Weekly Blockchain Security Watch
March 18 to March 24
From March 18, 2024 to March 24, 2024, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. TON blockchain’s X Account Compromised
On March 19, the X account of TON(@ton_blockchain) was compromised. A phishing link was sent in the X account. TON is a permissionless blockchain.
2. Dolomite Suffers Exploit
On March 21, an Ethereum deployed dApp Dolomite@Dolomite_io suffered an exploit.
The root cause of this incident was that its contracts lacked permission checks.
The attacker is 0x52522d35725836d48e12e64731fa170bcd9423bf on Ethereum.
Crypto assets worth US $1.8 million were exploited in this incident.
RUG-PULLS:
1. ETHFI Token Rug-pull
On March 19, an Ethereum deployed token ETHFI was confirmed to be a rug-pull.
The token is deployed at 0x354a08270C0c3533c0e253F50eB126ef1eE04Eb6 on Ethereum.
The tokens were dumped for 122 $ETH, worth around US $418,000.
The price of the ETHFI token dropped 100.00% after the rugpull.
2. SLERF Token Rug-pull
On March 20, a BNB chain deployed token SLERF was confirmed to be a rug-pull.
The token is deployed at 0x440038a3fB79F4431f014cdCE53F04D1F95180F6 on the BNB chain.
The tokens were dumped for US $468,000.
The price of the SLERF token dropped 100.00% after the rugpull.
CONCLUSION-
4 notable security incidents have occurred in the past week. Two were attacks on smart contracts or social media, and two were rug-pulls.
It is worth noting that the exploit on Dolomite caused a loss of US $1.8 million.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at
https://www.fairyproof.com/