An exploiter returned 80% of the $227,000 stolen from Astrid Finance from an attack on 28 October following a withdraw function argument manipulation. Using an on-chain message the following day after the attack, Astrid convinced the hacker by offering him 20% of the funds and returning the rest with the threat of taking legal action if not received by 31 October. Astrid stated that they have refunded stolen funds and the rest will be transferred to a multi-signature wallet to help audit and develop Astrid’s smart contracts following the hack.
Since the start of this year, crypto hackers have stolen $1,410,669,002 worth of coins, with 292 incidents being recorded. It was also a big month for crypto hacks in October where just over $22 million worth of cryptocurrency was lost. Specifically, reports identified that 45.8% of stolen crypto was on the BNB Chain and 37.5% on Ethereum.
At least 25 LastPass users were the target of an attack leading to losses of $4.4 million. Taylor Monahan, a developer of ZachXBT and MetaMask reported. at least 80 crypto wallets were compromised after a breach of LastPass’s cloud storage service last year. Amongst the crypto being stolen were Bitcoin, Ethereum, BNB, Arbitrum, Solana and Polygon blockchains.
A new form of malware, named ‘KandyKorn’, used by the Lazarus group attempted to compromise a crypto exchange. Supposedly, people from the Lazarus group acted as blockchain engineers and targeted engineers on Discord from an unnamed crypto exchange. Hackers prompted the engineers to download a “bot” that hackers claimed could help profit from discrepancies between crypto prices on different exchanges.