From October 31 to November 6, 2022, all security incidents that have occurred are all Security Hacks.
SECURITY HACKS:
1. Hacker Attacks Generativemasks’ Discord Server
On 1 Nov, NFT Project Generativemasks (@generativemasks) announced on Twitter that its Discord had been compromised. The account proceeded to urge users not to click on any links. Shortly after the attack, the account posted a tweet apologizing for the attack at the GMs Discord server and that the targeted account has been permanently banned from the server and deleted. The account also urged users to revoke all permissions from their wallets and transfer their “assets (Coins, NFTs)” to a new wallet.
2. Hacker Exploits Oracle Vulnerability in Solend
On 1 Nov, a hacker had exploited a vulnerability in the oracle of Soland, a lending dApp deploued on Solana.
Pools of Stable, Coin98, and Kamino were affected, while other pools including the main pool were safe.
At the time of writing, the affected pools have been disabled and exchanges have been notified of the exploiter’s address.
Around, US$1.26 million worth of crypto assets were exploited in this incident.
3. Deribit Claims Hackers Exploit Platform’s Hot Wallet
On 1 Nov, the team behind centralized crypto exchange Deribit claimed on Twitter that its hot wallet had been compromised by an attack by hackers.
The team also claimed that around US$28 million were exploited and promised to compensate all users that had suffered in this incident with assets from its treasury.
Additional Details:
- Attackers’ Addresses:
0x8d08aAd4b2BAc2bB761aC4781CF62468C9ec47b4 (Ethereum)
0xb0606F433496BF66338b8AD6b6d51fC4D84A44CD (Ethereum)
4. Rubic DEX Announces Hacker Exploit, Admin’s Private Key Compromised
On 2 Nov, the team behind cross-chain DEX Rubic DEX announced on Twitter that one of its admin’s private keys used to manage the cross-chain between RBC/BRBC and staking rewards was compromised.
The team initially thought the private key was compromised due to malware, however, it was an attack from a hacker. The attacker from 0xD2D113d7b5c4F8FB4A68cEDa26F894F0fE25F24a exploited 34 million RBCs, BNBs and ETHs, and sold them on both Uniswap and PancakeSwap. This operation caused RBC’s price to drop by 98%..
At the time of writing, the hacker transferred crypto assets worth at least US$1.2 million, and still holds 205 BNBs (~US$65, 000) and ETHs worth around US$205, 000.
5. Hacker Exploits Skyward Finance
On 3 Nov, a hacker attacked Skyward Finance, a DeFi application deployed on NEAR.
The root cause of this incident was due to the “redeem_skyward” function not validating the “token_account_ids” parameter. The vulnerability was exploited by the attacker from 5ebc5ecca14a44175464d0e6a7d3b2a6890229cd5f19cfb29ce8b1651fd58d39 to steal 1.08 million NEARs worth around US$3.2 million.
6. Hacker Exploits pNetwork’s Cross-chain Bridge
On 4 Nov, a hacker attacked pNetwork’s cross-chain bridge through a wrong configuration made by the team.
The attacker (0x6891A233Bca9E72A078bCB71ba02aD482A44e8C1) acquired its gas from 0x5fDAEf0a0B11774dB68C38aB36957De8646aF1B5. The source of the gas could be traced to Binance’s hot wallet.
The hacker exploited the vulnerability to mint 27.8 billion GALAs on the BNB chain and exchanged the exploited GALAs to 12976 BNBs worth around US$4.379 million. Its assets on Ethereum and the cross-chain were safe
This caused GALA’s price to drop by 20%.
The team behind the project announced that it would deploy new pGALA tokens and airdrop to all the pGALA holders.
This is the second attack pNetwork suffered from since it suffered from an attack in September 2021.
7. Hacker Exploits Loopring
On 6 Nov, a hacker attacked Loopring, a DeFi application deployed on Ethereum’s layer 2 solution.
The team behind the project claimed on Twitter that they have been suffering DDOS attacks since 4 Nov. During the attacks, the detected RPS increased significantly such that Loopring’s gateway could not process the requests and was down for nearly 11 hours.
At the time of writing the project was back to normal.
8. Hacker Attacks Little Lemon’s Discord Server
On 6 Nov, NFT project Little Lemon Friends (@LittlelemonsNFT) announced on Twitter that its Discord was hacked as a result of one of their moderator’s account being compromised. The project also urged users not to click on any links.
CONCLUSION-
8 notable security incidents related to security hacks have occurred in the past week.
6 of 8 attacks were against smart contracts, centralized exchanges, or wallets. The remaining 2 were on social media.
It is worth noting that 2 attacks were caused by private keys being compromised.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. In addition, manage and store private keys with great care.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at https://www.fairyproof.com/