Discover more from Token Dispatch
North Korea's Lazarus Group is back 🦹♂️
Hackers swipe over $100M from Atomic Wallet users. Sound.xyz grooves with Ethereum Optimism. Snoop Dogg's NFT tour pass. Adidas + Fewocious NFTs. Solo Bitcoin miner hits $160,000 jackpot.
This is The Token Dispatch. Hit us on telegram 🤟
Guess who's back? North Korea's infamous hacking group, Lazarus, has resurfaced with a jaw-dropping $100 Million crypto heist.
So who faced the music? Atomic Wallet.
Atomic is a non-custodial mobile wallet that allows users to keep the private keys for their crypto on their own devices, without trusting a custodian. Users take full responsibility for securing their assets.
But it seems someone found a loophole.
The June 3 incident: A huge exploit has hit the noncustodial decentralised wallet, and users reported losses of their entire cryptocurrency portfolios.
Result: The exploit has resulted in losses surpassing $100 million, affecting approximately 5,500 crypto wallets - Elliptic finds out.
To put it mildly, this is no small potatoes.
The severity of the attack is underscored by its link to the notorious Lazarus Group, infamous for pilfering over $2 Billion in crypto assets through a series of high-profile thefts.
Atomic Wallet has over 1 Million downloads in the Google Play store. That's a lot of users who may be feeling a bit uneasy right now.
In the midst of this crypto chaos, blockchain analysis firm Elliptic has uncovered a significant revelation.
It has attributed the heist to none other than the Lazarus Group, a cybercrime syndicate with a knack for digital asset theft.
This isn't their first rodeo, though (we’ll get to that). Now, their fingerprints are all over the Atomic Wallet heist, leaving the crypto community on high alert.
Elliptic is collaborating with international investigators and exchanges, mobilising its resources to recover the stolen assets. Their efforts have already led to the freezing of over $1 million worth of the pilfered funds. However, as the thief adjusts their tactics, turning to the Russian-based Garantex exchange for money laundering, the chase becomes all the more intense.
Amidst the chaos, one question lingers: what caused such substantial losses? Unfortunately, Atomic Wallet has remained tight-lipped about the root cause of this devastating breach. While they acknowledged compromised wallets in a tweet, downplaying the impact, the massive scale of the losses speaks for itself.
The lack of transparency and updates from Atomic Wallet has drawn criticism from the Twitterverse.
Concerns and theories
As the dust settles, experts speculate on the possible vulnerabilities that led to the exploit. Some suggest that flaws in Atomic Wallet's technical design may have allowed hackers access to users' crypto.
Last year, security gurus Least Authority sounded the alarm bells about Atomic Wallet's vulnerabilities in a now-deleted blog post. They pointed out some major issues, like Atomic's funky cryptography implementation, its lacklustre adherence to wallet design best practices, and even some wonky usage of Electron, a framework for building desktop apps.
According to the ever-wise Dyma Budorin, the CEO of Hacken, there are a few theories floating around on how this hack party got started. One possibility is that Atomic's method of generating those fancy recovery phrases, a.k.a. seed phrases, didn't quite produce the random word sequences needed to keep those sneaky hackers at bay.
North Korea and Lazarus Group
North Korea-linked hackers are at it once more, breaking records with their mind-boggling thefts. They have become the unrivalled champions of the crypto heist world.
The popular ones:
Lazarus Group was linked to a theft of about $615 million worth of cryptocurrency tied to the online game Axie Infinity. The stolen digital cash was from Ronin, a blockchain network that lets users transfer crypto in and out of the game. The U.S. Treasury Department made the connection to Lazarus Group and a North Korean hacking group, although no one has explicitly assigned blame for the hack.
The FBI confirmed that the Lazarus Group was behind a $100 million hack of the Harmony Protocol. The hack targeted a cross-chain bridge connecting Harmony, a layer-1 blockchain, to Ethereum, Bitcoin, and Binance Chain. Over $60 million of ETH stolen during this heist was laundered on January 13, 2024.
According to Chainanalysis, these cybercriminals, part of the notorious Lazarus Group syndicate, swiped a staggering $1.7 billion worth of cryptocurrency in 2022, shattering their own thieving records.
Not content with regular hacks, they have set their sights on the booming world of decentralised finance (DeFi). In fact, $1.1 billion of their total haul came from hacking DeFi protocols. Why? Well, it turns out that DeFi hacks give them access to illiquid tokens that aren't listed on centralised exchanges, making them the perfect targets. To convert their loot into more liquid assets, they turn to other DeFi protocols, like decentralised exchanges (DEXes).
And let's not forget the bigger picture—these stolen funds are believed to be funding North Korea's nuclear weapons programs.
TTD NFT 🐝
Sound.xyz grooves with Ethereum Optimism
Sound.xyz just cranked up the excitement by adding support for Ethereum's layer-2 Optimism.
They've released a totally awesome free-to-mint NFT called "V Buterin".
This Eurodisco dance track is a tribute to the legendary Ethereum creator, Vitalik Buterin. The track chronicles Buterin's rise to fame in the crypto community. With its catchy beats and playful lyrics, The chorus of the song calls Buterin "Ain't no Charles Hoskinson," presumably as a compliment.
Snoop Dogg's NFT tour pass
Snoop Dogg and entertainer, Calvin "Snoop Dogg" Broadus Jr., is diving headfirst into the world of Web3 with his latest creation: the Snoop Dogg Passport NFT.
This magical NFT pass, minted on the Ethereum scaling network Arbitrum, unlocks a whole universe of exclusive content and opportunities tied to Snoop Dogg's upcoming concert tour.
This evolving digital tour collectible not only grants you backstage access and behind-the-scenes footage, but it also opens doors to merchandise, ticket sales, and even special music playlists. And if that wasn't enough, NFT buyers will receive a fantastic piece of "Snoop Selects" digital artwork as an airdrop. 🎨💥
Adidas + Fewocious NFTs
Adidas and digital artist Fewocious are teaming up to release a limited edition collection of 4,500 NFT mint passes called "Trefoil Flower." These unique digital collectibles will be available exclusively on the OpenSea marketplace from June 22nd. But here's the twist: each Trefoil Flower NFT will serve as a direct redemption ticket for a pair of exclusive Adidas Originals Campus 00s sneakers. These physical sneakers will be embedded with an NFC tag and linked to their companion NFT. It's an exciting fusion of art, fashion, and blockchain technology that's set to revolutionise sneaker culture.
TTD Jackpot 💰
For the third time this year, a solo Bitcoin miner has cracked the code and solved a block worth a whopping $160,000.
What makes this achievement even more impressive is that the miner accomplished it by renting six-year-old hardware. With limited processing power, this miner defied the odds, beating a one-in-5,500 chance of success.
The miner worked their magic on the Solo CKPool platform. Con Kolivas, the admin of Ck Pool, highlighted the rarity of this accomplishment, mentioning that it would typically take around 450 years for a miner of this size to solve a Bitcoin block.
This lucky miner is likely using a single S9 Bitmain Antminer unit, a trusty machine from 2017. Proof-of-work mining at its finest.
Mining is the backbone of cryptocurrencies - the more mining rigs a miner has, the more chances they have at hitting those lucrative block rewards and transaction fees.
And these solo miners seem to have found their secret weapon in the Solo CK Pool mining service. Back in March, another solo miner struck gold using the same service.
While some argue that proof-of-stake blockchains are more environmentally friendly, these proof-of-work miners are showing that there's still magic to be found in their computational puzzles.
TTD Numbers 🔢
Something about Tether again.
Tether has struck again with another billion-dollar creation.
This time, they've whipped up $1 Billion worth of their Tether USDT stablecoin on the Ethereum blockchain - their second billion-dollar mint in just two months.
Now, Tether's total USDT supply for 2023 has soared to over $16 billion. Its market capitalisation has skyrocketed to over $83 billion, leaving other stablecoin issuers in its digital dust.
It's all part of Tether's ingenious plan called "inventory replenish" on the Ethereum network.
Listen to Tether's CTO, Paolo Ardoino
Chain swaps: Traders use this process to transfer their precious crypto treasures from one blockchain to another. By performing a chain swap, they can explore new realms and access other blockchains that support their favourite cryptocurrencies.
Ardoino revealed that Tether partners up with various crypto platforms to maintain a balanced distribution of USDT liquidity across different blockchains. Imagine a crypto exchange finding itself with an excess of USDT on the Ethereum blockchain but a shortage on the Tron blockchain. To solve this conundrum, they'll simply chain-swap their Ethereum-based USDT to the Tron blockchain. Problem solved, liquidity balanced.
TTD Surfer 🏄
SEC says that it may take up to four months to respond to Coinbase's request for rulemaking on digital asset trading.
Uniswap Labs has released draft code for a new version of the protocol, Uniswap V4 - more customisation and potentially more experimentation.
Ripple is calling for a fresh investigation into William Hinman, a former director of SEC's Division of Corporation Finance.
If you like us, if you don't like us .. either ways do tell us✌️
So long. OKAY? ✋
The Token Dispatch is a daily newsletter that takes you on a 4-5 minute drive through the wild west of the Crypto World. Daily in your email inbox @13:00 GMT. Almost always.