Hackers and threat actors continue to infiltrate companies, blockchain projects and Web3 firms by exploiting remote work arrangements.
Hackers posing as legitimate information technology (IT) workers who have infiltrated Web3 projects have stolen roughly $1 million in crypto during the past week, according to onchain investigator and cybersecurity analyst ZackXBT.
Several entities were impacted including Favrr, a Web3 fan-token marketplace, non-fungible token (NFT) projects Replicandy and ChainSaw, along with other teams the onchain sleuth did not name in his Friday X post.
The hackers exploited the minting mechanism for the NFT projects, minting mass quantities of NFTs, selling them, and causing the price floor to drop to zero while they extracted profit, ZackXBT said.
Following the exploits, the threat actors transferred the stolen funds through exchanges and multiple wallets. The funds from the ChainSaw hack “mostly remain dormant,” while the stolen crypto from Favrr was transferred to nested services, the onchain detective said.
Infiltration of crypto and blockchain projects by malicious software developers continues to be a problem in the industry, causing financial losses to users and undermining the efforts of software development teams worldwide.
Companies worldwide facing security threats from the inside
In November 2024, cybersecurity researchers identified a team of hackers with ties to the North Korean government known as “Ruby Sleet” infiltrating aerospace and defense contractors in the US.
The researchers also found the hackers associated with this cybercrime syndicate began targeting information technology firms as well, infiltrating the organizations, setting up fake recruitment initiatives, and targeting these companies with social engineering scams.
Source: https://cointelegraph.com/
