacker was still greedy, he was still stubborn, as if he wasted the opportunity to correct the mistake he made, that's why he ignored the opportunity that he can't get back. I'm sure he'll regret it in the end and as you also said, there's no peace of mind either, 100% sure of that.
Hackers are difficult to understand, after all someone with the level of knowledge could have been easily hired by many top companies and could be making a lot of money legally without the risk of ever facing jail time.

And yet that is precisely the decision they took when they became hackers, so as illogically as it may seem to us the decision to not return the money despite the huge bug bounty offered is consistent with the decision to become a hacker to begin with.
hero member
Activity: 2170
Merit: 530
August 13, 2023, 04:01:27 PM
#32
I haven't followed this incident but there have been cases before that it happened too. Offered a bounty to the hacker but then, in a way that I don't know how the authorities managed to get probably a footprint or trace from the logs or whatsoever in technicality, the hacker got caught. It could possibly be an ego thing or whatnot but I agree that it's best to just take the offer and then let it call quits and that's it. No need to prove that he's the best and just stop fooling around with people's money.
Yes, we can call it as  bug Bounty, it is good to have when you are working with your product. It can help anyone to see if the contract has vulnerable and loop holes. Bug Bounty is a quite good in rewards, but it will require some knowledge and coding skills to test and extract the contract. I am still learning solidity that's why I am not yet comfortable working as QA in any work.
legendary
Activity: 3052
Merit: 1188
August 11, 2023, 01:31:23 PM
#31
I recall months ago or two years ago, there is a hack and after that a hacker refunds to the project. People extrapolate that hack like an inorganic drama from that project team to create their pump and dump games.

I don't know what other people think about it but I see it is reasonable. Hacks a project, drains its treasury but then refunds it without any benefit but meanwhile and later can face with risk of reported by the victim project and arrested by police as well as in worst legal scenario, will be put in jails.

I will not play such dumb games like that if I am a hacker.

But if  I am an internal team member and want to set up an internal hack to dump tokens and days later refund hacked amount to bump tokens again, I will have many reasons to do such hack-and-refund.
I think its quite obvious that a hacker who tries to hack into anything would know that there will be some consequences. The first part of any hacking attempt would be to realize that you are going to be followed, and everyone will try to learn who you are, and every step you take will be watched with thousand eyes at least, so you need to make sure that nobody knows who you are.

If you can do that then you are going to end up with a good result, but if you are not careful about it then you are going to end up with a terrible result eventually. This is why you should be considering the fact that its not going to end up being that easy, and you should be careful about what's happening most of the time and get a better result.
hero member
Activity: 630
Merit: 510
August 11, 2023, 10:06:35 AM
#30
usually, they would take time to move the funds, like years in the making. they are very careful on how they transfer those stolen funds. should be meticulously done because one wrong move, they will be caught as the authorities are on the lookout for them. they can easily be uncovered with one wrong transaction made from that stolen funds. and if the amount is huge, expect there will be discreet investigations on the hot addresses involved.
And this is why mixers would really be the most common place on which these stolen or hacked funds would really be going into specially if the hacker would really be deciding on cashing out these money then for

Here you need to trust these mixers, but suppose you have mixed perfectly, how will you justify to the government that you suddenly became a millionaire, you need to sell these bitcoins for cash, and then it is almost impossible to succeed in proving the source of your money.

Money laundering is not easy, and at some point you will have to trust one of the parties, which may eventually lead to your exposure, and the arrest of Chipmixer admin is the best evidence of the ability of governments to track individuals.

So instead of all this headache, if hacker got a 10% deal, he wouldn't think of turning it down.
hero member
Activity: 896
Merit: 586
Leading Crypto Sports Betting & Casino Platform
August 11, 2023, 10:03:58 AM
#29
Maybe the hacker feels that he is a pro and wouldn't be traced but if he does his clean up well and leaves no trace,he might be safe from been caught but nobody knows what will happen tomorrow. So if I was the hacker no matter how good I am,I will accept the 10% and return back all the stolen funds to avoid going to jail and live a peaceful life.

The hacker is greedy and he will pay for his greed someday because he will get caught. It might take days,months or years to catch the hacker because locating him now has an offer that was suppose to be his. This means that maybe he only returned little part of the funds.
sr. member
Activity: 658
Merit: 441
August 11, 2023, 10:00:24 AM
#28
Now, let's have an update about the curve finance. recently it had an issue where a hacker entered it and it happened on July 30, 2023. So what Curve did was they offered the hacker to return its fund and they will give 10% bounty rewards. And it will not be charged or imprisoned. The offer was accepted and the stolen assets were returned. But the hacker did not complete its full refund from other pools.

Because it has a deadline now it has passed. Now the rewards are offered just to identify the attackers. Also, what do you think is the reason and why did the hacker return the funds to another protocol?
This is a dumb move, you have 10% given to you for your troubles, that's about  more than $6 million as a reward which is still a great deal of money. Why not take it and have peace of mind instead of running and be looking out on your shoulders all the days of your life? If you knew you weren't going to return the 90% of the stolen funds curve finance was asking for, why did you send part of it at the first place? Maybe he thinks if he's eventually caught his sentence would be lessen. This doesn't make sense at all, I strongly he's going to leave some kind of trail and will be caught some day.
hero member
Activity: 1904
Merit: 541
August 11, 2023, 05:58:13 AM
#27

What beautiful is there in life in having so much money but with no peace of mind and freedom of movement to spend it. Always on the look if you're being chased with every stranger in your path looking like a suspect.
Why not be contented with a 10% of that stolen amount that gives you a free life. And there's a probability that the company might wanna hire him to make use of his skills in their advantage (all things been equal).


You know, you're right about it dude. Just from the 10% that will be paid to him as bounty rewards that he got without any difficulty, he will be able to live luxuriously there in truth. Then he can even be given a good job because of his skills.

That's why the hacker was still greedy, he was still stubborn, as if he wasted the opportunity to correct the mistake he made, that's why he ignored the opportunity that he can't get back. I'm sure he'll regret it in the end and as you also said, there's no peace of mind either, 100% sure of that.
hero member
Activity: 938
Merit: 605
Leading Crypto Sports Betting & Casino Platform
August 11, 2023, 02:13:26 AM
#26
Now, let's have an update about the curve finance. recently it had an issue where a hacker entered it and it happened on July 30, 2023. So what Curve did was they offered the hacker to return its fund and they will give 10% bounty rewards. And it will not be charged or imprisoned. The offer was accepted and the stolen assets were returned. But the hacker did not complete its full refund from other pools.

Because it has a deadline now it has passed. Now the rewards are offered just to identify the attackers. Also, what do you think is the reason and why did the hacker return the funds to another protocol? he said
Quote
He doesn't want to ruin the project.
and that's not the reason he's afraid of being identified
What beautiful is there in life in having so much money but with no peace of mind and freedom of movement to spend it. Always on the look if you're being chased with every stranger in your path looking like a suspect.
Why not be contented with a 10% of that stolen amount that gives you a free life. And there's a probability that the company might wanna hire him to make use of his skills in their advantage (all things been equal).

Quote
Because it seems that what the hacker wants to release or make him look like is that the authorities cannot identify him. Let's see what happens here, because we know that the hacker is not invincible because there are and still are others caught. What happened to the Bitfinex hacker even after a long time was still caught. But if it turns out that a north Korwan hacker was able to access curve finance, it is unlikely to be recovered for sure.

Source: https://m.investing.com/news/cryptocurrency-news/curve-finance-opens-bounty-after-exploiters-return-deadline-expires-3146166
My people use to say, "they use a better thief to catch a thief", he may try to hide his identity but for how long. He can't be the very best hacker in the world as there are a thousands of others like him who would spontaneously agree to take the 10%  and hunt him down at all cost and he eventually will be caught. And then what!
hero member
Activity: 2926
Merit: 722
DGbet.fun - Crypto Sportsbook
August 10, 2023, 06:32:25 PM
#25
If a hacker worries about legal problems from hacking and fund steal because these activities are illegal, the hacker will not do it. After hacking massive fund, then start to think about legal problems, it is not logic.

Not only legal problems, but suppose, for example, that you were able to hack a platform and collect $ 500 million, how will you be able to launder this money or transfer it to something legal without revealing your identity?


This is why I think it is going to be quite important that we are going to end up with no company accepting that and making sure that anyone who tries to hack into any company will end up getting the court chasing them and they will always be on the run trying to hide and never come out and that's why it is scary to hack into big companies.

Yes, but is it hard to hack these projects?

Sometimes the material value of the hack is not important.

A company may pay hackers to thwart a competing company like coinbase pay for some hackers to hack Binance hot wallet.
We can see it in DDOS attacks. If these massive attacks did not exist, no one would use Cloudflare, which some goverMments may use to obtain data.

usually, they would take time to move the funds, like years in the making. they are very careful on how they transfer those stolen funds. should be meticulously done because one wrong move, they will be caught as the authorities are on the lookout for them. they can easily be uncovered with one wrong transaction made from that stolen funds. and if the amount is huge, expect there will be discreet investigations on the hot addresses involved.
And this is why mixers would really be the most common place on which these stolen or hacked funds would really be going into specially if the hacker would really be deciding on cashing out these money then for

sure their primary option would be mixers and its true that once a wallet is really that been monitored then this hackers wont really be that a fool on giving out traces which would really be revealing out their identity on which it would really be that common that they would really be making use of the most efficient and most safest way on deleting or erasing their tracks on which this is via mixers.
It is really that unlikely that we are seeing that there are hackers which do give out those funds back into the team or project owners on which they might be having able to feel out some conscience or regret
on the time that they do stole up users or investors money?

Well, there still humanity into those hackers which they should really be grateful at least but instead they do make out some bounties for them to be caught out but well it is
really that a normal approach or reaction to be made though.
legendary
Activity: 3122
Merit: 1102
Leading Crypto Sports Betting & Casino Platform
August 10, 2023, 05:26:04 PM
#24
If a hacker worries about legal problems from hacking and fund steal because these activities are illegal, the hacker will not do it. After hacking massive fund, then start to think about legal problems, it is not logic.

Not only legal problems, but suppose, for example, that you were able to hack a platform and collect $ 500 million, how will you be able to launder this money or transfer it to something legal without revealing your identity?


This is why I think it is going to be quite important that we are going to end up with no company accepting that and making sure that anyone who tries to hack into any company will end up getting the court chasing them and they will always be on the run trying to hide and never come out and that's why it is scary to hack into big companies.

Yes, but is it hard to hack these projects?

Sometimes the material value of the hack is not important.

A company may pay hackers to thwart a competing company like coinbase pay for some hackers to hack Binance hot wallet.
We can see it in DDOS attacks. If these massive attacks did not exist, no one would use Cloudflare, which some goverMments may use to obtain data.

usually, they would take time to move the funds, like years in the making. they are very careful on how they transfer those stolen funds. should be meticulously done because one wrong move, they will be caught as the authorities are on the lookout for them. they can easily be uncovered with one wrong transaction made from that stolen funds. and if the amount is huge, expect there will be discreet investigations on the hot addresses involved.
full member
Activity: 980
Merit: 237
August 10, 2023, 05:09:51 PM
#23
Now, let's have an update about the curve finance. recently it had an issue where a hacker entered it and it happened on July 30, 2023. So what Curve did was they offered the hacker to return its fund and they will give 10% bounty rewards. And it will not be charged or imprisoned. The offer was accepted and the stolen assets were returned. But the hacker did not complete its full refund from other pools.

Because it has a deadline now it has passed. Now the rewards are offered just to identify the attackers. Also, what do you think is the reason and why did the hacker return the funds to another protocol? he said
Quote
He doesn't want to ruin the project.
and that's not the reason he's afraid of being identified.

Because it seems that what the hacker wants to release or make him look like is that the authorities cannot identify him. Let's see what happens here, because we know that the hacker is not invincible because there are and still are others caught. What happened to the Bitfinex hacker even after a long time was still caught. But if it turns out that a north Korwan hacker was able to access curve finance, it is unlikely to be recovered for sure.

Source: https://m.investing.com/news/cryptocurrency-news/curve-finance-opens-bounty-after-exploiters-return-deadline-expires-3146166

It sounds like to me that the hacker realized that he made some sort of mistake and sooner or later he would be caught, therefore if he returned the money, perhaps the investigations against him would halt. I don't think that is how the law works. He is still going to be investigated. And as I said, there is no such thing as never getting caught. Sooner or later everyone slips up and makes mistakes that they cannot undo.

I do not buy his excuse of "not wanting to ruin the project". He knew exactly what he was doing and what damage it would have. There is no use in pretending to be a decent human being now.
Perhaps, the hacker doesn't want the transaction traced upon returning the stolen funds.
Its funny the hacker even took the 10% hook. Non-the-less, justice will find the hacker or members of the project, because I don't think it's only a one man idea to do such.

If there's one thing I also know about using falsification to amass wealth, it's that it would fail oneday. The hacker would have taken the 10% bounty offer wholeheartedly and moved onto some other project instead of arousing attention.
legendary
Activity: 2268
Merit: 2050
A Bitcoiner chooses. A slave obeys.
August 10, 2023, 11:01:04 AM
#22
Now, let's have an update about the curve finance. recently it had an issue where a hacker entered it and it happened on July 30, 2023. So what Curve did was they offered the hacker to return its fund and they will give 10% bounty rewards. And it will not be charged or imprisoned. The offer was accepted and the stolen assets were returned. But the hacker did not complete its full refund from other pools.

Because it has a deadline now it has passed. Now the rewards are offered just to identify the attackers. Also, what do you think is the reason and why did the hacker return the funds to another protocol? he said
Quote
He doesn't want to ruin the project.
and that's not the reason he's afraid of being identified.

Because it seems that what the hacker wants to release or make him look like is that the authorities cannot identify him. Let's see what happens here, because we know that the hacker is not invincible because there are and still are others caught. What happened to the Bitfinex hacker even after a long time was still caught. But if it turns out that a north Korwan hacker was able to access curve finance, it is unlikely to be recovered for sure.

Source: https://m.investing.com/news/cryptocurrency-news/curve-finance-opens-bounty-after-exploiters-return-deadline-expires-3146166

It sounds like to me that the hacker realized that he made some sort of mistake and sooner or later he would be caught, therefore if he returned the money, perhaps the investigations against him would halt. I don't think that is how the law works. He is still going to be investigated. And as I said, there is no such thing as never getting caught. Sooner or later everyone slips up and makes mistakes that they cannot undo.

I do not buy his excuse of "not wanting to ruin the project". He knew exactly what he was doing and what damage it would have. There is no use in pretending to be a decent human being now.
hero member
Activity: 630
Merit: 510
August 10, 2023, 07:58:36 AM
#21
If a hacker worries about legal problems from hacking and fund steal because these activities are illegal, the hacker will not do it. After hacking massive fund, then start to think about legal problems, it is not logic.


Not only legal problems, but suppose, for example, that you were able to hack a platform and collect $ 500 million, how will you be able to launder this money or transfer it to something legal without revealing your identity?



This is why I think it is going to be quite important that we are going to end up with no company accepting that and making sure that anyone who tries to hack into any company will end up getting the court chasing them and they will always be on the run trying to hide and never come out and that's why it is scary to hack into big companies.

Yes, but is it hard to hack these projects?

Sometimes the material value of the hack is not important.

A company may pay hackers to thwart a competing company like coinbase pay for some hackers to hack Binance hot wallet.
We can see it in DDOS attacks. If these massive attacks did not exist, no one would use Cloudflare, which some goverMments may use to obtain data.
legendary
Activity: 2702
Merit: 4002
August 10, 2023, 07:00:24 AM
#20
It depends on the ingenuity of the technical and legal team. If you were able to track down and locate and name the hackers, and there was a clear indication in the system that this money belongs to the designated party, and that exploiting a loophole in the system means the legal issue, you may be able to present it to the court without paying anything.
The main difficulty lies in locating the hackers and the currencies, as sometimes even if you manage to locate the hackers, he may refuse to pay, and therefore he will be imprisoned, and you will lose your money.
Negotiations are always a compromise when there is no solution or it is not possible to know the location of scammer.
Pages:
Jump to: