MonoSwap, a decentralized exchange and staking platform, announced a hack on July 24, 2024. Users are advised not to stake or add funds at this time.
Because the platform’s future is still being determined, users were advised by the platform to refrain from making any new deposits or starting any new positions at this time.
In addition to cautioning users from interacting with a malicious link that the protocol discovered in a social media post and requiring them to remove their funds from the platform immediately, MonoSwap issued the notice.
The site claims that on July 23, 2024, one of its developers unintentionally downloaded a rogue phishing application and fell for a con where con artists posing as venture capitalists tricked him into making a phone call. Scammers allegedly downloaded malicious malware onto the developer’s machine during the call, giving them access to the platform’s contracts and wallets. As a result, the hackers could remove most of the platform’s staked liquidity.
As of this writing, MonoSwap has said it is “trying to work with venture capitalists to build a better future for Monoswap” and that “unfortunate things happened, and now we are trying our best to solve this issue.” The company is currently looking into the event.
An increase in cryptocurrency hacks
Bobby Ong, the chief operating officer and co-founder of CoinGecko, alerted the cryptocurrency community on July 11, 2024, to the growing number of cryptocurrency attacks and advised users to avoid interacting with cryptocurrency for the following several days.
Ong says the abrupt increase in attacks resulted from Google selling its domain business to Squarespace. The forced shift of the domains eliminated two-factor security authentication, leaving a security flaw currently being exploited.
Current, well-known instances
Numerous well-known hacks and vulnerabilities have happened after the CoinGecko co-founder issued his warning. ZackXBT, an on-chain detective, recently raised the alarm about Compound Finance’s website, pointing users to a phishing page. The Compound Finance team has subsequently corrected the issue.
Popular Indian cryptocurrency exchange WazirX was breached on July 18, 2024, resulting in the theft of $235 million by hackers thought to be connected to the North Korean Lazurus hacking cell.