Its time for a monthly security check again! According to the security public opinion monitoring data of Chengdu Lianans Hawkeye-Blockchain Security Situational Awareness Platform, in August 2022, the number of various security incidents and the amount involved have increased significantly compared with July.In August, more than 23 more typical security incidents occurred, among which the total loss of attack security incidents was about 210.54 million US dollars.
Attacks occurred frequently in August, many of which involved high amounts of money and affected a wide range of users. This month, the cross-chain bridge Nomad event lost $190 million, which may be the most chaotic attack in the Web3 field this year. In addition, a large-scale coin theft incident occurred on the Solana public chain this month. At least 8,000 users wallets were stolen, with a total loss of up to 6 million US dollars.In August, fraud/runaway incidents are still frequent, and users need to be more vigilant to protect their assets.
DeFi aspect
A total of 14 typical security incidents occurred:
$190 million$190 million。
No.2 On August 2, the hot wallet of ZB Exchange was suspected to be hacked due to the leakage of the private key, and the total lossAbout US$4.68 million。
No.3 On August 2, the contract of Reaper Farm was maliciously used, resulting inabout $1.7 millionLoss.
No.4 On August 3, a large-scale coin theft occurred in the Slope wallet on the Solana public chain, and the loss is estimated at$6 millionabout.
No.5 On August 5, the EtnProduct project suffered a flash loan attack and lost about $10,000.
No.6 On August 5, the ANCH project suffered a price manipulation attack and lost about $100,000.
No.7 On August 6, the Polygon ecological project GenomesDAO was attacked and lost about $43,000.
No.8 On August 8, the EGD Finance project was attacked by price manipulation and lost about $36,000.
No.9 On August 10, Curve Finance was attacked by DNS and lost $612,000.
No.10 On August 14, Polkadot’s ecological project Acala issued an abnormal increase of 1.2 billion aUSD due to an incorrect setting on the chain. The project party froze relevant funds urgently, and the actual loss was estimated to be 6 million US dollars (incomplete statistics).
No.11 On August 17, Stader NearX suffered a reentrancy attack and lost about $830,000.
No.12 On August 18th, Celer Network stated that the front-end interface of cBridge was attacked by DNS cache poisoning, and the loss was about 240,000 US dollars.
No.13 On August 24, Kaoyaswap was attacked due to a logic error in the contract function, resulting in a loss of about $180,000.
No.14 On August 28, the token DDC was attacked and lost about $100,000.
Fraud Runaway / Encryption Scams
A total of 7 typical security incidents occurred
No.1 On August 7, the encryption project Saxon James Musk ran away and transferred 420,000 US dollars.
No.2 On August 10, a Rug Pull was suspected to have occurred in the DeFi project Blur Finance, and assets worth $600,000 on the chain were transferred.
No.3 On August 11, a Rug Pull occurred in Wuliangye, an NFT project with the same name as Wuliangye, and the official website and Discord community were closed.
No.4 On August 23, the NFT trading platform sudoswap imitation disk SudoRare was suspected of running away, and 519 ETH ($815,000) were stolen.
No.5 On August 30, Haikou City cracked the virtual currency One Coin pension fraud case,The amount involved was as high as more than 20 million yuan.
No.6 On August 30, the founder of Thodex, a Turkish cryptocurrency trading platform, was arrested in Albania on suspicion of$2 billion defrauded.
No.7 The Ministry of Public Security cracked down on new crimes of telecommunications and network fraud, and seized more than 50 million yuan in cash and 885,000 USDT involved in the case.
other aspects
A total of 2 typical security incidents occurred
No.1 On August 8, the U.S. Department of the Treasury added the cryptocurrency mixing service Tornado.Cash to the sanctioned list, and all U.S. individuals and entities are prohibited from interacting with Tornado Cash or any Ethereum wallet address associated with the protocol.
Summarize
Summarize
In view of the current new situation in the field of blockchain security, Chengdu Lianan concludes here:
On the whole, the number of various blockchain security incidents in August 2022 has increased significantly compared with July. The total loss of attack security incidents in August was about 210.54 million US dollars, an increase of about 700% compared with July.
This month, the number of attacks caused by the exploitation of contract vulnerabilities accounted for 50%, and the amount of losses reached 192.85 million US dollars. It is still important to do a professional security audit before the project goes online.Original link
