U.S. Markets close in 4 hrs 4 mins
  • S&P 500

    4,634.96
    +67.96 (+1.49%)
     
  • Dow 30

    34,850.81
    +367.09 (+1.06%)
     
  • Nasdaq

    15,735.05
    +197.36 (+1.27%)
     
  • Russell 2000

    2,245.86
    +46.95 (+2.14%)
     
  • Crude Oil

    67.50
    +1.32 (+1.99%)
     
  • Gold

    1,785.50
    +9.00 (+0.51%)
     
  • Silver

    22.48
    -0.34 (-1.47%)
     
  • EUR/USD

    1.1328
    -0.0012 (-0.1019%)
     
  • 10-Yr Bond

    1.4730
    +0.0300 (+2.08%)
     
  • Vix

    22.69
    -4.50 (-16.55%)
     
  • GBP/USD

    1.3309
    +0.0008 (+0.0572%)
     
  • USD/JPY

    112.8300
    -0.3500 (-0.3092%)
     
  • BTC-USD

    58,643.43
    +1,761.27 (+3.10%)
     
  • CMC Crypto 200

    1,493.24
    +24.16 (+1.64%)
     
  • FTSE 100

    7,168.68
    +109.23 (+1.55%)
     
  • Nikkei 225

    27,935.62
    +113.86 (+0.41%)
     

A hacker stole more than $55 million in crypto after a bZx developer fell for a phishing attack

  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
·2 min read
In this article:
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
A coin withe an Ethereum logo on top of other gold coins
The hacker's wallet included more than $20 million in Ethereum, bZx said in a blog post. Dado Ruvic/Reuters
  • A hacker stole millions after a developer at bZx, a crypto company, fell for a phishing attack.

  • SlowMist estimated the total haul at $55 million, The Block, a crypto blog, reported on Friday.

  • "Roughly 25% of this figure is personal losses from the team wallet," bZx said on Twitter.

Crypto company bZx said on Friday that a hacker stole millions in various currencies after one of its developers fell for a phishing attack.

SlowMist, an outside security company, estimated the total haul at $55 million, The Block, a crypto blog, reported on Friday.

"Roughly 25% of this figure is personal losses from the team wallet that was compromised," bZx said on Twitter, responding to The Block's reporting.

On Friday, bZx posted what it said were details of the hacker's accounts, which included Ethereum totaling $21 million. The company, a decentralized-finance platform, or DeFi, said it was still investigating the hack. It said the breach affected "lenders, borrowers, and farmers" with funds on two platforms, Polygon and Binance Smart Chain.

"A limited number of users who had approved the unlimited spend had funds stolen from their wallet," the company said in its unsigned technical analysis of the hack. "The developer's wallet had all funds drained from their wallet."

The breach began with a phishing email sent to a developer's personal computer, bZx said. That email had "a malicious macro in a Word document that was disguised as a legitimate email attachment, which then ran a script on his Personal Computer. This led to his personal mnemonic wallet phrase being compromised," the company said.

At about 8:30 am EST on Friday, the company received a series of notifications about suspicious activity, including a flagged wallet. The company tracked the hacker's wallet. It posted a list of balances, along with a few transactions, on its blog.

The company said it was still working to determine the total amount of funds stolen. It said it was working with law enforcement to recover the funds and identify the hacker.

"We are gathering data on the specific wallets which were affected by the attack," bZx said.

Insider has reached out to bZx for additional information and comment.

Coindesk reported on Friday that bZx was hacked three times last year.

Read the original article on Business Insider