Blockchain and cryptocurrency
,
Cryptocurrency fraud
,
Fraud and cybercrime management
Also: Library of Congress Says Nations Banning Cryptocurrencies Have Doubled Since 2018
Arbix Finance, a yield farming protocol that runs on the Binance Smart Chain, has allegedly siphoned user funds into which blockchain security firm CertiK labeled a "carpet pull" after your incident analysis. The developments follow a recent report issued by the Library of Congress, the research library of the US Congress and the de facto national library, which highlights dozens of nations around the world that have now directly or implicitly blocked the use of cryptocurrencies.
See also: How to improve your defenses with security analysis
In the latest suspicious scheme, the Arbix Yield Farming project, a protocol that works by blocking cryptocurrency in exchange for interest, was flagged after 10 million ARBX tokens were "minted" or validated in eight addresses, including 4, 5 million in a single speech a. The blockchain security firm CertiK says the chips were later "discarded".
CertiK says that $ 10 million in funds deposited by users went to unverified groups, which one actor subsequently emptied. CertiK's analysis tool discovered that a threat actor moved funds to the Ethereum blockchain via decentralized exchange AnySwap USDT.
CertiK determined that the activity was a carpet tug, in which administrators were largely trading a fake crypto token, acquiring user funds, and then walking away with the collective sum.
'Don't interact with the project'
In one of his initial tweets about the incident, CertiK wrote, "Privileged functionalities appear in the identified smart contracts ... DO NOT interact with the project!"
And Connie Lam, head of CertiK's Incident Response Team, tells ISMG that other "exchanges can help discourage future attacks by blacklisting them." [the Ethereum address 0x4714A26e4E2e1334C80575332EC9eB043B61a2C4] and anyone associated with it, making it difficult for the attacker to launder your funds or withdraw them. "
"There is very likely more to come [here]"says Christopher Boyd, lead malware intelligence analyst at Malwarebytes, in a blog post. "More research is required, and it is possible that one of the benefits of this service being audited is that it can help find out who is behind this. It is also possible that the project owners will show up at the last minute with an explanation." .
Boyd points to previous reports that Arbix had been audited and approved by CertiK in November, which gave the project credibility at the time.
"There are a lot of angry people on social media about this," says Boyd. "We have seen some links being posted that claim to be forms of 'help' or support from Arbix that resolve to things like Telegram links. With no way to verify, we suggest being very cautious with links posted to offer assistance."
"The decentralized nature of blockchain means that any bad anonymous actor can launch a project that was meant to be a scam from the start," says Lam of CertiK.
Crypto crime report
The incident is part of a whirlwind of crypto crime that has escalated in recent months.
Scammers made about $ 14 billion in cryptocurrency throughout 2021, according to a new report from blockchain analytics firm Chainalysis. Losses associated with crypto crimes increased 79% year-over-year, driven by theft and scams. Scams were the largest form of cryptocrime in 2021, amounting to $ 7.8 billion in crypto assets, with $ 2.8 billion in carpet thefts, according to the report. Not far behind, Chainalysis claims, was the robbery, in which cryptocurrency projects were hacked, often running open source software. Theft is reportedly up 516% year-over-year, for a total of $ 3.2 billion in tokens, and around 72% was removed from DeFi protocols.
Decentralized finance, which does not rely on traditional intermediaries and instead runs on smart peer-to-peer contracts in decentralized applications, or DApps, was a clear contributor to the losses, the report notes.
According to DeFi pulse, which tracks related assets, about $ 94 billion was locked in DApps at press time.
The meteoric growth of DeFi transactions has left the cybersecurity industry concerned about its level of security, as some projects are brought to market amid increased investment.
In a 2021 incident, a hacker, infamously nicknamed "Mr. White Hat," breached the Poly Network platform to steal more than $ 600 million in cryptocurrency. In the following days, the threat actor returned all funds. The crypto project offered them a reward for detecting security flaws and reportedly offered the hacker a job as a security consultant. Security experts suggest that the return was not as noble as it sounds, believing that the hacker likely had trouble laundering the funds (see: Poly Network Hacker Reportedly Returns Most Of Stolen Funds).
Library of Congress report
Governments around the world have cited cryptocurrency volatility and market and security risks as the main drivers for enacting radical regulations.
According to a recent report by the Library of congress, the number of countries banning cryptocurrencies has doubled since 2018.
The report establishes whether a country explicitly or implicitly prohibits the assets. An implicit ban includes bans on banks or other financial institutions dealing in cryptocurrencies and bans on cryptocurrency exchanges. The report also looks at the application of tax laws and laws against money laundering and terrorist financing to cryptocurrencies.
The researchers say: "Since the 2018 report was released, the number of countries that have issued crypto bans has increased significantly." The report targets nine jurisdictions with an outright ban on cryptocurrencies and 42 with an implicit ban. Three years earlier, those numbers were eight and 15, respectively.
"Similarly, the application of tax laws, AML / CFT laws ... has increased exponentially," say the researchers. As of November 2021, 103 jurisdictions, including European Union member states minus Bulgaria, have applied similar laws. In 2018, only 33 jurisdictions were found that regulate cryptocurrencies in that regard, and only five apply tax and AML / CFT laws.
Jurisdictions that ban cryptocurrencies entirely include: China, Egypt, Iraq, Qatar, Oman, Morocco, Algeria, Tunisia, and Bangladesh.
'A testament of value'
For blockchain security expert Michael Fasanello, nations that enact strict control over crypto assets are those that normally exercise great control over their people.
Fasanello, who has held various positions within the US Justice and Treasury departments, including for the Treasury Financial Crimes Enforcement Network, says: "Compare this to North America, for example, where investors Institutional and retail institutions have not been restricted from venturing into the blockchain and crypto ecosystems, and it is a true testament to the value of these technologies to a free society. "
Fasanello, who is currently director of training and regulatory affairs at Blockchain Intelligence Group, predicts that in 2022 more regions globally will take "a real position" on whether or not to allow the use of crypto assets. Rather, he says, 2021 was "very much a year of sitting on the fence."
Overt critics of cryptocurrencies, including Sen. Elizabeth Warren, D-Mass., Have continued to express concerns about the proliferation of virtual currencies, citing volatility and security issues (see: Senators urge Treasury Department to target cryptocurrency brokers).
The U.S. Securities and Exchange Commission, under the chairmanship of Gary Gensler, has also indicated that it hopes to have more powers to regulate cryptocurrencies through Congress. Gensler has called the crypto markets the "Wild West" and "riddled with fraud" (see: SEC to monitor illicit activity on DeFi platforms).
