Monitoring data shows: in June 2021, according to incomplete statistics, the whole blockchain ecology occurred more than 36 typical security incidents, the overall security risk rating is high this month, DEFI is still the main position of typical security incidents, lightning loan attack is still the main means of attack taken by hackers in addition.
Compared to May, Defi's attacks are no longer limited to BSC on-chain projects. As Defi's ecosystem grows more prosperous, various Defi projects are also exposed to different security risks due to their different product designs and implementations, such as xWin In the Finance hacking event, the attackers took advantage of the loopholes in the promotion methods and reward mechanism of the project to launch the attack.in the case of Safedollar hack, the attacker took advantage of the logical defects in the mortgage and calculation of rewards in the project contract. The following is the details of this month's security monthly report. There were two typical security incidents. 01 The south Korean authorities new rules, trading platform staff in their own trading platform, its trading platform faces a maximum of 100 million won (us $90000) fine and suspended from trading license. 02 South Korean police on suspicion of violation of the relevant laws and the restrictions of illegal credit fraud, arrested V Global virtual currency trading platform In Defi. There were 11 typical security incidents in total. 01 Pancakehunny was attacked by hackers, and A large number of tokens were issued in A short time and thrown into the market. 02 SushiSwap helped Alchemix discover a bug that sucked AlCX from their reward contract, which led Alchemix to request SushiSwap to disable their Double Dig Reward. 03 Revenue farm Evodefi was attacked, causing the price of its token, Gen, to drop 57% from $2.10 / piece to $0.9 / piece. 04 Defi Fixed Rate Generation protocol 88mph, released a fix report for a serious bug in the init() function. 05 Alchemix alETH has suspended mortgage lending in the Aleth pool and is investigating. 06 Defi Impossible Finance suspected of lightning lending attack on. 07 Eleven Nerve Finance says money is safe from lightning lending attack. 08 Defi protocol xWin Finance on the BSC chain was hit by a lightning loan attack. 09 On June 28, Safedollar was allegedly hacked, and an unverified contract siphoned off $250,000 in USDC and USDT. 10 Thorchain has suffered a malicious attack, which caused a loss of $140,000. However, Thorchain says that user funds will not be affected and that it will use the bank to compensate for the vulnerability Lab. 11 Due to the logic loophole, MerlinStrategyalPacabnb was attacked by hackers. The loophole is that the contract mistakenly transfers the WBNB of the beneficiary as the mining income, making the contract issue more $MERL as a reward. This month,DeFi typical security incidents broke through 10 pass, security situation is still severe such as lightning loan attack business logic loophole project reward mechanism and other reasons, have become the hacker launched the attack behavior of the breach, so as a project side, remember to pay attention to the design and implementation of the project. There were 8 typical security incidents involved in all kind of swindles. 01 On June 1, two men suspected of fraud through LocalBitcoins, a peer-to-peer platform for bitcoin, were detained for their involvement in the scam Nearly three dozen people and about $136,000 in virtual currency were defrauded in the scam. 02 On June 12, Twitter users said they were attacked after they received an email from the scam team that opened an SCR file with the attached Microsoft Word logo. 03 A man in Nottinghamshire, UK, claims to have stolen 200,000 pounds ($282,000) from StableMagnet Finance. 04 A StableMagnet exchange automated market maker on the BSC, in a crypto scam, making off with 22 million dollars from users before running away. 05 The founder of virtual currency platform Africrypo went missing and 69 thousand BTC($2300 million) were transferred. 06 On June 24, the public security bureau in Xichang cracked down for the first time a gang that used virtual currency to launder money for telecom and Internet fraud. 07 As part of efforts to crack down on the crime, Europol Crackdown on Belgian Ponzi Scheme Vitae In this operation, law enforcement officials recovered 1.1 million euros in cash and 1.5 million euros in virtual currency. 08 Fraudsters posing as virtual currency analyst PlanB have carried out scams on Twitter, and many people have had their money stolen.
Beosin comments: In the last two months, the typical security incidents of scam runaways/crypto scams have been high enough to show that virtual currency scams are becoming an increasingly bad apple affecting the entire blockchain security ecosystem.The increasingly high security situation not only seriously threatens the security of users' property, but also brings great resistance to the sound development of the whole blockchain industry, which deserves to be vigilant! There were 4 typical security incidents about blackmail or Trojan mining software.
01 The U.S. Justice Department has charged Latvian national Alla Witte with being part of an international cybercrime syndicate that created and deployed a computerized banking ransomware called TrickBot to try to trick consumer businesses and other organizations. 02 US Recall Millions of Virtual Money Paid to Colonial Pipeline Ransomware Hackers. 03 Andre Nogueira, CEO of JBS USA Holdings, the US subsidiary of Brazilian meatpacker JBS SA Nogueira said the company has paid $11 million in ransom to cybercriminals to resolve the ransomware attack. 04 Monero malware mining software Crackonosh has infected 222,000 computers. Total of 10 typical security incidents 01 On June 3,Apple co-founder Steve Wozniak filed a lawsuit against YouTube last July, accusing the platform of allowing others to use his image to post a bitcoin fraud video. A California court on Wednesday dismissed a lawsuit. 02 Filed by 11 users of South Korean virtual currency exchange Upbit against its operator, Dunamu Inc. 03 The official website of the Sri Lankan Prime Minister has been hacked by an anonymous hacker group and redirected to another site called the decentralized virtual currency Bitcoin. 04 Siastats tweeted that the SIA network has been hit by a DDoS attack in the last 48 hours, with the largest targets being network host storage providers, with about 30 percent experiencing power outages. 05 A loophole found in smart contracts that allowed attackers to steal unlimited approved funds 06 Twitter users said a $1 million USDC/ETH transaction on Curve had a higher slip point than a $10 million USDC/ETH transaction. The vulnerability has now been fixed due to a suspected routing error. 07 Mumbai resident Makarand Pardeep Adivirkar, described as the crypto king of the country's underground drug cycle, has been arrested by India's Narcotics Bureau (NCB). Indian virtual currency exchange Wazirx says the accused is not one of its clients. 08 Protocol unveiled a plan to compensate investors affected by the vulnerabilities that have blocked the Protocol's rollout and locked down a liquidity provider. 09 Fireblocks has responded to Stakehound's $75 million ethereum loss by saying that the incident was caused by the company's failure to back up the BLS key using a third-party disaster recovery service as required by the two parties in writing at the time of the agreement. 10 On June 29, due to concerns about investment fraud, NatWest Bank in the UK limited the sum of money that customers could send to virtual currency exchanges (including Binance) each day. On the whole, Typical security incidents in June increased slightly compared with May, and the security situation of the whole blockchain ecology was still at a high risk level. It is not difficult to see that the distribution of security incidents in June, The DEFI side as well as the scam runaway still needs the attention of the blockchain:https://www.8btc.com/article/6655493.
No comments:
Post a Comment