Discover more from Fairyproof Official Newsletter
Weekly Blockchain Security Watch
November 6 to November 12
From November 6, 2023 to November 12, 2023, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
1. Coinspot Suffers Exploit
On November 7, a centralized exchange Coinspot suffered an exploit.
The exchange’s wallets were drained for $2.4 M worth of $ETH (1,282 ETH).
The attacker’s address is 0x326dc417d96c72349FA3d1fda4aE9C1c77FD89B8 on Ethereum
2. MEV Bot Suffers Exploit
On November 8, an Ethereum deployed MEV bot suffered an exploit.
The MEV bot is deployed at 0x46d9b3dfbc163465ca9e306487cba60bc438f5a2 on Ethereum.
The root cause of this incident was that its contracts lacked access control for asset trading.
The attacker’s address is 0x46d9B3dFbc163465ca9E306487CbA60bC438F5a2 on Ethereum
Crypto assets worth around US $2 million were exploited in this incident.
3. The Standard Suffers Attack
On November 9, an Arbitrum deployed dApp the standard suffered an attack.
The root cause of this incident was that it lacked a check for slippage and LP management.
The attacker’s address is 0x09ed480feaf4cbc363481717e04e2c394ab326b4 on Arbitrum
Crypto assets worth around US $290,000 were exploited in this incident.
4. Poloniex Suffers Exploit
On November 10, a centralized exchange Poloniex suffered an exploit.
The attacker’s address is 0x0A5984f86200415894821bFEFc1c1De036DbF9e7 on Ethereum
Crypto assets worth around US $130 million were exploited in this incident.
5. Raft Suffers Exploit
On November 11, an Ethereum deployed dApp Raft suffered an exploit.
The root cause was the dApp had a precision calculation issue when minting share tokens. The attacker exploited this issue and used a flash-loan to attack the dApp.
The attacker’s address is 0xc1f2b71A502B551a65Eee9C96318aFdD5fd439fA on Ethereum
Crypto assets worth around US $3.6 million were exploited in this incident.
1. GOW39 Rug-pull
On November 9, a BNB chain deployed token GOW39 was confirmed to be a rug-pull.
The token is deployed at 0x575bad4ea32729711da86045e43535a7c1b4881b on the BNB chain.
After the rug, the token’s price dropped to $0.
117,748,562,677,194 GOW39s were swapped for $205,000.
6 notable security incidents have occurred in the past week. 5 were attacks on smart contracts and 1 was a rug-pull.
It is worth noting that the loss in the Poloniex exploit was $130 million.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
Thanks for reading Fairyproof Official Newsletter! Subscribe for free to receive new posts and support my work.
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at