Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime

Cryptohack Roundup: Hope Finance, Platypus and Coinbase

Plus, New Malware That Demands Crypto Payments
Cryptohack Roundup: Hope Finance, Platypus and Coinbase
Image: Executium via Unsplash

Every week, Information Security Media Group rounds up cybersecurity incidents in the world of digital assets. In the days between Feb. 17 and Feb. 23, Hope Finance users lost nearly $2 million, decentralized finance firm Platypus is making a plan to compensate victims of the $9.1 million hack on its platform, Cisco Talos discovered a threat actor using two new malware programs to steal crypto and Coinbase shared lessons learned from a social engineering campaign.

See Also: On Demand | Defining a Detection & Response Strategy

Hope Finance

Decentralized finance protocol Hope Finance says it was the victim of a $1.86 million theft on Monday, a claim being met with skepticism by many in the cryptocurrency world who say they hope it's not an exit scam in which key personnel abscond with user funds.

Hope Finance began promoting its project for launch on Feb. 20. But the time of the scheduled launch, an externally owned address had drained a funds pool containing nearly $2 million and deposited it into Tornado Cash. "It seemed at first that Hope Finance may have been exploited, however when examining some of the team's wallet activity it became clear that this was an exit scam," asserts cryptocurrency cybersecurity firm CertiK.


Decentralized finance platform Platypus is hatching a plan to compensate users after a hacker drained $9.1 million from the protocol in three separate attacks by exploiting a smart contract vulnerability. The company shared the suspected attacker's identity with law enforcement agencies and partnered with Binance to conduct the investigation, it said in a Thursday notification.

MortalKombat Ransomware

An unidentified threat actor has been deploying recently discovered malware to steal or demand payments in virtual currency, Cisco Talos said. The MortalKombat ransomware encrypts files and makes the affected system inoperable, while the GO variant of the Laplas Clipper malware is a clipboard stealer that tricks victims into performing fraudulent cryptocurrency transactions.


Crypto exchange firm Coinbase on Feb. 17 shared details of an SMS phishing campaign in which threat actors targeted the company's employees to steal credentials, leading to a minor data breach. The company alleges that the attack is part of the same campaign that targeted Twilio and Cloudflare last year (see: Crypto Exchange Coinbase Details SMS Phishing Attacks).

About the Author

Rashmi Ramesh

Rashmi Ramesh

Assistant Editor, Global News Desk, ISMG

Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.