# Сопутствующие статьи по теме Social Engineering

Новостной центр HTX предлагает последние статьи и углубленный анализ по "Social Engineering", охватывающие рыночные тренды, новости проектов, развитие технологий и политику регулирования в криптоиндустрии.

In-Depth Reconstruction of the $285 Million Drift Hack: How Should DeFi Governance Move Beyond "Amateur Hour"?

On April 1, 2026, Drift Protocol, the largest perpetual futures DEX on Solana, suffered a catastrophic hack resulting in a loss of $285 million. The attack, attributed to a sophisticated social engineering campaign rather than a technical exploit, unfolded over several months. Hackers first infiltrated Drift’s internal circles by posing as a legitimate market maker, building trust over time. They then exploited Solana’s "Durable Nonce" feature to trick core team members into blindly signing transactions that granted administrative control. A critical vulnerability was introduced when Drift migrated to a 2/5 multisig structure without a timelock, allowing instant execution of privileged transactions with just two signatures. The attackers finally triggered the attack by adding a fake token (CVT) to the whitelist, manipulating its oracle price, and using it as collateral to drain the protocol’s treasury. The incident highlights fundamental flaws in DeFi governance, including overreliance on multisig mechanisms that lack intent verification and are vulnerable to social engineering. It underscores the misalignment between retail-grade security tools and institutional-scale treasury management. The hack signals the need for a security paradigm shift in DeFi, including adoption of Hardware Security Modules (HSMs) for key management, intent-based policy engines for transaction validation, and professional third-party custody solutions to ensure institutional-grade safety.

marsbit04/13 12:00

In-Depth Reconstruction of the $285 Million Drift Hack: How Should DeFi Governance Move Beyond "Amateur Hour"?

marsbit04/13 12:00

Steakhouse postmortem reveals DNS hijack caused by registrar 2FA bypass

Steakhouse's postmortem of a 30 March security incident reveals that attackers hijacked its domain through a social engineering attack on its registrar, OVHcloud. The attacker impersonated the account owner, convinced support to disable hardware-based two-factor authentication, and took full control of the account. This allowed them to redirect DNS to a phishing site with a wallet drainer for about four hours. No user funds were lost, as on-chain systems remained secure, and wallet protections quickly detected the fake site. The breach underscores the risk of off-chain infrastructure vulnerabilities and over-reliance on a single registrar. Steakhouse has since migrated registrars, enhanced DNS monitoring, and implemented stricter domain security controls.

ambcrypto04/10 19:03

Steakhouse postmortem reveals DNS hijack caused by registrar 2FA bypass

ambcrypto04/10 19:03

From pig butchering to AI scams: FBI report shows crypto at the center of $20B cybercrime surge

The FBI's IC3 report reveals a sharp 26% rise in cybercrime losses, exceeding $20.8 billion in 2025. Cryptocurrency emerged as the dominant medium for illicit activity, with crypto-related fraud losses reaching approximately $11.36 billion. Investment scams alone accounted for $8.6 billion, often involving sophisticated "pig butchering" schemes run by organized groups. Individuals aged 60 and above were the most affected demographic, suffering $7.7 billion in losses. The report also noted over 22,000 complaints involved AI-related elements, signaling an evolution in fraud tactics. Cyber-enabled fraud constituted nearly 85% of all reported losses, highlighting its role as the primary driver of financial crime in the digital era.

ambcrypto04/07 17:21

From pig butchering to AI scams: FBI report shows crypto at the center of $20B cybercrime surge

ambcrypto04/07 17:21

CertiK Releases Cryptocurrency ATM Fraud Report: Losses Reach $330 Million, AI Scams and Cross-Border Money Laundering Emerge as Major Threats

CertiK's "Skynet Cryptocurrency ATM Fraud Report" reveals that losses from such scams reached $330 million in 2025, a 33% year-on-year increase, making it one of the fastest-growing financial crimes in the U.S. The report highlights that these scams have evolved into a highly organized transnational criminal industry, leveraging social engineering and AI technologies. Cryptocurrency ATMs, with 78% located in the U.S., serve as a rapid channel for fraudsters to transfer funds. Victims, often elderly individuals who account for 86% of the losses, are manipulated via phone calls or messages to deposit cash into these machines. The funds are quickly converted into cryptocurrency and transferred to wallets controlled by criminals, making recovery nearly impossible once the transaction is on the blockchain. AI-driven scams, including voice cloning and deepfake videos, have proven 4.5 times more profitable than traditional methods. Criminal networks use automated scripts and employ "smurfing" tactics to bypass transaction limits. The illicit funds are rapidly laundered through mixing services, cross-chain bridges, and decentralized exchanges, often within minutes. The report emphasizes that the only effective intervention point is at the transaction entry level, before funds are on-chain. It calls for enhanced KYC measures, industry-wide intelligence sharing, real-time risk screening, and stronger cross-border law enforcement cooperation to combat this escalating threat.

marsbit04/02 07:36

CertiK Releases Cryptocurrency ATM Fraud Report: Losses Reach $330 Million, AI Scams and Cross-Border Money Laundering Emerge as Major Threats

marsbit04/02 07:36

ZachXBT Exposes Crypto Scams Exploiting Iran War Narrative to Target Users

ZachXBT has exposed a coordinated crypto scam campaign exploiting the Iran war narrative to target users globally. Scammers are leveraging breaking news through phishing attacks, fake websites, and social media impersonation to steal credentials. These attacks use fear-based stories and impersonate trusted services to manipulate users into making impulsive decisions without verification. The investigation highlights that scammers constantly update their tactics to capitalize on geopolitical events, misinformation, and emotional investment decisions. ZachXBT urges users to verify sources, avoid suspicious links, and use authentic platforms to mitigate risks amid rising global crypto scams.

TheNewsCrypto03/23 12:56

ZachXBT Exposes Crypto Scams Exploiting Iran War Narrative to Target Users

TheNewsCrypto03/23 12:56

BONK.fun relaunches after domain hijack, confirms $30K in losses

BONK.fun has restored its website following a domain hijack incident that resulted in approximately $30,000 in user losses. The breach, caused by a social engineering attack targeting its domain service provider, led to an unauthorized domain transfer. The attackers did not compromise BONK.fun’s internal systems or codebase. A phishing interface was deployed, tricking users into signing malicious transactions. The team will reimburse affected users at 110% of their losses. Full functionality was restored by March 19, though some antivirus providers still flag the domain. BONK’s price remains weak, trading near $0.0000059. The incident underscores vulnerabilities in third-party infrastructure rather than protocol-level flaws.

ambcrypto03/20 21:03

BONK.fun relaunches after domain hijack, confirms $30K in losses

ambcrypto03/20 21:03

Skynet Crypto ATM Fraud Report Highlights Surge in US Crypto ATM Scams

The newly released Skynet Crypto ATM Fraud Report reveals a sharp rise in cryptocurrency kiosk scams across the United States, with losses reaching $333.5 million in 2025. These scams, driven by organized criminal networks, exploit the speed and anonymity of crypto ATMs to defraud victims through social engineering tactics. Scammers often impersonate government or bank officials to manipulate victims—disproportionately seniors over 60—into depositing cash into machines that transfer funds directly to criminal-controlled wallets. The report highlights challenges in tracing transactions due to structural gaps in kiosk systems and the use of sophisticated laundering techniques. While regulators and operators are implementing stricter verification and real-time analytics, public awareness and pre-transaction interventions remain crucial to combating this growing financial crime.

TheNewsCrypto03/13 00:32

Skynet Crypto ATM Fraud Report Highlights Surge in US Crypto ATM Scams

TheNewsCrypto03/13 00:32

OG Trader Sillytuna Says $24M Crypto Theft Came With Violent Threats

Sillytuna, a prominent early Ethereum NFT trader, reported a $24 million cryptocurrency theft involving AUSD and aETHUSDC. The incident, which occurred on March 4, 2026, combined an on-chain address-poisoning scam with real-world violence, weapons, and threats of kidnapping and rape. Although physically unharmed, Sillytuna was deeply shaken and announced he is leaving the crypto space. He later offered a 10% bounty for the recovery of the funds, even to those involved in the crime. This case highlights a trend of hybrid crypto crimes where online scams escalate into physical threats. Recent months have seen similar high-value thefts, including a $50 million USDT loss in December 2025, indicating that even experienced traders are vulnerable to sophisticated, multi-layered attacks.

bitcoinist03/06 07:02

OG Trader Sillytuna Says $24M Crypto Theft Came With Violent Threats

bitcoinist03/06 07:02

TRM Labs Reports $35B Lost to Crypto Scams Worldwide in 2025

TRM Labs reports that crypto-enabled fraud resulted in an estimated $35 billion in global losses in 2025, with over $100 million affecting New Yorkers. The actual figure may exceed $200 billion due to underreporting. Criminals use advanced tactics like social engineering and AI, moving funds rapidly across wallets and chains, making recovery difficult. The report emphasizes the need for better law enforcement training, advanced blockchain and AI tools, and modernized regulations like the RIP OFF Act to combat increasingly sophisticated crypto crime networks.

TheNewsCrypto03/05 13:48

TRM Labs Reports $35B Lost to Crypto Scams Worldwide in 2025

TheNewsCrypto03/05 13:48

If You Hold XRP, Then You Should See This Message From A Developer

A developer has issued a warning about a new wave of deceptive NFT scams targeting XRP Ledger (XRPL) users. These scams involve fraudsters sending unsolicited NFTs to wallets, such as Xaman, and tricking users into interacting with them. By accepting or signing a transaction, victims may unknowingly surrender control of their funds in exchange for worthless tokens. The attack relies entirely on social engineering and human error, not a technical flaw in the XRPL. The developer, Wietse Wind, advises users to treat any unexpected NFT as a red flag and to avoid interacting with it. The safest action is to cancel any suspicious offers in the ‘Events’ and ‘Requests’ sections of the wallet. While ignoring the offer is safe, canceling it is strongly recommended. Community awareness is crucial to combat these scams.

bitcoinist03/02 18:02

If You Hold XRP, Then You Should See This Message From A Developer