A crypto investor has lost approximately $27 million in digital assets across multiple blockchain networks. According to reports, the attacker employed the use of sophisticated malware that automated the compromise of private keys.
The reports claimed that the malware was able to target wallets and backups. According to an X post from the founder of the SlowMist Blockchain security firm, the user who was exploited was named “Babur,” and the hackers were able to drain about $27 million in total from their wallet.
Crypto holder loses funds to malware attack
According to the blockchain security expert, it was able to trace some of the biggest transactions. It also highlighted that the exploit was the result of scammers poisoning Babur’s computer after he clicked a malicious website link, which triggered an automatic download of an executable file. This attack wasn’t a typical phishing email; It was more insidious and likely disguised.
Once executed, the malware scanned for critical crypto information and used keyloggers to glean passwords and private keys. After that, it automated the transfer of the data to the hacker. According to popular claims, such poisoning scams are currently mostly effective on computers on which private keys and sensitive data are stored, rather than iPhones.
But since the investigation is still ongoing, everything remains speculation at this point. The founder, who goes by @evilcosuser on X, claims that real poisoning attacks are not as complex or advanced, reassuring everyone that there is no need to panic. The attack on Babur is one of the most recent attacks on the crypto industry.
Last month on the 27th, South Korean cryptocurrency exchange Upbit reportedly had $30 million worth of assets stolen from its Solana wallet due to a security weakness, which led to the theft of Official Trump, USD Coin, BONK, and other tokens. And as in Babur’s case, the weakness enabled private key inference. All digital asset transactions were halted following the incident, which many suspect may have been conducted by the North Korean hacking collective Lazarus Group.
