Bedrock, a multi-asset liquid staking protocol, recently experienced a security breach involving its synthetic Bitcoin token uniBTC, resulting in a loss of approximately $2 million in funds. The hackers exploited a vulnerability in the protocol, which the Bedrock team has since addressed and assured the community that all remaining funds on the platform are secure. The company is actively working on a plan to reimburse affected users and will release a post-mortem report detailing the nature of the exploit and steps taken to prevent future breaches.
Launched in February 2023 by Singapore-based blockchain firm RockX, Bedrock offers various staking products such as uniBTC, uniETH, and uniIOTX, allowing users to earn yield through staking while maintaining exposure to major blockchain assets. The protocol has attracted institutional investors due to its strict Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance measures. Currently, Bedrock ranks as the eighth-largest liquid staking protocol in the market, with over $240 million in total value locked (TVL) on its platform. Liquid restaking has become a significant segment in the crypto industry, with protocols like Eigenlayer leading the charge with over $12.1 billion in TVL on its mainnet.
Cybersecurity scammers are deploying stealthy crypto mining malware by leveraging automated email replies from compromised accounts to compromise systems. Hackers have been targeting organizations in Russia, including companies, marketplaces, and financial institutions, with the goal of installing the XMRig miner on victims’ devices to mine digital assets covertly. The malware is distributed through malicious links sent via text messages. This tactic follows a previous malware threat known as the “Cthulhu Stealer,” which affects MacOS systems and disguises itself as legitimate software to target personal information, including MetaMask passwords, IP addresses, and cold wallet private keys. In August alone, there was a surge in crypto-related scams resulting in $310 million in losses, with phishing incidents accounting for the majority of the total losses at around $293 million.
The Bedrock team has assured the community that despite the security exploit involving uniBTC, the underlying wrapped Bitcoin (BTC) tokens and standard BTC held in reserves remain safe. The team is finalizing a comprehensive reimbursement plan for affected users and is committed to transparency by releasing a detailed post-mortem report outlining the exploit and measures being taken to prevent future breaches. The protocol has been popular among institutional investors due to its emphasis on KYC and AML compliance, with over $240 million in TVL on its platform, making it the eighth-largest liquid staking protocol in the market. Liquid restaking has seen significant growth in the crypto industry, with protocols like Eigenlayer boasting billions in TVL on its mainnet.
In response to cybersecurity threats, scammers are utilizing automated email replies to deploy crypto mining malware on systems, targeting organizations in Russia with the XMRig miner to mine digital assets covertly. The hackers distribute the malware through malicious links sent via text messages, following a previous malware threat known as the “Cthulhu Stealer” that targeted MacOS systems to steal personal information. August saw a surge in crypto-related scams, resulting in $310 million in losses, with phishing incidents being the most damaging and accounting for the majority of the total losses at approximately $293 million. The ongoing threats highlight the importance of cybersecurity measures in protecting digital assets and personal information in the crypto space.
