Reentrancy, price sage attacks and system vulnerabilities across seven protocols caused the decentralized finance (Defi) industry to lose at least $21 million in login passwords in February.
According to DefiLlama, Defi's data analysis system, one of the biggest attacks of the month should be Platypus Finance's lightning loans to enter the attack, resulting in a loss of $8.5 million.
DefiLlama described six other cyber hacking attacks that paid special attention that month, the first being an attack on BonqDAO by price oracle words on Feb. 1.
BonqDAO revealed to followers in a post on February 1st that its Bonq protocol was attacked by oracle bone words, allowing attackers to control the price of Alliance Block (ALBT) dynamic passwords.
The exploiters raised the price of ALBT and forged a lot of Beur. The Beur is then exchanged for other tokens in the Uniswap. Subsequently, the price fell to almost zero, which led to the settlement of ALBT.
Blockchain security company PeckShield may lose about $120 million, but later, according to media reports, due to the lack of liquidity on BonqDAO, network hackers are reported to have only about $1 million for TX.
Just that day later, on February 2nd, the Orion agreement in a decentralized trading center suffered a loss of about $3 million in a re-entry attack. Attackers used deliberate blockchain smart contracts to suck money away from targets with continuous withdrawal orders.
Orion agreement company CEO Alexei Kolokov confirmed the attack at the time, while assuring everyone that "every user's money is very secure."
"We have reason to believe that this situation is not caused by all the shortcomings in our own key protocol codes," he said. it is also likely to be caused by a system vulnerability in our experiments and a smart contract mixed with a third-party library used by private artist brokers. "
The DForce network, the Defi protocol, was another victim of the re-entry attack in February, causing about $3.65 million in damage.
In a post on Feb. 10, DForce identified the vulnerability, but surprisingly, when the attacker stepped forward as a white hat hacker, every fund had been returned.
DForce shows that on February 13, 2023, the oppressed funds were completely returned to our own multifaceted signatures on the premise of hedging arbitrage and cheerfulness, which was a happy ending for everyone.
On February 16th, the Defi agreement Platypus Finance was attacked by lightning loans, causing 8.5 million dollars in the agreement to be sucked away.
An autopsy report from Omniscia, a certified public accountant at Platypus, stressed that the attack was possible because of the incorrect coding order.
On February 23rd, the research team announced that they were looking to return about 78% of the important pool funds based on tips to freeze and stabilize debt rolls.
The working group also verified the second and third events, resulting in another mining of US $667000, resulting in a total loss of about US $9.1 million.
On Feb. 25, French police arrested two suspects in connection with cyber hackers and seized property worth about $222000 in login passwords.
A few days later, on Feb. 20, consumers who joined the project Hope Finance steadily according to the hedging arbitrage algorithm became the scapegoat for vulnerabilities in the blockchain smart contract system, and the customers were stolen about $2 million.
CertiK, a Web3 security company, became aware of the incident on Feb. 21 after the Hope Finance Twitter account alerted customers to the scam.
At that time, a member of the CertiK team told Cointelegraph that the fraudster had modified the small details of the intelligence contract, causing the money to be sucked away from the desired financial startup agreement:
"it seems that the fraudster has modified the TradingHelper contract, which means that when 0x4481 enables OpenTrade in Genesis RewardPool, the money will be transferred to the fraudster."
Dexble, a multi-chain hub aggregator, suffered an attack on the selfSwp functionality of the application, which resulted in a loss of digital currency worth $2 million.
According to a post from our trading center on February 18, "the network hacker took advantage of a system loophole in my new intelligence contract." It also allows cyber hackers to steal money from all wallets that are not approved on the contract.
Through the investigation, the Dexble elite team found that attackers used the program's selfSwp role to steal more than $2 million worth of login passwords from consumers authorized to move dynamic passwords from the app in the past.
After receiving the token to their own smart contract, the attacker obtains the coin into an uncertain BNB (BNB) wallet according to Tornado Cash.
On February 27th LaunchZone, a Defi agreement joined by the BNB chain, consumed $700000 worth of money.
According to blockchain security firm Immunefi, an attacker used an untested contract to suck up money.
"473 days ago, LaunchZone deployment staff had already approved this unconfirmed contract," immunity said.
DefiLlama statistics show that data information rose sharply in February compared with January.
The tracking group listed only $740000 cyber hacking attacks on two protocols on the Defi platform, Midas Capital and Roe Finance-, that month.
Blockchain data company Chainanalysis revealed in the 2023 encryption Crime report that cyber hackers stole $3.1 billion from Defi in 2022, accounting for more than 82 per cent of total theft that year.
Polkadot was launched in May 2020. In a market dominated by Bitcoin and Ethereum, it quickly established itself as the next generation blockchain. The scale and interoperability problems limit Bitcoin's ability to transfer value without the assistance of
For some newcomers to the currency circle, they are not familiar with the investment in the currency circle, and their understanding of the special currency is not very deep. Therefore, they may be at a loss in the choice of investment methods. Many inves
Lummis is a well-known crypto advocate on Capitol Hill with over $100,000 in crypto.
Several analysts argue that shrimp accumulation is good for the Bitcoin network because it makes the asset more decentralized over time.
ARK Invest filed for a spot Bitcoin ETF in collaboration with 21Shares long before BlackRock did, and its application is reportedly first in line for the SEC’s approval.
Interestingly, the price surge was on the back of increased activity from whales, as indicated by on-chain data. The increased activity led to an increased"/>
Recent market dynamics have seen Solana struggling to break above the $200 mark. A notable bearish factor among these market fundamentals is the recent"/>
DOGE, the internet's favorite memecoin, is back in the spotlight. Recent data reveals a surge in futures market activity, coupled with bullish technical"/>
The recent stratospheric rise of Bitcoin, reaching a new all-time high of $73,000, has sent ripples of excitement and trepidation through the crypto world."/>
Co-founder of Tornado Cash Roman Storm has filed a motion to dismiss the charges levied against him by the US Department of Justice (DOJ)."/>
On Thursday, March 28, a hack occurred on Prisma Finance, a decentralized lending protocol on the Ethereum network. The exploiter carted away about 3,257.7"/>
Once fully licensed in Dubai, Bybit plans to run a full-scope exchange, offering crypto lending, payments, investment and other services.
Tue, 18 Apr 2023