Mask Network Founder’s Wallet Hit by Suspicious $4M Crypto Outflows

The cryptocurrency industry has faced significant security challenges in recent weeks, with major exploits impacting both individuals and institutional investors. On Feb. 21, Bybit suffered the largest hack in crypto history, losing $1.4 billion worth of liquid staked Ether (stETH) to the North Korea-linked Lazarus Group. Just days later, on Feb. 27, suspicious outflows were detected from an address linked to Mask Network founder Suji Yan, raising concerns about targeted attacks on high-profile figures in the space. 

Onchain Cybersecurity Platform Detects Suspicious Outflows from Mask Network Founder’s Address

The cryptocurrency community has been rocked by yet another high-profile exploit after onchain cybersecurity platform Cyvers detected suspicious outflows from an address linked to Mask Network founder Suji Yan on Feb. 27. The incident, which involves the loss of millions of dollars in digital assets, highlights the increasing sophistication of cybercriminals in the Web3 space and the urgent need for robust security measures.

According to Cyvers, a series of addresses flagged in connection with the breach received approximately $4 million in cryptocurrencies, primarily in Ether (ETH) and ETH-linked tokens. The digital assets suspected to have been stolen include:

• 113 ETH, valued at over $265,000 at the time of the attack.

• 923 Wrapped Ether (WETH).

• 301 ezETH.

• 156 weETH.

• 90 pufETH.

• 48,400 MASK tokens.

• 50,000 USDT.

• 15 swETH.

Following the initial compromise, the stolen assets were quickly swapped for ETH and dispersed across six different wallet addresses, a technique often employed by hackers to obscure their tracks. One of the wallets involved in the laundering process reportedly ends in “df7.”

The breach adds to a growing list of major exploits in recent weeks, following the staggering $1.4 billion Bybit hack on Feb. 21 and the Pump.fun social media hack on Feb. 26.

The recent security breach at Bybit has been one of the most devastating in crypto history. Forensic investigations revealed that the attack originated from compromised credentials belonging to a SafeWallet developer. Unlike smart contract vulnerabilities, which are typically exploited through coding flaws, this attack focused on the user interface (UI), enabling the attackers to inject malicious transactions that appeared legitimate to Bybit’s internal team.

While the Safe team clarified that the exploit did not affect any of its front-end services or smart contracts, the hackers leveraged the compromised system to reroute funds from Bybit users to their own hardware wallet.

Martin Köppelmann, co-founder of the Gnosis blockchain network, which developed Safe, speculated on the nature of the attack. He suggested that the notorious Lazarus Group, a North Korean state-sponsored hacking collective, was likely behind the exploit.

The Need for Stronger Cybersecurity Measures in Crypto

With increasing attacks targeting both individuals and major crypto platforms, the need for advanced security measures has never been greater. The latest exploits serve as a stark reminder that no entity is immune to cyber threats, whether they are crypto firms, DeFi projects, or high-profile industry figures like Suji Yan.

Experts stress that real-time transaction monitoring and early threat detection systems must be prioritized by Web3 projects to mitigate risks. The growing sophistication of cybercriminals means that traditional security measures, such as hardware wallets and multisig accounts, may no longer be sufficient on their own.

The Feb. 27 hack involving Suji Yan’s address is yet another wake-up call for the crypto industry. As attacks grow more intricate, the need for real-time threat monitoring, enhanced security protocols, and stronger cybersecurity education for users and organizations is imperative. With the Lazarus Group and other threat actors continuously refining their techniques, the industry must remain vigilant and proactive in defending against emerging threats.

Bybit’s $1.4 Billion Hack Poses Major Setback for Institutional Crypto Staking Adoption

The cryptocurrency industry was shaken on Feb. 21 when Bybit, one of the world’s largest exchanges, suffered a devastating cybersecurity breach. The attack, orchestrated by North Korea’s notorious Lazarus Group, resulted in the theft of approximately $1.4 billion worth of liquid staked Ether (stETH), marking the largest hack in the industry’s history. The fallout from this breach is expected to have significant ramifications for institutional adoption of crypto staking, according to industry experts.

Bohdan Opryshko, Chief Operating Officer of staking services provider Everstake, emphasized the impact such high-profile breaches have on institutional interest in staking. In a recent interview, he noted that security concerns deter large investors from entering the space, especially when evaluating staking-based products like Ether (ETH) exchange-traded funds (ETFs).

“When an auditor or a potential institutional investor evaluates, for instance, an ETH ETF and sees a billion-dollar hack, their legal and compliance teams are likely to freeze any plans to allocate funds into such assets,” Opryshko explained.

The concerns surrounding security risks extend beyond this single incident. Institutional investors, who are bound by stringent compliance and risk management frameworks, are hesitant to allocate funds into crypto staking, particularly in centralized environments where exploits remain a major threat.

Beyond institutional hesitation, the Bybit hack has also accelerated a growing trend: stakers withdrawing their assets from centralized exchanges (CEXs).

According to Opryshko, the amount of staked ETH on CEXs has seen a notable decline. Over the past six months, total staked ETH on centralized platforms dropped nearly 7%, from 8.6 million ETH in September to 8 million ETH in February. Following the Bybit exploit, staked ETH on CEXs declined by an additional 0.5%, indicating a direct correlation between security incidents and user behavior.

The reluctance of institutions to embrace crypto staking is compounded by regulatory uncertainty. In the United States, Ether ETFs currently do not permit staking. However, in February, the US Securities and Exchange Commission (SEC) acknowledged requests from issuers such as 21Shares to allow a portion of Ether ETF holdings to participate in staking.

Meanwhile, staking is already permitted for Ether ETFs in Europe, and analysts predict that US regulators will eventually follow suit. Despite these developments, institutional inflows into Ether ETFs remain significantly lower than those of Bitcoin ETFs, highlighting lingering concerns among investors.

As of Feb. 27, Ether ETFs had accumulated nearly $3 billion in net inflows since their launch in July 2023. However, they still trail behind Bitcoin ETFs, which have spearheaded institutional crypto adoption with over $37 billion in net inflows since January 2024, according to data from Farside Investors.

Understanding Staking Risks and Rewards

Staking involves locking up Ether as collateral with a validator on the Ethereum blockchain. In return, stakers earn ETH payouts derived from network fees and rewards. However, staking also carries inherent risks, including the possibility of “slashing”—a mechanism that penalizes validators by confiscating a portion of their staked ETH if they misbehave or fail to operate correctly.

This risk factor further complicates the decision-making process for institutions, particularly those new to the staking landscape. In addition to Ethereum, other major blockchain networks such as Solana (SOL) also feature staking mechanisms, but each carries its own unique risk profile.

The Bybit hack serves as a stark reminder of the vulnerabilities in the crypto sector, particularly in centralized staking environments. Institutional adoption of staking remains precarious as cybersecurity threats loom large, regulatory uncertainty persists, and investor confidence wavers. The ongoing shift toward non-custodial staking solutions suggests that while demand for staking remains strong, centralized exchanges must significantly bolster their security frameworks if they hope to retain institutional and retail participation.

As regulators, industry leaders, and cybersecurity experts work to navigate this evolving landscape, the need for enhanced security measures and greater transparency in staking practices has never been more critical.