Cyvers: How platforms get hacked

Crypto Gambling News spoke to Cyvers CEO and co-founder Deddy Lavid about how his firm identifies security breaches at crypto gambling platforms and what can be done about them.

First of all, tell us a little bit about what Cyvers does and how this plays into the crypto gambling industry?

Cyvers is at the forefront of providing proactive security solutions in the web3 space, which is vital for the burgeoning crypto gambling industry. As these platforms operate on blockchain technology, they are susceptible to a unique set of vulnerabilities and threats that traditional online casinos might not face. Our role involves not just identifying potential security flaws but also anticipating new forms of cyber-attacks that could exploit the decentralized nature of these platforms.

By leveraging advanced AI algorithms and blockchain analytics, we continuously monitor for suspicious activities and vulnerabilities, ensuring that gambling platforms can operate securely and efficiently. This not only helps protect the financial assets of the platforms and their users but also ensures the integrity and fairness of the games offered. Furthermore, our security solutions are designed to be adaptable, allowing for rapid responses to emerging threats and ensuring that crypto gambling platforms can stay ahead of malicious actors.

Last week Cyvers identified two major security breaches at crypto gambling platforms; DuelBits suffered a $4.6m breach while there was a $290m hack at PlayDapp. How do you spot these breaches and what is the process once you have detected them?

Identifying security breaches in the crypto gambling sector requires a multifaceted approach, given the complexity and diversity of threats. Our methodology includes real-time analysis of transaction patterns, address reputation analysis, and the application of machine learning techniques to detect anomalies indicative of a breach. This proactive surveillance is coupled with the development of advanced defensive strategies tailored to the specific architecture of each platform we protect.

Upon detecting a potential security issue, our immediate response involves isolating the affected areas to prevent further exploitation, notifying the platform operators, and initiating containment and remediation procedures. This process also involves a thorough investigation to understand the breach's nature, scope, and origin, which informs the development of more robust security measures to prevent future incidents.

Our approach emphasizes not only technical solutions but also strategic advice on best practices for security hygiene and risk management, ensuring that platforms are equipped to deal with both current and future security challenges.

What are the most common weak spots that hackers are taking advantage of on crypto gambling platforms?

Our CTO and co-founder, Meir Dolev, points out that the vulnerabilities often exploited by hackers are not so much related to smart contracts – as many platforms like Stake.com and Duelbits operate without them – but rather stem from weaknesses in employee security protocols and network access controls.

Hackers target employees through sophisticated social engineering tactics, using platforms such as LinkedIn and email to gain network access. Once inside, they may spend months laying the groundwork for their attack, which culminates in unauthorized transactions that drain platform wallets.

This type of prolonged and stealthy attack underscores the necessity for robust internal security training, stringent access controls, and vigilant monitoring of employee activities. Cyvers' approach to mitigating these risks includes implementing comprehensive security strategies that focus on real-time monitoring and anomaly detection. We utilize advanced AI and machine learning technologies to identify patterns of malicious activity and take immediate action.

Furthermore, educating platform operators and users on the importance of strong security practices is crucial. This not only involves robust authentication methods and secure communication channels but also a heightened awareness of phishing tactics and the importance of operational discretion. Our holistic approach aims not just to address current threats but also to anticipate and prevent future vulnerabilities, maintaining the trust and safety of the crypto gambling ecosystem, and enabling it to continue its growth and innovation securely.

Which coins and chains are most susceptible to exploits, and why?

The exploitation of coins and blockchain networks is indeed a multifaceted issue, affected by factors like architectural complexity and the extent of dApps activity. However, Meir highlights that there is a particular pattern in the aftermath of attacks: hackers typically consolidate stolen funds into native, less censorable coins such as Ether, BNB, or Matic, which although more volatile in price, facilitate the initial layer of laundering.

Hackers are then observed to engage in sophisticated money laundering operations, systematically converting these assets into stablecoins like USDT, with Tron emerging as a popular final destination due to its relative resistance to censorship. This trend illustrates the adaptive and financially savvy nature of bad actors in the crypto space and the need for enhanced monitoring of such cross-chain transactions.

To mitigate the risk of such exploits, it is critical for blockchain developers and platform operators to not only prioritize security in their design and operational protocols but also to monitor the flow of funds post-breach. Implementing rigorous testing, adopting best practices in smart contract development, and utilizing proactive threat monitoring systems like Cyvers can help in early detection and prevention of these complex laundering schemes.

Enhancing the security of coins and chains is a collaborative effort. By understanding and monitoring the typical behaviors and tactics of attackers, including their laundering patterns, the community can better defend against and respond to incidents. This requires a concerted effort between developers, platforms, and the wider community to maintain vigilance and adopt proactive security measures against an ever-evolving threat landscape.

What trends have you identified at Cyvers in terms of what platforms are getting hacked and how the breaches are being achieved?

The 2023 security landscape, as analyzed by Cyvers, reveals a pronounced pivot in attack vectors within the web3 space, notably with a surge in Access Control Attacks, especially in H2 2023. Our data indicates that while the overall funds affected by hacks decreased, making 2023 a relatively calm year compared to 2022, the incidents of unauthorized access experienced a significant uptick. Access Control Attacks led to substantial financial losses totaling $1.08bn, overshadowing the losses due to Smart Contract Vulnerabilities, which amounted to $607m.


The frequency of Access Control Attacks not only points to the growing creativity and persistence of bad actors but also highlights the insufficiencies in current access control mechanisms. These attacks often involve sophisticated methods to circumvent authentication processes, exploit user permissions, or hijack administrative controls. The rise in such attacks aligns with the times when Cyvers enhanced its detection capabilities, suggesting a previously undetected prevalence of these security breaches.

Given the high average frequency of losses due to hacks – every six days – and the fact that 80% of these attacks involved multiple transactions, it's clear that hackers are executing coordinated, sophisticated attacks that are not immediately detectable. With 98% of attacked platforms unable to respond within the first hour, the need for real-time monitoring and rapid response systems has never been more evident.

Months like November and April saw the highest number of incidents, but the volume of stolen funds peaked in July and September, reflecting that not all attacks are equal in their financial impact. The data underscores the necessity for robust, multi-layered security protocols that can adapt to the continuously evolving methods employed by hackers in the web3 ecosystem.

What advice do you have for the users of these platforms to protect themselves against the losses that have been seen in recent exploits?

For users of crypto gambling platforms, personal security measures are paramount in safeguarding their assets and personal information. Employing two-factor authentication (2FA) provides an additional layer of security beyond just a password, significantly reducing the risk of unauthorized access. Regularly updating passwords and ensuring they are strong and unique across different platforms can prevent credential stuffing attacks.

Users should be acutely aware of phishing scams, which often come in the form of emails or messages attempting to mimic legitimate platform communications. It's crucial to verify the authenticity of any request for information and to never share private keys or sensitive information via unsecured channels. Additionally, using cold wallets for storing cryptocurrencies when not actively gambling can protect funds from online theft, as these wallets are not connected to the internet and thus less susceptible to hacking.

Furthermore, users should be discerning when choosing platforms, opting for those that demonstrate a commitment to proactive security measures. Supporting platforms that prioritize real-time monitoring, anomaly detection, and rapid response capabilities ensures a safer environment for all participants. It’s paramount that users avoid platforms that neglect these essential security steps, as they not only endanger individual assets but also compromise the integrity of the broader ecosystem. The collective push for higher security standards will incentivize platforms to adopt the necessary measures to protect against the sophisticated and evolving threats in the web3 space.

How do you see the crypto industry evolving in future to reduce the risk associated with these kinds of breaches?

The crypto industry is rapidly evolving to address security risks with several promising developments on the horizon. One key trend is the standardization of security protocols, which aims to create a uniform set of guidelines for platforms to follow, reducing the likelihood of vulnerabilities. Additionally, there is a growing adoption of multi-signature wallets, which require multiple parties to sign off on transactions, adding an extra layer of security against unauthorized access.

The use of decentralized finance (DeFi) insurance products is also gaining traction, offering a safety net for platforms and users alike by covering losses due to security breaches. Moreover, the sector is seeing increased collaboration among crypto gambling platforms and security firms in sharing threat intelligence and best practices. This cooperative approach enhances the ability of the entire industry to respond to new threats more effectively.

Lastly, the integration of advanced AI-driven security tools is becoming more prevalent, enabling real-time threat detection and automated response mechanisms. These developments collectively signify a shift towards a more resilient and secure crypto gambling ecosystem, where the focus is not only on mitigating current risks but also on anticipating and preventing future threats.

Do you think there a regulatory solution?

The importance of standardized security practices in the web3 space cannot be overstated. The decentralized nature of blockchain and the complex interdependencies of decentralized applications (DApps) present unique challenges that traditional security frameworks may not fully address.

Recognizing this gap, Cyvers has championed the development and promotion of the Open Standard Web3 Attack Reference (OSWAR) framework, which is inspired by the well-established MITRE ATT&CK framework.

OSWAR aims to provide a structured, comprehensive, and actionable understanding of attacker behaviors, techniques, and vulnerabilities specific to the web3 environment. By categorizing various attack vectors, from initial access to exfiltration, OSWAR can identify and mitigate potential threats in a standardized manner. This framework is not only beneficial for enhancing security protocols across platforms but also crucial for establishing a common language and set of strategies to tackle security challenges in a decentralized ecosystem.

Cyvers has played a pivotal role in advocating for the adoption of OSWAR, contributing to a more secure and standardized approach to web3 security. By encouraging the integration of threat intelligence and proactive security measures, Cyvers aims to minimize the risk of inconsistent security practices that can lead to increased vulnerabilities and devastating attacks. For users, supporting platforms that align with OSWAR principles ensures a commitment to a high level of security and the promotion of a safer web3 space.

The framework's flexibility allows it to be tailored to the specific needs of individual organizations while encouraging community collaboration and contributions. As web3 technology continues to grow, adopting standardized security practices like those outlined in OSWAR will be essential to maintaining trust among users and investors, which is crucial for the long-term success of the decentralized web.
By advocating for regulations that support frameworks like OSWAR, Cyvers is actively working towards a future where web3 technologies are not only innovative but also secure and reliable. Users, in turn, should seek out and support platforms that prioritize such proactive security measures, contributing to a safer, more resilient ecosystem.


Looking for your next crypto casino? Check out: Mega Dice or FortuneJack

Written by Hannah

Hannah is editor of CryptoGamblingNews.com and has almost 15 years experience in journalism, including reporting on law, TV, gambling, crypto and alternative finance. She is particularly interested in the future of money, the transition of gambling from 'vice' industry to mainstream entertainment and the application of blockchain technology to wider society.

Similar News

The Ledger: Rivalry makes crypto a key strategy, CoinGames...

12/04/2024|17:33

Earlier this week, Gen Z focused sportsbook and igaming operator Rivalry revealed it has big plans to expand support for...