Cosmos (ATOM) is at risk due to potentially harmful code inherited from North Korean hackers disguised as developers.
Recent findings suggest the liquid staking module (LSM) needs a thorough reassessment to safeguard user funds.
Development of the LSM started in 2021 under Zaki Manian and the Iqlusion team, funded by the Interchain Foundation (ICF). In August, two developers, Jun Kai and Sarawut Sanit, with ties to North Korean hacking, joined the project. Their involvement went unnoticed until the FBI informed Manian, despite an audit being conducted.
Years passed before the Cosmos community received complete information about vulnerabilities in the code. Although a known slashing evasion issue was supposedly fixed, experts, including Cosmos co-founder Jae Kwon, believe some parts of the code still pose risks. Manian claimed the entire codebase was rewritten, but it remains unclear why.
Community members noted that the LSM still relies on potentially malicious code, with significant sections derived from the hackers. The last update to the LSM was in February 2022, during the hackers’ involvement, and it has operated without an audit since September 2023.
Despite these issues, Cosmos remains a solid platform, with most locked value in liquid staking initiatives like Stride and Stafi, totaling around $876,000. While striving to be a key player in DeFi and Web3, Cosmos has struggled since the 2022 market downturn.
The ecosystem also hosts networks like Celestia (TIA) and Injective (INJ), with tokens valued over $20 billion.
A new breed of cyber-attack is sweeping through crypto media, exploiting site pop-ups and wallet-connect prompts instead of smart-contract bugs.
CoinMarketCap, one of the most widely used crypto data tracking platforms, is reportedly facing a front-end security breach, with multiple users encountering a suspicious prompt to verify their wallets.
Russia’s attempt to formalize its crypto mining sector is falling short, with most miners opting to remain off the books despite new regulations.
A well-known investor at crypto VC firm Hypersphere has fallen victim to an elaborate phishing attack that wiped out a substantial portion of his personal savings.