These include:
These include:
1. There were 3 security incidents on the EOS chain, and the hackers made a profit of over 220,000 EOS, mainly including the transfer of 199,000 EOS from the craigspys211 account that had been frozen by arbitration, and gradually flowed to the exchange.
2. Bitcoin wallet Electrum users are facing phishing attacks. When the user updates the client with a backdoor, the private key will be stolen. So far, 1450 BTC has been stolen.
3. There were two DApp attacks on the TRON chain this month, thousands of TRX were stolen, and the attack method was still transaction rollback.
4. The Ethereum fund project FAIRWIN contract was exposed to have serious security vulnerabilities. Any user can call the interface to forge betting data and then withdraw the balance. Although the vulnerability interface has been closed, 500 pieces of betting data, about 5093 ETH, have been inserted before closing .
5. A third-party JS service used by the digital currency exchange has the risk of being implanted with malicious code, which directly threatens the security of the exchanges funds and causes users to lose coins.
6. The Fusion wallet was hacked, resulting in the theft of 10 million native FSN and 3.5 million ERC20 FSN tokens, worth approximately $5.57 million.
Within the scope of statistics, the loss of security incidents in September exceeded 130 million yuan. Although compared with the previous month, the number of security incidents this month has decreased slightly, but the amount of loss is more. The occurrence of security incidents on exchanges and wallets is still on the rise, and the main attack method of hackers is exploiting vulnerabilities, which shows that the security of exchanges Awareness still needs to be strengthened.
In view of the current new situation of blockchain security, Chengdu Lianan hereby reminds the project party to pay attention to security risks, especially exchanges, which often involve huge amounts of money in security incidents, and it is even more necessary to enhance security awareness and do a good job in project security review. It is recommended that blockchain projects strengthen their technical capabilities, consciously enhance the security of the system architecture during system design and development, and establish a complete security architecture system and emergency response mechanism. If necessary, you can cooperate with a security company to reduce vulnerabilities through third-party technical support, security testing, and security reinforcement to avoid unnecessary losses. When the project is running, the security situation awareness system can be used to monitor in real time, early warning and alarm; the firewall can effectively resist security attacks. In case of asset loss, security companies can be used to trace the source of assets on the chain.
