{"id":10711,"date":"2024-02-14T17:36:36","date_gmt":"2024-02-14T15:36:36","guid":{"rendered":"https:\/\/forklog.com\/en\/duelbits-crypto-casino-loses-4-6-million-in-hack\/"},"modified":"2024-02-14T17:36:36","modified_gmt":"2024-02-14T15:36:36","slug":"duelbits-crypto-casino-loses-4-6-million-in-hack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/duelbits-crypto-casino-loses-4-6-million-in-hack\/","title":{"rendered":"Duelbits Crypto Casino Loses $4.6 Million in Hack"},"content":{"rendered":"<p>On the night of February 14, hackers targeted the cryptocurrency casino Duelbits, extracting $4.6 million by compromising a private key, according to CertiK analysts.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/CertiKSkynetAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#CertiKSkynetAlert<\/a> ?<\/p>\n<p>Last night <a href=\"https:\/\/twitter.com\/Duelbits?ref_src=twsrc%5Etfw\">@Duelbits<\/a> was exploited and assets worth ~$4.6m were taken in a possible private key compromise (PKC). <\/p>\n<p>All assets were swapped for ETH which currently sits in EOA 0x0428 ? <a href=\"https:\/\/t.co\/MzNqAzBExb\">pic.twitter.com\/MzNqAzBExb<\/a><\/p>\n<p>\u2014 CertiK Alert (@CertiKAlert) <a href=\"https:\/\/twitter.com\/CertiKAlert\/status\/1757681640384381238?ref_src=twsrc%5Etfw\">February 14, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Researchers indicated that the perpetrators withdrew assets stored on the platform, converted them to ETH, and transferred them to another address.<\/p>\n<p>According to Cyvers Alert, the breach was facilitated by a loss of wallet access. The attack affected the Ethereum and BNB Chain networks.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Root cause seems to be loss of wallet access control.<br \/>Address already swapped <a href=\"https:\/\/twitter.com\/search?q=%24USDT&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$USDT<\/a>, <a href=\"https:\/\/twitter.com\/search?q=%24APE&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$APE<\/a>, <a href=\"https:\/\/twitter.com\/search?q=%24SHIB&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$SHIB<\/a> to <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a>. Some of the digital assets are bridged from <a href=\"https:\/\/twitter.com\/search?q=%24BNB&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$BNB<\/a> to <a href=\"https:\/\/twitter.com\/search?q=%24ETH&#038;src=ctag&#038;ref_src=twsrc%5Etfw\">$ETH<\/a>.<\/p>\n<p>We tried to reach the team but no response were given!<br \/>Attacker address: <a href=\"https:\/\/t.co\/nEHiNTfZas\">https:\/\/t.co\/nEHiNTfZas<\/a><\/p>\n<p>Please reach to\u2026<\/p>\n<p>\u2014 ? Cyvers Alerts ? (@CyversAlerts) <a href=\"https:\/\/twitter.com\/CyversAlerts\/status\/1757483470777958456?ref_src=twsrc%5Etfw\">February 13, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Duelbits representatives have yet to respond to the incident or to cybersecurity firms&#8217; warnings.<\/p>\n<p>Meanwhile, Blockaid reported the discovery of a new phishing scheme orchestrated by the Angel Drainer group.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Today our researchers discovered yet another emerging attack vector from the Angel Drainer group \u2014 this time phishing users and leading them to a single Safe Vault contract where 128 wallets have been drained of $403k+ so far. All Blockaid-protected users are safe. ? <a href=\"https:\/\/t.co\/niffQDlciG\">pic.twitter.com\/niffQDlciG<\/a><\/p>\n<p>\u2014 Blockaid (@blockaid_) <a href=\"https:\/\/twitter.com\/blockaid_\/status\/1757469196236243294?ref_src=twsrc%5Etfw\">February 13, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Analysts reported that hackers deployed a smart contract in Safe Vault, which steals user funds. The new scheme has already victimized 128 wallets, collectively losing approximately $403,000 in cryptocurrency.<\/p>\n<p>Earlier, on February 12, a hacker exploited the PlayDapp gaming blockchain platform again, issuing 1.59 billion PLA tokens valued at $253.9 million at market price.<\/p>\n<p>The first incident <a href=\"https:\/\/forklog.com\/en\/news\/hackers-breach-playdapp-gaming-platform-for-31-million\">occurred on February 9<\/a>, when an unknown party minted 200 million PLA ($36.5 million) from an unauthorized wallet.<\/p>\n<p>In January, the crypto industry suffered losses of approximately $126.8 million from hacks and fraud, according to Immunefi.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On the night of February 14, hackers targeted the cryptocurrency casino Duelbits, extracting $4.6 million by compromising a private key, according to CertiK analysts. #CertiKSkynetAlert ? Last night @Duelbits was exploited and assets worth ~$4.6m were taken in a possible private key compromise (PKC). All assets were swapped for ETH which currently sits in EOA [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":10710,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1111],"class_list":["post-10711","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity"],"aioseo_notices":[],"amp_enabled":true,"views":"86","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/10711","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=10711"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/10711\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/10710"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=10711"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=10711"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=10711"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}