MEVbots backdoor drains users’ Ethereum funds via arbitrage trading bot
An investigation of MEVbots’ contract revealed a backdoor that allows the creators to drain Ether from its users' wallets. MEV gain, an Ethereum (ETH) arbitrage trading bot built by MEVbots, which claims to provide stress-free passive income, has been actively draining its users’ funds via a fund-stealing backdoor. Arbitrage bots are programs that automate trading for profits based on historical market information. An investigation of MEVbots’ contract revealed a backdoor that allows the creators to drain Ether from its users' wallets. Our analysis confirms what the @mevbots promotes for....
Related News
Prominent Bitcoin developer Peter Todd alleged on Monday, October 6, that the US National Security Agency (NSA) is “looking to backdoor crypto again” via the rollout of so-called quantum-secure algorithms—this time by pushing deployments that exclude tried-and-tested classical cryptography. “Tl;dr: the NSA is clearly looking to backdoor crypto again with the rollout of “quantum secure” […]
Bitcoin’s Lightning Network was designed to make Bitcoin transactions faster and cheaper. But according to a recent discovery by a now former Lightning developer Antoine Riard, there’s a major security flaw in the network that puts users’ funds at risk. Taking to a thread on the Linux Foundation’s public mailing list, Riard detailed the new […]
Major Bitcoin mining hardware producer Bitmain can remotely shut down almost all active Antminer machines. Dubbed the “Antbleed” backdoor, abuse of the vulnerability could probably knock half of all hash power on the Bitcoin network offline. “Even if Bitmain had no bad intent, this is a gaping security hole,” said our source, who discovered the backdoor but asked to remain anonymous. The backdoor code can be seen on Pastebin and on GitHub, and today a website has been put up for Antbleed as well. How It Works. The Antbleed backdoor is “stupid simple,” as our source described it. Whenever....
It is clear a solution has to be found before the remaining DAO funds is drained as well. By the look of things, the worries for The DAO are far from over. Their Ethereum account is being drained for the second time in as many days, using the same type of exploit. Although a much smaller amount has been stolen, this time, this is a very worrying trend for what many people believed to be the future of decentralized organizations. News broke yesterday about The DAO being under attack from an exploit in their smart contract code. An assailant was able to drain over 3 million ETH from their....
February 17, 2016 — Apple is no stranger to handing over its users’ sensitive data to government – they went live on the NSA’s PRISM program back in late 2012, stated in their TOS and EULA documents that there should be expectation of privacy while using their services, and follow the common industry practice of handing over sensitive information they have on file with the issuance of a warrant. So the decision to reject a court ordered backdoor that would allow brute force decryption of their phones, accompanied by an open letter to Apple customers from CEO Tim Cook explaining their....