Cryptocurrency hackers have developed a program to steal cryptocurrency from the same fraudsters

Trend Micro security researchers have discovered a new type of fraud — hackers stealing cryptocurrency from similar attackers. Cryptocurrency fraudsters have developed Water Labbu software that helps them recover stolen digital assets.

Water Labbu compromises cryptocurrency hackers' websites that pretend to be secure decentralized applications (dApps) by inserting malicious JavaScript code into them. As soon as the fraudsters transfer a large amount of cryptocurrency to their wallet, Water Labbu receives a hidden request for access to the funds and transfers them to their address.

At the time of writing, Water Labbu fraudsters have managed to earn more than $ 300,000. The chances of getting this money back for the original owners are minimal. While at the first stage of cryptocurrency theft from ordinary users, the victims can still turn to law enforcement, at the second stage it becomes impossible. Cryptocurrency fraudsters will not go to the police to recover money stolen by other criminals.

In one incident, Water Labbu successfully stole USDT stablecoins from two fraudulent wallets. Later, Water Labbu exchanged the stolen tokens on the Uniswap exchange, first for USDC stablecoins and then for ETH, which were sent to Tornado Cash.

As for the more usual thefts, last night it became known about a Binance/">large-scale exploit that took place in the BNB Smart Chain network, with an estimated amount of losses ranging from $ 100 to $ 800 million. According to experts, the hackers used an exploit in the BSC Token Hub cross-chain bridge. Thanks to this, the attackers moved about $ 89 million to other blockchains: 58% to Ethereum, about 33% to Fantom, and about 4.5% to Arbitrum.