Circle Makes Inroads in Singapore with License Award

Linear Finance Dealing With LUSD ExploitLinear Finance, the Hong Kong-based DeFi protocol, made an announcement by way of a blog post published to the project’s website on Thursday, suggesting that the project’s native stablecoin, LUSD, has come under attack.Photo by Markus Spiske on UnsplashTaking precautionary actionThis security breach has prompted the team to take immediate action to safeguard user accounts and the project’s integrity. The project team is actively investigating the exploit attack on LUSD. It has issued a stern warning to its users, advising them against buying or trading LUSD until the team can confirm the situation’s status.This measure is aimed at preventing further complications and ensuring the community’s interests remain protected. Furthermore, the project has temporarily suspended liquidations to secure users’ accounts. This step has been taken to mitigate immediate concerns and ensure that no user faces undue losses as a result of the exploit.Assets disposed on PancakeSwap & AscendexAmid the ongoing investigation, Linear Finance’s team has pledged to provide timely updates as soon as more information becomes available. In explaining away the nature of the attack, the project team clarified:”The attacker was able to mint an unlimited supply of LAAVE and subsequently traded the liquid asset to LUSD on the Linear Exchange, prior to selling it on PancakeSwap and Ascendex.”Project responseIn its efforts to deal with the issue, the Linear Finance project team has engaged an on-chain data specialist to track down the attackers. The Linear bridge contract has been disabled relative to LUSD. All protocol contracts that allow tokens to be minted, exchanged, or burnt have been paused. Meanwhile, wallets identified as having been involved in the protocol exploit have been shared with the authorities and major cryptocurrency exchanges.Synthetic asset protocolLinear Finance creates synthetic assets with the protocol design enabling unlimited liquidity. The network has been built on top of the Ethereum blockchain. As a consequence of activity surrounding the exploit, trading of LUSD over the course of the past 24 hours has proven to be out of the ordinary. At the time of writing volume over the past 24-hour period had increased by 8412%. The current market price of the stablecoin stands at $0.9874.Protocol and network hacks and exploits have been coming in thick and fast in recent days. Hong Kong crypto exchange CoinEx has been trying to recover from a $70 million hack on the platform over recent days. Meanwhile, Seychelles-headquartered peer-to-peer crypto platform Remitano suffered a $2.7 million hack late last week.On Wednesday, the project team behind DeFi protocol Balancer warned network users that the Balancer front-end user interface was under attack. The Ethereum-based DeFi network fell victim to another exploit last month, resulting in losses in the region of $900,000.In the dynamic crypto sector, unforeseen events like potential exploits can disrupt the market and sow uncertainty. The issue remains a major challenge both for centralized exchange platforms and DeFi protocols.

Suspected Malicious Activity Drains AnySwap Tokens via Multichain ExecutorAccording to an on-chain sleuth known as Spreek, a person is using the Multichain Executor to drain tokens associated with the AnySwap bridging protocol.Multichain is a cross-chain routing network, established and maintained by a Chinese developer team. It supports in excess of 25 blockchains and more than 1,100 tokens.Photo by Marek Piwnicki on Unsplash$100 million outflowThis revelation comes after abnormal outflows of over $100 million from Multichain bridges on July 7, which were flagged by the Multichain team. Spreek’s report via Twitter on July 10 states that the Multichain Executor address has been draining anyToken addresses across multiple chains and transferring them to a new externally owned account (EOA).Evidence provided in the report includes an Ethereum transaction, 0x53ede4462d90978b992b0a88727de19afe4e96f0374aa1a221b8ff65fda5a6fe, which called the “anySwapFeeTo” method on the Multichain Router: V4 contract. This transaction resulted in approximately $15,275.90 worth of anyDAI being minted on Ethereum, sent to the Multichain Executor, burned, and exchanged for the underlying DAI backing the asset.The funds from these transactions were sent to the following address:0x1eed63efba5f81d95bfe37d82c8e736b974f477b. Similarly, on the BNB Smart Chain (BSC), the Multichain Executor used the anySwapFeeTo function to convert $208,997 worth of anyUSDC into Binance-pegged USDC and sent them to the same address. Additionally, 50.80 anyBTC, equivalent to $39,251.43 at the time, was converted into Binance-pegged Bitcoin and sent to the address.In total, approximately $263,524.33 worth of tokens were sent to this address through the anySwapFeeTo method. Spreek suggests that this behavior could be part of the protocol’s normal functioning. However, a different account engaged in similar activity the day before and ultimately sold the drained tokens, indicating malicious intent.Potential exploitSpreek theorizes that the attacker may be exploiting the anySwapFeeTo function by setting fees to an arbitrarily large amount, allowing them to drain users’ funds. The function apparently permits setting any value, enabling the address to choose the total value of the token held in that anyToken.The Multichain incident has puzzled blockchain analysts, as it remains unclear whether it resulted from an exploit or if it was simply large token-holders moving their funds between networks. The mystery began on July 7 when over $100 million worth of tokens were withdrawn from the Ethereum side of Multichain’s bridges and transferred to wallet addresses with no prior transactions. This represented the majority of funds held on each bridge.Hack or rug pullThe Multichain team labeled these withdrawals as “abnormal” and advised users to stop using the protocol. However, they have not disclosed the source or nature of the anomaly. In response to the incident, stablecoin issuers Circle and Tether froze some of the addresses involved in the suspicious transactions. Chainanalysis, a blockchain analytics firm, has commented that the incident appears more like a hack or rug pull rather than a migration.Adding to the complexity, the Multichain team has reported that their CEO is missing, and they have shut down certain bridges due to losing access to some of the network’s multi-party computation network servers. There have been various concerns relative to Multichain since May. The situation continues to evolve, with ongoing investigations and efforts to mitigate any potential damage caused by the suspected malicious activity.

HTX resumes Bitcoin and Ether services post $30 million hackDigital asset exchange HTX has successfully reinstated deposit and withdrawal services for major cryptocurrencies, including Bitcoin (BTC) and Ethereum (ETH), following a recent security breach that saw the platform drained of $30 million.Photo by Traxer on UnsplashMoving towards normal exchange operationsIn an official announcement published to its website on Sunday, HTX reported the restoration of services for specific virtual assets through the ERC20 blockchain, signaling a positive step toward normalcy. The exchange assured users that additional services would resume shortly.The statement listed more than 60 individual digital assets that have now been restored from the perspective of user withdrawals.Amidst the controversy sparked by the hack, HTX emphasized its commitment to covering all losses from its reserves. The exchange pledged ongoing investigations and the reinforcement of security measures to prevent a recurrence of such events in the future. The announcement stated:“Since its founding, HTX has remained committed to a policy of 100% reserves, ensuring our capacity to meet the withdrawal needs of all users.”Airdrop event plannedThe Seychelles-incorporated exchange also outlined details on an upcoming airdrop designed to incentivize community participation in the aftermath of the significant hack. The airdrop aims at users holding Rockets, with the value set at one USDT, and those possessing leading assets like HT, BTC and ETH will witness multiplied ticket values.The platform experienced a significant security breach alongside a similar incident on the HECO bridge, resulting in total losses exceeding $85 million. Justin Sun, an advisor to the exchange, pledged full compensation for all losses and temporarily suspended deposits and withdrawals until identified risks were addressed.Justin Sun controversySun provided additional insights through a series of posts on the X platform. He confirmed the full functionality of major cryptocurrencies, including BTC, ETH, TRX and USDT, and expressed expectations for the restoration of all others by the upcoming week. Sun wrote:“The majority of the work has been accomplished, and we aim to restore the remaining currencies gradually in the next few days, with all work expected to be completed by next week.”Justin Sun, known for his involvement in platforms that recently faced security breaches, reassured users of the ongoing efforts to enhance safety measures. This incident marked the fourth unfortunate event linked to Justin Sun-related platforms within a short span. HTX, formerly known as Huobi, suffered a $30 million hack, following HECO bridge, Poloniex and a prior HTX security breach.The controversial founder of the TRON blockchain network has come in for criticism of late. Travis Kling, Founder and Chief Investment Officer (CIO) of crypto fund Ikagai Asset Management, was scathing of Sun in comments made on the X platform on Monday. Kling wrote:“[Justin Sun] has been hacked four times in the last two months” . . . “He’s a criminal and terrible for crypto and the sooner we get him out, the better.”Earlier this month, the Poloniex crypto exchange fell victim to a $100 million hack, causing a stir within the wider crypto community. The exchange, like HTX, assured users of full compensation and even initiated a white hat bounty of $10 million for the safe return of assets, having identified the responsible party and indicating the initiation of criminal proceedings.