Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime

Cryptohack Roundup: Nigeria Drops Charges on Binance Exec

Also: Indian Hackers Gets 5 Years in Prison for Stealing $20M
Cryptohack Roundup: Nigeria Drops Charges on Binance Exec
Image: Shutterstock

Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, the Nigerian government dropped charges on Binance executive Tigran Gambaryan, an Indian hacker faces five years in U.S. prison for stealing $20 million, a $4.5M Tapioca DAO exploit, Transak data breach.

See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation

Nigerian Govt Drops Charges Against Binance's Tigran Gambaryan

A Nigerian court ordered the release of Binance executive Tigran Gambaryan after the government dropped money laundering charges against him to allow for medical treatment abroad. Nigeria's Economic and Financial Crimes Commission withdrew the case against Gambaryan, the head of financial crime compliance at Binance and a U.S. citizen, during an open court session in Abuja, reported Reuters. The EFCC said that it would continue its money laundering case against Binance, which involves allegations of laundering more than $35 million. Gambaryan and Binance have denied the charges. Gambaryan, who had been in detention since February and held in prison, was released following diplomatic efforts and concerns over his deteriorating health. His wife, Yuki, had previously raised concerns about his condition, warning that it could cause permanent damage and affect his ability to walk. Separate tax evasion charges against Binance remain in place, with the company continuing to deny those allegations.

Coinbase Spoofer Gets 5-Year Sentence for Stealing $20M

Indian national Chirag Tomar received a five-year prison sentence in the United States for stealing over $20 million through a spoofed website mimicking Coinbase. Thirty-one-year-old Tomar and his co-conspirators launched the scheme in June 2021, creating a fake Coinbase Pro site to trick victims into providing login credentials and two-factor authentication codes, said the Department of Justice. They also posed as Coinbase customer service to gather additional information. Once they gained access, they transferred cryptocurrency to their own wallets, moving the funds through multiple addresses. Tomar used the stolen money for luxury purchases and international travel. He was arrested in December, pleaded guilty to wire fraud conspiracy in May and is now in federal custody.

$4.5M Tapioca DAO Hack

Tapioca DAO suffered a $4.5 million exploit after an attacker compromised its native token's vesting contract. The stolen funds, including $2.8 million in USDC and $1.6 million in ETH, were converted to ETH, then USDT, and bridged to the BNB Chain. Web3 security firm Fuzzland, which is assisting Tapioca DAO in recovering the stolen funds, reportedly said that the attack may involve social engineering, possibly linked to North Korean hackers. Tapioca’s treasury currently holds $4.2 million.

Transak Data Breach

Cryptocurrency payment processor Transak disclosed a data breach, warning that an attacker gained access to a vendor's system and stole user data. The breach resulted from a phishing attack that allowed the attacker to remotely access an employee's laptop and subsequently gain entry to a third-party KYC identity verification service. This exposure affected 1% of the company's user base, involving 92,554 individuals. The compromised data includes names, birthdates, identity documents such as passports and driver's licenses, and user selfies.

Transak said that no financial data, emails, phone numbers, passwords or payment card details were compromised. The Stormous ransomware group claimed credit for stealing over 300 gigabytes of data, but Transak disputed the group's claims. An extortion group active since 2021, Stormous is linked to numerous alleged breaches but has often failed to provide concrete evidence of the stolen data in prior incidents, threat intelligence firm Kela said last year. Transak said it has notified affected users via email and reported the breach to relevant data protection regulators, including the U.K. Information Commissioner's Office.

With reporting by Information Security Media Group's Mathew J. Schwartz in Scotland.


About the Author

Rashmi Ramesh

Rashmi Ramesh

Assistant Editor, Global News Desk, ISMG

Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.