BTC0.020
ETH0.020
HTX0.020
SOL0.020
BNB0.020
BTC0.020
ETH0.020
HTX0.020
SOL0.020
BNB0.020
Blockchain security August report: more than 42 security incidents, loss of about 244 million US dollars
创宇区块链安全实验室
2022-09-03 03:27
本文约3827字,阅读全文需要约15分钟
The trend of security incidents in August is still high, and everyone needs to be prepared for security issues at all times.

*1 Introduction*

In August, the number of web3.0 security incidents remained high, with no downward trend. According to Know Chuangyu Blockchain Security Lab【Hacked Event Archives】The data shows that there were more than 42 security incidents in this month, basically the same as last month, and the total amount of losses caused was about 244 million US dollars.

Through the analysis of the number and proportion of various types of security incidents in August, the security incidents of scams and running away are still the most serious, which shows that most investors still have not identified the nature of the project before investing in the project and thus were deceived. It is worth mentioning that Nomad, a cross-chain communication protocol, suffered the most chaotic hack ever this month, resulting in a loss of nearly $190 million.

The following is

The following isKnow Chuangyu Blockchain Security LabA summary of various types of security information in August, and a discussion on the problems exposed by it.

*2. DeFi security type event*

On August 2, Zhichuangyu Blockchain Security Lab detected that the cross-chain communication protocol Nomad was attacked, resulting in the removal of nearly $190 million in cryptocurrency.

On August 2, the revenue aggregator Reaper Farm was attacked, and the attacker transferred 1.6 million DAI and 62 ETH to Tornado.Cash.

On August 5th, the EtnProduct project was attacked by a flash loan. The attackers made a total profit of about $3,074 and an NFT worth $7,380.

On August 5, the ANCHStakePool project was attacked by price manipulation, and the attackers made a total profit of 106,931 USDT.

On August 8, the EGD Finance project on BSC was hacked, causing the price of the token to be manipulated by flash loans for profit. The hackers made a total profit of about 36,000 BUSD.

On August 14, Acala was hacked due to a vulnerability in the iBTC/aUSD pool. The team is passing an emergency vote to suspend operations on Acala while investigating and resolving the issue.

On August 17, Stader.Near posted on its official social media that hackers exploited a loophole in the NearX smart contract, causing a loss of about 165,000 NEAR (approximately $880,000). Stader.Near has suspended its smart contracts and users cannot stake, unstake, or withdraw funds during this time.

On August 22, Cream Finance, a DeFi lending agreement on BNB Chain, was facing a liquidity crisis. The main reason for the crisis was that the agreement allowed a user (0xE94f7a43d3fD2A159952a28B23D3A181564B7baA) to borrow up to 107,000 BNB without collateral.

On August 24, the DeFi protocol KaoyaSwap on BNB Chain was attacked by the wrong logic of the transaction function, and the attack profit was around 37,294 BUSD and 271.2 WBNB (about 80,000 USD).

On August 31, the CUPID token contract on BNB Chain encountered a flash loan attack. Both the CUPID token and the VENUS token plummeted, and the attacker made a profit of $78,622.

*3. Scam security type event*

On August 3, a Rug Pull occurred on the encryption project TiFi Token, and the price of the token TiFi fell by 20%, with a total profit of about 700 BNB.

On August 7th, the encryption project Saxon James Musk was suspected to have a Rug Pull, and the token SJMUSK fell by more than 68%. The EOA addresses starting with 0x53a continued to be sold, and a profit of about 1355 BNB (about 420,000 US dollars) has been made.

On August 8, the Polygon chain game Dragoma was suspected of RugPull, and its token DMA plummeted from $1.8 to around $0.003, a drop of more than 99%. The loss was approximately US$ 2.7 million.

On August 10, a Rug Pull occurred on XSTABLE.PROTOCOL, and the price of the token XST fell by 98.4%. The official website xstable.finance was suspected to have been closed, and the Twitter account had been deleted.

On August 10, the DeFi project Blur Finance was suspected of having a Rug Pull, and the price of its Token BLR fell by 99%. Additionally, the project’s social media accounts were deleted, and $600,000 worth of assets on the Polygon and BNB chains were transferred.

On August 11, Wuliangye, an NFT project with the same name as Wuliangye, was suspected of having a Rug Pull. Currently, the official website and Discord community have been closed. The project has nothing to do with the famous wine brand Wuliangye, just the same name. The project party earned a total of 70.5 ETH.

On August 12, a Rug Pull occurred on the BNBGrowth token, and the contract deployer sold the token at a price of 393 BNB (approximately 127,000 USD) and sent it to an external account (EOA).

On August 12, the GameFi project DL World was suspected to have a Rug Pull, the price of GSG fell by more than 97%, and about $183,000 in assets were transferred.

On August 12, scammers funded by 0xea16 address with 400 BNB created about 20 contracts including Bitnity, ACKToken, etc. Rug Pull occurred. After raising the price, they emptied the contract funds, and 3900 BNB were transferred.

On August 14, a Rug Pull occurred on GEMDAO, and the project side took away a total of 322 BNB (approximately $105,553.49).

On August 14, a Rug Pull occurred on the project MMFinance on the BNB Chain, and the MMF token fell by more than 93%.

On August 14, the Brazilian encrypted lending platform BlueBenx banned all of its 22,000 users from withdrawing funds, claiming that they suffered a hacker attack and lost $32 million. BlueBenx did not provide details of the hacking attack, and some investors questioned whether the hacking attack was a scam.

On August 15th, a Rug Pull occurred on the Polygon chain project FIO Protocol, and the price of FIO Token dropped by 100%.

On August 15, a Rug Pull was suspected to have occurred in the Go Coin project on BNB Chain, and the Go Coin dropped by 95%. The contract deployer set the fee to the highest and blacklisted the addresses that were prohibited from selling.

On August 23, the NFT trading platform sudoswap imitation disk SudoRare was suspected of Rug Pull, and 519 ETH ($815,000) were stolen. The current official social account has been cancelled.

On August 25, a Rug Pull occurred on the RSHIB project on BNB Chain, and the price of RSHIB tokens plummeted by 92%. The contract deployer removes liquidity and sends ~47 BNB to the external account (EOA) address. The project's Twitter account has also been deleted.

On August 27, a Rug Pull occurred on the project ArcadeEarn on BNB Chain, and the token price fell by more than 59%. The deployer sent 40,000 ArcadeEarn tokens to an external account (EOA) and sold them for approximately $15,300.

*4. Phishing security type event*

On August 2, the Gas Guzzlers project Discord server was hacked. Users are asked not to click on links, mint or approve any transactions.

On August 2, the Cyber ​​Crew project Discord server was attacked. Users are asked not to click on links, mint or approve any transactions.

On August 2, the Miningverse project Discord server was attacked. Users are asked not to click on links, mint or approve any transactions.

On August 3, the Discord server of the NFT project dTweenies was attacked, users are asked not to click on the link, mint or approve any transactions.

On August 5, the Discord server of the Doge Capital project was attacked. Users are asked not to click on links, mint or approve any transactions.

On August 11th, the Discord server of the Mogul Productions project was hacked, users are asked not to click on links, mint or approve any transactions.

On August 15, the Discord server of the NFT project Pirate Apes was attacked. Users are asked not to click on links, mint or approve any transactions.

On August 29, the Floaties Project Discord server was attacked. Users are asked not to click on links, mint or approve any transactions.

On August 31, the Twitter account @WJahitucker was hijacked by hackers. Hackers used it to impersonate the account of LooksRare, an NFT trading market, and released an airdrop scam.

*5. Other Security Event Types*

On August 3, the Solana wallet Phantom was suspected of being hacked, with an estimated loss of $8 million.

On August 3, the hot wallet of ZB, an encrypted trading platform, appeared to be hacked due to the leakage of private keys, and the hackers made a total profit of about 4.8 million US dollars.

On August 4th, the sentry service of Slope Wallet (Android, Version: 2.2.2) had a private key leak.

On August 10, the decentralized trading platform Curve Finance stated on social media that the front end of its website was attacked, reminding users to cancel the authorization immediately if they have used Curve within a few hours. The attack hackers have stolen $570,000 worth of ETH, which has been transferred to FixedFloat.

On August 18, the cross-chain bridge cBridge launched by Celer Network was attacked by DNS hijacking, redirecting user operations to interact with malicious contracts to steal user assets. At present, the attacker has exchanged the encrypted asset pair obtained in the attack for 127 ETH, and has transferred it to Tornado Cash.

On Aug. 21, hackers exploited a zero-day vulnerability in the servers of a Bitcoin ATM owned by General Bytes to steal cryptocurrency from customers. When users deposit or buy cryptocurrencies through ATMs, the funds are instead stolen by hackers.

*6. Summary*

From the perspective of the DeFi security situation, flash loan attacks and logical loopholes are the most frequent security incidents this month, and other security incidents have become more diverse in attack types. Looking at the form of DeFi this year, cross-chain projects are increasingly favored by hackers, and the losses caused by each cross-chain security incident are extremely serious, so we need to think deeply about how to use cross-chain safely. Knowing that Chuangyu Blockchain Security Lab hereby reminds everyone that for contract security, it is necessary to conduct regular audits and compound audits to protect contracts from other attacks. At the same time, we must also attach great importance to authorization issues. For authorization There must be a clear time limit.

From the perspective of phishing and scams, the reason why these two types of security incidents have been frequent is that the attack methods are simple and easy to operate, and the users involved have almost no technical background, so they are more likely to be deceived. It is hoped that users will also learn more about blockchain in the process of investment and project inspection, so as to reduce their potential losses as much as possible; of course, users can also use some tools to reduce the risk of being phished, such as FishAlert (https://fishalert.knownseclab.comFor plug-ins, if you encounter an unfamiliar domain name, ask "it" first, which can greatly reduce the risk.

Safety
创宇区块链安全实验室
作者文库
推荐文章
Gate and F1 Red Bull Racing Team Launch "Red Bull Racing Tour": Limited Spectator Seats + Up to 5,000 GT Prize Pool
32 minutes ago
Gate and F1 Red Bull Racing Team Launch "Red Bull Racing Tour": Limited Spectator Seats + Up to 5,000 GT Prize Pool
Airwallex CEO questions the value foundation of stablecoins: Are the vested interests representing the "old forces" panicking?
24 minutes ago
Airwallex CEO questions the value foundation of stablecoins: Are the vested interests representing the "old forces" panicking?
Polycule Operation Guide: Quickly Play with Polymarket's Telegram Bot
an hour ago
Polycule Operation Guide: Quickly Play with Polymarket's Telegram Bot
BitMart Market Weekly Report (6.02-6.08)
2 hours ago
BitMart Market Weekly Report (6.02-6.08)
From whale to ant, has the legend of on-chain contracts James Wynn fallen?
43 minutes ago
From whale to ant, has the legend of on-chain contracts James Wynn fallen?
Coinsidings 2.0 makes every trip you take a chance to make a fortune
3 hours ago
Coinsidings 2.0 makes every trip you take a chance to make a fortune