The bZx decentralised finance (DeFi) platform has been robbed of $55 million in cryptocurrencies by threat actors. Users can borrow/loan and speculate on cryptocurrency price fluctuations using decentralised finance (DeFi) networks.
Through spear-phishing assaults, attackers gained two private keys for the DeFi platform; the attack was identical to one that previously attacked another user dubbed The incident was not a procedural breach, according to the company.
The phishing letter included a weaponized Word document that, when viewed, ran a script on the developer’s computer, giving the attackers access to the employee’s mnemonic wallet phrase.
The attackers took money from the developer’s personal wallet as well as the two private keys used by the bZx platform to connect to the Polygon and Finance Smart Chain (BSC) blockchains.
The threat actors were able to steal funds from a small number of users who permitted…