foreword
first level title
data analysis
data analysis
1. Proportion analysis:
The analysis found that phishing security incidents accounted for the most in September, as high as 44%. Please be vigilant against phishing and protect your personal assets. What is gratifying is that in September, the number of running scams decreased significantly, accounting for only 8%.
2. Comparative data analysis:
2. Comparative data analysis:
Through comparison, we can find that, except for phishing, the number of other types of security attacks this month has decreased, especially the number of escape scams has decreased from 17 to 2 in the previous month.
3. Monthly security trends in 2022:
The following is a summary of various types of security information in September by the Known Chuangyu Blockchain Security Lab, and a discussion on the problems exposed by it.
DeFi Security Type Events
secondary title
DeFi Security Type Events
On September 2, the privacy project ShadowFi was hacked, and its official Token SDF fell by 98.5%. The attacker took advantage of the SDF vulnerability to allow anyone to burn Token, earning about 1,078 BNB (approximately $300,000), and the stolen funds have been transferred to TornadoCash.
On September 4th, Rug Pull Finder's latest NFT project "BadGuys" was exploited during the free minting period. Two users used their NFT contract loopholes to mint 450 NFTs instead of the original set per wallet Only 1 NFT can be distributed. This vulnerability was caused by the lack of required security checks in the "mint" function. The team has apologized on social media and said that it will pay a 2.5 ETH bounty to buy back more minted NFTs.
On September 4, DAO Officials, an aggregated DAO community on BNB Chain, was suspected to be attacked. In addition, data on the chain showed that the attacker may have made more than $500,000 in profits.
On September 7, the attacker made a profit of about 370,000 USDC through the AVAX flash loan attack. Protocols that the attacker may have affected include Nereus Finance, Trader Joe, Curve Finance.
On September 20, the crypto market maker Wintermute was hacked and lost $160 million due to leaked private keys.
scam security type event
secondary title
On September 26, a front-run bot scam was discovered on BNB Chain, in which scammers taught users how to develop a "front-run bot" to make money, but the contract it provided had a backdoor. After the deployment was complete, the victim All tokens of will be transferred to the attacker's address.
Phishing Security Type Events
secondary title
Phishing Security Type Events
On September 6, the Discord server of the Arts DAO project was attacked. Community users please do not click, mint or approve any transactions.
On September 6, the Dictators Project Discord server was hacked. Community users please do not click, mint or approve any transactions.
On September 8, the Instagram account of the Metaverse platform The Sandbox project was hacked, and thesandboxesgame.com was a phishing website. Users are requested not to click on phishing websites.
On September 12th, the Alpha Centauri Kid official Discord server received a phishing email attack, please do not click, mint or approve any transactions.
On September 14th, BAYC #8941 was suspected of being stolen, and the NFT was transferred to the address 0x18e541...D0F4, which was marked as a phishing address.
On September 14, the verified Twitter account with the ID @FreddyAdu was hacked. The attacker forged it as LooksRare Twitter and posted fake airdrop website information, which has not yet been recovered.
On September 18th, Alter Ego Hunters officially stated that its Discord was attacked. Community users please do not click, mint or approve any transactions.
On September 18, the Dystians Discord was hacked. Community users please do not click, mint or approve any transactions.
On September 18, the NFT project pumpʂkin tweeted that the Discord server and Discord management account were attacked. Community users please do not click, mint or approve any transactions.
On September 28, the Discord server of the SOL Decoder project was attacked. Community users please do not click, mint or approve any transactions.
Other Security Event Types
secondary title
Other Security Event Types
On September 2, Kyber Network, a decentralized liquidity protocol, disclosed on Twitter that its users lost $265,000 in funds due to the exploitation of front-end vulnerabilities (this data will be updated if new information emerges). The vulnerability stems from malicious Google Tag Manager code in the KyberSwap website, and attackers targeted whale wallets, gaining access to transfer user funds by inserting fake approvals.
On September 9, StarkWare, a research and development organization for zero-knowledge proofs, tweeted that its expansion engine StarkEx V4.5 was pointed out by Vlad Bochok (Matter Labs engineer) and Ihor Barenblat to have a loophole, which could allow users to Ability to double spend from a frozen system vault. However, the vulnerability has been fixed now.
On September 26, the address starting with 0x9731F stole $950,000 in cryptocurrency from the Ethereum vanity address generated using the Profanity tool, and the attacker has transferred 732 Ethereum to the coin mixer.
Summarize
first level title
Summarize
From the perspective of DeFi, among the security incidents involved, flash loan attacks and reentrancy attacks are still the most common, so the audit of contracts is very comparable. The encryption market maker Wintermute security incident reminds us of the importance of private keys, we must protect our own private keys, so in addition to the security of the contract itself, we also need to pay attention to compliance security. Knowing that Chuangyu Blockchain Security Lab hereby reminds that it is necessary to conduct regular audits and compound audits for contract security to protect contracts from other attacks. At the same time, it attaches great importance to function permissions to prevent high-privilege functions from being called arbitrarily.
