secondary title
Hackers are raging, why is DeFi reduced to a carnival for a small group of people?
After the bull market came, DeFi (decentralized finance) was once hailed as the key to supporting cryptocurrency to become the real "number one" investment product this year.
The entire DeFi ecology is a thriving scene. On the other hand, however, DeFi is suffering from a weak code epidemic. According to PeckShield statistics, there were more than 13 DeFi-related security incidents in November, causing losses of nearly $50 million.
On November 2, Axion Network, whose mainnet was only online for a few hours, was attacked by hackers. Hackers used its pledge-related loopholes to mint 79 billion AXN tokens, causing the price of its tokens to drop by 100% in a short period of time and a loss of 500,000 US dollars. ;
On November 6, PercentFinance froze $1 million in tokens due to a loophole, including 446,000 USDC, 28 WBTC, and 313 ETH;
On November 7th, PeckShield monitored hackers using Flash loan to attack Cheese Bank, a decentralized digital bank, through a transaction, and arbitrage $3.3 million out of thin air;
On November 10, SharkTron, a DeFi project on the JustSwap whitelist, was stolen from TRON (TRX) worth US$10 million, and TRON and Binance froze part of the funds;
On November 14th, PeckShield monitored that hackers used the storage asset verification flaw in the Akropolis project to launch multiple re-entry attacks on the contract, issued a large number of pooltokens out of thin air, and stole 2.03 million DAI;
On November 15th, PeckShied monitored that hackers exploited the loopholes in the AMM algorithm-based price oracle (Curve) in the Value DeFi protocol to manipulate the price of tokens on Curve, mint pooltokens, and finally made a profit of 5.4 million US dollars
On November 17, PeckShield monitored that the DeFi protocol Origin Protocol stablecoin OUSD was attacked. The attacker used dYdX’s flash loan to carry out a re-entrancy attack (Re-entrancy attack), causing losses worth $7.7 million in ETH and DAI;
On November 18, PeckShield monitored that there was a code loophole in the DeFi fixed-rate lending protocol 88mph, which was only online for 48 hours. Attackers used this loophole to mint MPH tokens worth $100,000
On November 22, PeckShield monitored that the DeFi project Pickle Finance (pickle cucumber), which was once praised by Vitalik, lost nearly 20 million U.S. dollars in DAI due to a hacker attack and an unaudited newly created smart contract vulnerability;
On November 26, Compound was attacked by an oracle machine, and $90 million in assets were liquidated. The huge liquidation of Compound this time was caused by the drastic fluctuation of the DAI price of Coinbase Pro, the information source of the oracle machine. It is a typical oracle attack to manipulate the information source that the oracle machine relies on for a short period of time to achieve misleading prices on the chain;
On November 29th, RGT Distributor’s contract had a loophole, and Rari Capital, a smart contract DeFi smart investment advisor, posted an official tweet saying that the contract loophole had been fixed and no funds were lost;
On November 30, SushiSwap, a liquidity mining project, was attacked by a liquidity provider. The attacker obtained US$10,000 to US$15,000 in a transaction, and the fix was subsequently reviewed by PeckShield.
The blockchain world believes in "Code is Law" and believes that code is the law. Distributed technology can ensure that data cannot be tampered with and ensure system security to the greatest extent. But why is DeFi developed based on blockchain technology frequently plagued by security issues?
secondary title
Digital Wallet Security
According to PeckShield statistics, there were 2 typical wallet security incidents in November:
secondary title
other attacks
In addition to this, there were several other attacks in November:
On November 3, the mining trojan group z0Miner exploited the Weblogic unauthorized command execution vulnerability (CVE-2020-14882/14883) to invade 5,000 servers. The gang found machines with Weblogic vulnerabilities by scanning cloud servers in batches, and sent carefully constructed data packets to attack. Then execute the remote command to download the shell script z0.txt to run, and then use the shell script to implant the Monero mining Trojan horse, local persistence of mining tasks, and lateral movement through blasting SSH;
On November 8, Grin Network was attacked by 51%;
On November 11, malicious nodes attempted to interfere with the Monero network through a Sybil attack in order to obtain information about users on the Monero blockchain. It is reported that a Sybil attack is a malicious attack on a P2P network, where individuals or organizations try to take over the network by using multiple identities to control multiple accounts or nodes;
On November 19, the mining Trojan horse 4SHMiner exploited a vulnerability to attack cloud servers and controlled about 15,000 servers for mining;
On November 21, the BCHA chain was attacked, and the network generated a large number of empty blocks.
secondary title
Fraud & Extortion
With the development of blockchain technology and more and more people's attention to the blockchain field, this has promoted the increasing popularity of blockchain, but it has also led to the emergence of various scams, packaging with blockchain concepts, There are endless funds for promotion through pyramid schemes, and hackers and attackers are also turning their attention to cryptocurrencies.
According to PeckShield statistics, there were 10 fraud-related security incidents in November;
On November 1, KPER and KORE, the imitation projects of KP3R and CORE, were suspected of being scams, and the currency prices plummeted to almost zero for a short time;
On November 2, the Shanghai Hongkou District People's Procuratorate prosecuted eight "middlemen" who used virtual currency to assist fraudsters in transferring more than 15 million yuan;
On November 3, the Suqian police cracked a digital currency fraud case involving several merchants in China, involving a total amount of 2.2 million yuan;
On November 6, Slack, an A-share listed company involved in the blockchain, suffered a telecom fraud and lost 2.05 million US dollars (equivalent to about 13.55 million yuan in RMB);
On November 10, Nanjing Liuhe police cracked a fraud case related to Bitcoin, arrested 10 people involved in the case, and recovered more than 100,000 yuan of fraudulent funds;
On November 12, a fraudulent scam emerged on the "Romocoin Exchange" platform in Changzhou, and the police reminded to beware of "variant" scams;
On November 14, the police in Xinzhou, Shanxi cracked the "SZSE Digital Currency Exchange" fraud case, involving more than 10 million yuan;
On November 20, the Jiangsu police cracked the Cambodia Crystal International blockchain scam, involving more than 10 million yuan;
On November 20, the Jiangsu police cracked the Cambodia Crystal International blockchain scam, involving more than 10 million yuan;
On November 23, the Public Security Bureau of Hegang City, Heilongjiang Province successfully cracked a large-scale online pyramid scheme of "Columbus CAT virtual currency", involving nearly 300 million yuan of funds;
According to PeckShield statistics, there were five extortion-related security incidents in November;
On November 1, hackers invaded the Vastaamo Psychotherapy Center in Finland to steal the psychotherapy records of Finnish citizens in order to extort Bitcoin;
On November 3, the police in Qidong, Jiangsu Province cracked a bitcoin extortion virus case, illegally profiting more than 100 bitcoins, equivalent to more than 5 million yuan;
On November 7, the game giant CAPCOM was attacked by ransomware, and hackers demanded $11 million in bitcoin ransom;
On November 12, hackers attacked Italian wine merchant Campari, stole important documents, contracts and bank information, and demanded $15 million in bitcoin ransom;
On November 13, Bitcoin ransomware Pay2Key attacked several Israeli companies;
Due to the anonymity of cryptocurrencies, the complex transfer path of assets on the chain, and the difficulty of technical tracking, it is more difficult for relevant departments to track and supervise encrypted assets. In recent years, both at home and abroad are increasing the regulatory requirements for AML anti-money laundering policies and further promoting the supervision of encrypted assets.
The relevant person in charge of Peckshield said: "In addition to the law, at the current technical level, real-time monitoring of asset circulation on the chain can be carried out through a professional chain tracking system. Relevant regulatory authorities can jointly promote encrypted assets with the assistance of a professional security team. safe and orderly development.”
