From 6 March 2023 to 12 March 2023, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. Hacker Attacks Cheers Bunny’s Discord Server
On 6 Mar, Cheers Bunny’s Discord server was attacked. Cheers Bunny (@CheersBunnyNFT) is an NFT project deployed on Ethereum.
2. zk Bored Apes Announce Scam Hit on Discord Server
On 6 Mar, NFT project deployed on zkSync zk Bored Apes (@zkboredapes) announced on Twitter that there had been a “scam hit” on one of their mod accounts on their Discord server. In the announcement, the account detailed that there was no “serious damage” due to “the intelligent and shrewd community” who have identified and kicked the scammer out of the server.
3. NFT Trader Warns Users on Twitter of Discord Phishing Attack
On 6 Mar, NFT project deployed on Ethereum NFT Trader (@NftTrader) posted a screenshot of a scammer charading as a bot in their Discord server sending phishing links. The account urged followers on Twitter not to click on any links in the server as the “bot” was sending false information.
In a later update, the project announced that “the fire was put out immediately” and that their Discord “is all good and working”.
4. Valibots Announces Discord Compromised
On 6 Mar, NFT project deployed on Polygon ValiBots (@valibots) announced on Discord that one of their co-founder’s discord account had been hacked. The account detailed that the hacker had taken over the accounts, wallets, and contracts of the project and posted a drainage link in their Discord announcements.
As at the time of reporting, ValiBots have claimed that they have regained full control of everything.
5. Hacker Attacks Management of DeFi, WalletDMs and TradeDMs’ Discord Server
On 6 Mar, the Discord servers of multiple platforms for DeFi applications were attacked by hackers. These platforms include Management of DeFi, WalletDMs and Trade DMs.
6. Hacker Exploits Tender Fi
On 7 Mar, a hacker attacked Tender Fi, an application deployed on Arbitrum.
The root cause of this incident was that the project was connected to an old oracle.
The attacker exploited this vulnerability to borrow a huge amount of tokens from the contract.
At the time of writing, the team behind it had paused the borrowing function.
Crypto assets worth around US$1.58 million were exploited in this incident.
7. Hacker Exploits Phoenix Finance
On 7 Mar, a hacker attacked Phoenix Finance, an application deployed on Ethereum, Polygon and BNB chain.
The root cause of this incident was that a fake token was allowed to be used to borrow USDCs. The hacker exploited this vulnerability to use a fake OPT token to borrow USDCs. And the exploited USDCs were bridged to Ethereum and cased out via Tornado Cash.
Crypto assets worth around US $100,000 were exploited in this incident.
8. Hacker Attacks TOR’s Discord Server
On 8 Mar, TOR’s Discord server was attacked. TOR (@ToolsOfRockNFT) is an NFT project deployed on Ethereum.
9. Hacker Attacks Dumpies’ Discord Server
On 9 Mar, the Discord server for NFT project deployed on Ethereum Dumpies (@DumpiesNFT) was reportedly hacked. The project had posted on Twitter updating followers that the server has since remained secure.
10. Hacker Attacks Casual Sloths’ Discord Server
On 9 Mar, Casual Sloths’ Discord server was attacked. Casual Sloths (@CasualSloths) is an NFT project deployed on Ethereum.
11. Hacker Attacks Generative’s Discord Server
On 9 Mar, Generative’s Discord server was attacked. Generative (@generative_xyz) is an NFT platform for BTC crypto art.
12. Hacker Exploits Hedera
On 10 Mar, a hacker attacked Hedera, a blockchain system.
The root cause of this incident was that there was a vulnerability in its mainnet code that supports its Smart Contract Service.
The hacker exploited this vulnerability and targeted accounts used as liquidity pools on multiple DEXs to transfer Hedera Token Service tokens to the hacker’s account.
At the time of writing Hedera turned off its mainnet proxies to remove user access to the mainnet.
No specific details about the loss in this incident were reported by the team.
13. Theta Network Announces Hack on Admin Account in Discord Server
On 11 Mar, blockchain system Theta Network (@Theta_Network) posted on Twitter announcing that their admin account in Discord was hacked. The Twitter post also announced that the account had been removed and the issue was resolved. There was no loss of tokens or user data.
14. Hacker Attacks Danketsu’s Discord Server
On 11 Mar, a hacker had reportedly attacked Danketsu (@DanketsuNFT), formerly ADA Ninjaz, an NFT project deployed on Cardano. The project later updated users on Twitter that their Discord is back online and operational and the hackers were addressed by user @nftluxbug.
15. Fusionist Announces Hack on Discord Bot
On 12 Mar, blockchain game deployed on Ethereum Fusionist (@fusionistio) posted a screenshot containing their announcement of a hack on their Discord server’s bot. The announcement detailed that the Discord team has “implemented stricter measures” to keep the confidentiality of their API secret key. They also mentioned that even though the problem has been resolved, steps are also taken to prevent similar incidents from happening again in the future.
RUG-PULLS:
1. CryptogerClub Turns Out to Be A Scam
On 9 Mar, CryptogerClub (@CryptogerClub) deployed on the BNB chain turned out to be scam.
The token was deployed at 0x910b0Cb55121190d9E4176D449E26EE3BBbBff1F on the BNB chain. However, the contract deployer and EOA removed liquidity after it was unlocked.
105 BNBs worth around US $30.2K were exploited in this incident.
CONCLUSION-
16 notable security incidents have occurred in the past week. 15 were attacks on social media, smart contracts or blockchains , 1 was a rug-pull.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at https://www.fairyproof.com/