A Wallet Linked to Mask Network Founder Suji Yan Compromised, Resulting in the Theft of Nearly $4 Million in Cryptocurrencies
A wallet linked to Suji Yan, founder of Mask Network, was compromised, leading to the theft of nearly $4 million in cryptocurrencies, which were quickly dispersed among multiple addresses.
The Attack Highlights the Increasing Sophistication of Cybercriminals in the Web3 Ecosystem, Requiring Real-Time Monitoring and Enhanced Prevention Strategies
This incident highlights the growing sophistication of cybercriminals in the Web3 ecosystem, necessitating real-time monitoring and strengthened prevention strategies.
An Estimated Loss of Several Million Dollars
The stolen funds include various digital assets, such as 113 ETH (approximately $265,000), 923 WETH, 301 ezETH, 156 weETH, 90 pufET, 48,400 MASK, 50,000 USDT, and 15 swETH. These amounts were quickly converted to ETH and dispersed across six different wallets, complicating transaction traceability. One of the wallets involved in the operation ends with ‘df7,’ according to Cyvers’ investigations.
Suspicious Transactions Detected on the Blockchain
On February 27, the on-chain cybersecurity platform Cyvers Alerts reported suspicious flows from an address associated with Suji Yan, founder of Mask Network. According to the analysis, nearly $4 million in cryptocurrencies were transferred to addresses considered suspicious, following Yan’s wallet hack.
An Increasing Sophistication of Web3 Attacks
This incident underlines the increasing sophistication of threat actors in the Web3 space and underscores the urgent need for real-time transaction monitoring, proactive prevention, and swift response in case of an incident.
Meir Dolev, co-founder of Cyvers, expressed concern about the evolution and refinement of techniques used by cybercriminals in the web3 ecosystem. He emphasizes the need for real-time transaction monitoring, proactive prevention, and quick response to minimize the impact of such attacks.
A New Episode in a Series of Large-Scale Hacks
This theft is part of a wave of attacks targeting major entities in the crypto industry. On February 21, Bybit experienced a $1.4 billion hack, and on February 26, the Pump.fun platform was also compromised. These incidents demonstrate a growing threat to exchange platforms and digital wallets.
Increasingly Ingenious Hackers
The attack against Bybit illustrates the complexity of new methods used by hackers. According to analysis, the exploit was made possible by compromised credentials from a Safe Wallet developer. Unlike traditional attacks targeting smart contracts, the hackers exploited a vulnerability in the user interface, sending transactions that appeared legitimate before diverting the funds to an external wallet.
Martin Köppelmann, co-founder of Gnosis / Safe, mentioned the possible involvement of the Lazarus group, notorious for sophisticated attacks in the crypto space. According to him, these North Korean hackers deliberately avoided targeting other accounts using Safe products to avoid arousing suspicion and preserve their attack methods.
