The founder of a security firm is warning that phishing attacks are becoming more sophisticated even though there are fewer cases. A faulty smart contract has locked 24 million dollars worth of Lido-staked SOL (stSOL). Meanwhile, United States officials have transferred billions of dollars worth of Silk Road era Bitcoin. Here are three significant developments that have marked the last 24 hours.
CertiK Releases Hack Report
While hack attacks seem relatively typical for the first quarter of 2024, Ronghui Gu, co-founder of blockchain security firm CertiK, has raised concerns about the increasing complexity of private key dangers and phishing attacks.
Gu stated in his remarks that losses attributed to the capture of private keys have increased significantly in this quarter compared to the first quarter of 2023. CertiK highlighted in its quarterly security report titled Hack3d that losses from private key attacks reached 239 million dollars, despite only 26 incidents.
When compared to the same period in 2023, where losses were around 18.8 million dollars, there has been a 1,171% increase in losses caused by compromised private keys this quarter.
Major Mistake by Lido Team
A faulty smart contract accidentally locked 24 million dollars worth of stSOL on the liquid staking platform Lido. Lido on Solana allowed users to stake Solana for an annual return of 5%, but it went bankrupt in October 2023 due to unsustainable finances and low fees.
Users were supposed to retrieve their stakes through a user-friendly frontend by February, but this option was removed, leaving them only with the manual option through Solana’s command line interface (CLI). Lido Discord members reported that the CLI was too complex to use, and 31,588 stSOL owners were stuck with a total of 24 million dollars worth of tokens.
The problem may not be user error, as Pavel Pavlov, a product manager at P2P Validator, once behind Lido on Solana, revealed in a Discord message dated March 30 that there was an issue with the smart contract behind the withdrawal function. Pavlov stated that Lido DAO needed to change the complex and time-sensitive smart contract, hence they were exploring temporary solutions that did not require smart contract changes.
Notable Move by DOJ Officials
The US Department of Justice (DOJ) has moved approximately 2 billion dollars worth of Bitcoin seized in connection with Silk Road to a new address. Blockchain data shows that a wallet associated with the DOJ made a 0.001 Bitcoin transaction to a Coinbase Prime address as a test, presumably before transferring the remainder of the funds. Shortly after, the same wallet transferred 30,174 Bitcoin.
Analysts linked these funds to James Zhong, who was convicted of charges related to Bitcoins obtained illegally from Silk Road, through on-chain data. US officials seized the stolen Bitcoins during a raid on Zhong’s property in 2021.
Less than two years later, in March 2023, government officials confirmed that they had sold approximately 9,861 Bitcoins seized from Zhong. Silk Road was shut down over a decade ago, and its creator Ross Ulbricht is currently serving two life sentences without the possibility of parole.
