Weekly Blockchain Security Report by Fairyproof- Mar 7 to Mar 13
During the week from March 7 to March 13, 2022, security events that happened in the crypto industry were all security hacks.
Weekly Blockchain Security Report by Fairyproof- Mar 7 to Mar 13
During the week from March 7 to March 13, 2022, security events that happened in the crypto industry were all security hacks.
Here is a list of the security hacks:
On March 9, 2022, Fantasm Finance, a DeFi application deployed on Fantom was attacked.
The attacker’s address was 0x47091E015b294B935BAbDA2d28aD44e3Ab07ae8D on Fantom and the attacking contract was deployed at 0x944b58c9b3b49487005cead0ac5d71c857749e3e on Fantom. The attacker got its gas from 0x4718964Ab638787283f14a0ef4A2b0d61298E6B5.
The exploited crypto assets were valued at around $2.6 million.
Basically, a vulnerability in the deposit function in one of its contracts was exploited such that the attacker minted a large quantity of XFTM tokens and eventually exchanged these tokens to 1008 ETHs and cashed out via Tornado.Cash.
On March 13, 2022, Paraluni, a DeFi application deployed on BSC was attacked. The total exploited crypto assets were valued at around $1.7 million.
The root cause was that the depositByAddLiquidity function in its MasterChief contract didn’t verify the input address of a token.
The attacker exchanged the exploited assets to ETHs and cashed out via Tornado.Cash.
Closing thoughts
Both of these two incidents were caused by vulnerabilities in their smart contract design and implementation.
However, these issues were not difficult to uncover if they were carefully tested and audited.
Again, for project developers, conducting an audit is a must-have step before deploying. A professional audit can prevent most of the risks or issues that have happened so far.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing