Weekly Blockchain Security Report by Fairyproof- Feb 21 to Feb 27
During the week from February 21 to February 27, 2022, security events that happened in the crypto industry can be categorized into four…
During the week from February 21 to February 27, 2022, security events that happened in the crypto industry can be categorized into four: security hacks, rug-pulls, white-hat hacks, and updates with regard to the investigation of past incidents.
Here is a list of the security hacks:
On Feb 27, 2022, OpenSea, the largest NFT trading platform, announced on its Twitter that some users claimed to receive emails from OpenSea. However, these users received emails from http://openseateam.io/ and this was not OpenSea’s official site. The emails from this site were highly suspicious and may contain phishing links. OpenSea warned users not to open or click on these emails.
This was a second phishing attack targeting OpenSea users following the one that happened last week.
Here is a list of the rug-pulls:
On Feb 23, 2022, a security incident happened to Web3Memes, a project deployed on BSC. Within less than three hours after its contract was deployed, its liquidity on Pancake was withdrawn. This fast withdrawal surprised the whole crypto community.
The team behind the project was anonymous, the gas used to deploy the project was obtained from Tornado.Cash. These features make this project highly suspicious thus being considered a rug-pull with high likelihood.
The exploited crypto assets in this incident were around 125 BNBs valued at around $45,000.
Here is a list of the white-hat hacks:
On Feb 19, 2022, Coinbase, one of the biggest regulated CEXs, awarded a white-hat hacker named “Tree of Alpha” $250,000 for his uncovering of a serious vulnerability.
This hacker found that the vulnerability could be used by a user to sell 50 SHIBs as 50 BTCs by just paying $0.001. Right after the hacker found this issue, he/she contacted Coinbase and Coinbase froze this transaction without suffering any loss.
Here is a list of the updates with regard to the investigation of past incidents:
On Feb 22, 2022, Laura Shin, a senior editor of Forbes, claimed that based on the evidence she held, and the analysis performed by Chainanalysis she thought one of TenX’s co-founders Toby Hoenisch, an Austrian software engineer, was the suspected hacker of Ethereum’s 2016 DAO incident.
Closing thoughts
In summary, for projects that aim to establish long term success, bounty programs can be an effective incentive to improve code quality and prevent security issues; For users, they should be extremely vigilant about unverified websites and be aware of a project that lacks sufficient transparency or doesn’t reveal the team’s identity; for hackers, being a white-hat hacker is a much better way to gain fame and profits.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing