Crypto fraud: a hacker has recently stolen over 1 million dollars from the Levana protocol, highlighting the security challenges in the cryptocurrency field. Let’s see all the details below.
The challenge of security in crypto protocols: the Levana protocol fraud
As anticipated, in a thread on X, Levana reported that an attacker has stolen approximately 10% of her liquidity reserves, resulting in a loss of 1.14 million dollars.
The decentralized finance startup has suffered a security exploit, revealing that the attack started 14 days ago. Specifically, it was orchestrated by seven wallets controlled by a single malicious actor.
Levana has declared that the attacker initially drained about 4% of its liquidity providers, subsequently increasing it by an additional 5% “until the protocol was closed from opening new positions”.
The team has specified that the issues encountered stem from fundamental issues with Tendermint and Cosmo SDK. The Pyth oracle, although involved in the attack, does not have any known vulnerabilities.
A presumed attacker launched a congestion attack on the Osmosis chain, preventing Levana users from interacting with the markets for a foreseeable period.
The protocol stated that the incident was caused by an “oracle attack”. However, it is now resolved, ensuring that the positions and profits of the traders are safe, and the closing of positions is proceeding as usual.
We remind you that, founded in 2021, the Levana protocol is a decentralized perpetual trading system that enables leveraged positions for cryptocurrencies.
Even Catalyx exchange suffers a security breach: investigation underway
Recently, even the Canadian crypto exchange Catalyx had to suspend all trading, deposits, and withdrawals following a recent security breach.
The incident has compromised an undisclosed amount of customer funds, leading CatalX CTX Ltd., the organization behind the exchange, to initiate an internal investigation.
The objective is to determine the extent of the violation and identify possible responsible parties, including the potential involvement of an employee.
The investigation, which is currently ongoing, is examining various aspects, including the possibility of internal involvement in the incident.
The Canadian regulatory authorities have intervened. The Alberta Securities Commission has issued a 15-day freeze order on Catalyx, limiting the trading of cryptographic contracts.
The freezing order is in effect until January 5th, and Catalyx CEO, Jae Ho Lee, has stated that he will comply with the regulatory directive in response to the security breach. security.
Brief focus on the blockchain security report in 2023
During the year, Mixin Network, Euler Finance, Multichain and several other protocols have suffered asset losses of hundreds of millions of dollars, according to the December 2023 report from the blockchain security platform Immunefi.
The report indicates that a total of 3 billion dollars were lost during the year due to hacker attacks and web scams. 17% of these losses are attributed to the Lazarus Group, an organization with ties to North Korea.
The main hacker attack of the year, in terms of losses, was the one on the peer-to-peer trading platform Mixin Network, which caused losses exceeding 200 million dollars for cryptocurrency investors.
The second place was taken by the 197 million dollar exploit on the Euler Finance lending platform, followed by the 126 million dollar hacking of the cross-chain bridge protocol Multichain.
Despite a 52% reduction compared to the previous year, the overall losses of 1.8 billion dollars still highlight a significant impact.
The vast majority of losses come from hacker attacks rather than fraud, with only 103 million dollars attributed to clearly identifiable fraud schemes, such as rug pulls.
Over 1.6 billion dollars have been lost due to attacks and exploits, with the majority of losses (1.3 billion dollars) coming from protocols that claimed to be decentralized.
The report also indicates that only 409 million dollars have been lost from centralized finance (CeFi) cryptographic protocols.