Weekly Blockchain Security Report by Fairyproof- May 16 to May 22
During the week from May 16 to May 22, 2022, security incidents that happened in the crypto space were all security hacks.
During the week from May 16 to May 22, 2022, security incidents that happened in the crypto space were all security hacks.
Here is a list of the security hacks:
1. FEG
On both May 15 and May 16, FEG, a DeFi application deployed on both the BNB Chain and Ethereum was attacked twice.
Concerning the first attack, here is the basic information:
The attacker’s address was 0x73b359d5da488eb2e97990619976f2f004e9ff7c on both the BNB Chain and Ethereum.
The hash value of the attack transaction on the BNB Chain was:
0x77cf448ceaf8f66e06d1537ef83218725670d3a509583ea0d161533fda56c063
The hash value of the attack transaction on Ethereum was:
0x1e769a59a5a9dabec0cb7f21a3e346f55ae1972bb18ae5eeacdaa0bc3424abd2
3280 BNBs and 144 ETHs valued at around $1.9 million were exploited in the first attack.
With regard to the second attack, here is the basic information:
The attacker’s address was 0xF99e5F80486426E7d3e3921269FFee9c2Da258e2 on both the BNB Chain and Ethereum.
The attacking contract was deployed at 0xf02b075f514c34df0c3d5cb7ebadf50d74a6fb17 on both the BNB Chain and Ethereum.
4343.147 BNBs valued at around $1.9 million were exploited in the second attack.
The root cause of the two attacks was its parameter didn’t get verified. Its parameter “path” was passed onto by the caller. Because the parameter didn’t get verified, the attacker passed onto a fake value such that the attacker transferred tokens without doing token swaps.
2. Scream
On May 16, Scream, a DeFi application deployed on Fantom was attacked.
In this incident, crypto-assets valued at around $35 million were exploited.
The root cause was that Scream didn’t update its prices for fUSD and DEI. When the real prices of fUSD and DEI fell to $0.69 and $0.52 respectively, the prices Scream had were still $1, therefore some attackers including the team behind DEI used fUSDs and DEIs as collateral to borrow a large number of USDCs, DAIs, etc.
3. Phishing Attack on An RPG NFT Game
On May 16, it was reported that users that downloaded and ran an executable from a fake website (Pixelmon[.]gw) looked very similar to Pixelmon. club (an RPG NFT game) suffered from phishing attacks. Once the users ran the executable, their passwords for the game would be leaked and exploited by the attacker.
4. Feminist Metaverse
On May 18, Feminist Metaverse, a DeFi application deployed on the BNB Chain was attacked.
In this incident, 1838 BNBs valued at around $500,000 were exploited.
The attacker’s address was 0xaaA1634D669dd8aa275BAD6FdF19c7E3B2f1eF50 on the BNB Chain.
The attacked contract was deployed at 0x843528746F073638C9e18253ee6078613C0df0f1 on the BNB Chain.
The root cause of this incident was that the implementation didn’t use the correct way to add liquidity.
The attacked contract (FMToken) incorrectly used a transfer function that worked for ERC-20 tokens to add liquidity but didn’t update the liquidity’s reserve value. This caused the tokens that were added to the liquidity could be transferred away by anyone. The attacker, therefore, called the skim function to transfer the tokens added by the FMToken contract away.
5. Discord MEE6
On May 18, Discord’s bot MEE6 was attacked. This caused some crypto projects’ Discord servers to be exploited by hackers to send phishing links. The projects that suffered from this attack included Alien Frens, Lazy Lions, Axie Infinity, and LIamascape.
6. QanPlatform
On May 19, QanPlatform’s cross-chain bridge deployed on both the BNB Chain and Ethereum was attacked.
The attacker’s address was 0x1c8465662cAA8005ed41430e433E399c699cbcE2 on both the BNB Chain and Ethereum.
The hash value of the attack transaction on the BNB Chain was :
0xcf0a3e8a7a76241075f9c942af2780532295e209d5f89d180adbdc2bab07392b
The hash value of the attack transaction on Ethereum was :
0xf5a99333c4eeecf418e3f85079f49964962a32785f3035947f1917889b6788c8
In this incident, 270 million QANXs were exploited, converted to 325 ETHs valued at around $600,000.
The root cause of this incident was that the bridge’s server was attacked such that the attacker could save 1 QANX on the BNB Chain and withdraw 4.8 million QANXs on Ethereum. The attacker repeated this procedure 20 times and exploited a total number of 270 million QANXs
7. LIamascape
On May 20, the Discord account of a team member of LIamascape was compromised such that LIamascape’s Discord server was exploited by the hacker to send phishing links.
30 ETHs valued at around 60,000 were exploited in this incident.
Closing thoughts
In the past week, there were seven incidents, four of which suffered from smart contract attacks and three of which suffered from phishing attacks.
Among those suffering from smart contract attacks, all the vulnerabilities were commonly seen and could have been prevented if they had undergone a professional audit and a thorough test. All the phishing attacks were carried out by commonly seen procedures and could have been prevented if the victims had paid more attention and acted with care and caution.
A reminder to project teams: always test thoroughly and do smart contract audits before deploying smart contracts on-chain.
A reminder to crypto users: be cautious about suspicious links, emails or websites, and projects that are launched by teams without an established reputation.
Join Coinmonks Telegram Channel and Youtube Channel learn about crypto trading and investing
Also, Read
The Best Crypto Hardware wallet | Bitbns Review
Best Crypto to Invest in India | WazirX P2P | Hi Dollar Review