A cross-chain attack has hit decentralized finance ("Defi") provider Poly Network, with more than $600 million in alt-coin stolen. The Block assesses the total theft as greater than $611 million. The BBC puts the losses at $267 million of Ether, $252 million from Binance, and about $85 million in USDC. Poly Network appealed to the thieves to return the stolen coin, and their "Dear Hacker" plea appears to have fallen on mildly repentant (or at least slightly fearful) ears. Poly Network tweeted that "So far, we have received a total value of $4,772,297.675 assets returned by the hacker." (So $599,227,702.33 remain in the wind.)
Mandiant describes a Chinese false-flag cyberespionage operation against Israeli targets. The UNC215 group, also tracked as Emissary Panda, represented itself as an Iranian threat actor working from Tehran.
Facebook has taken down 65 Facebook and 243 Instagram accounts, originating in Russia but using the services of the UK-based marketing firm Fazze, which had been engaged in a coordinated effort to recruit influencers to spread COVID vaccine information. (Fazze was also kicked off Facebook's platforms.) The effort enjoyed only indifferent success, but the concentration on influencers was an interesting wrinkle.
Flashpoint believes it's found a REvil decryptor posted to the Russophone XSS Forum by a "threat actor" going by the nom-de-hack "Ekranoplan." Ekranoplan had no previous presence in the forum.