Discover more from Fairyproof Official Newsletter
Weekly Blockchain Security Watch
Mar 27 to Apr 2
From March 27, 2023 to April 2, 2023, all security incidents that occurred are Security Hacks.
1. SafeMoon Suffers From Flash-loan Attack
On March 29, SafeMoon, a project deployed on the BNB chain suffered from a flash-loan attack.
The root cause was that the contracts were upgraded so that anyone could burn tokens from any address holding the token.
The hacker exploited this vulnerability to inflate the SafeMoon token’s price and exchanged the SafeMoon tokens it held to WBNBs
Crypto assets worth around US $8.9 million were exploited in this incident.
2. Phishing Link Posted in YogaPetz’s Discord Server
On April 1, a phishing link was posted in the Discord server of YogaPetz(@Yogapetz), an NFT project deployed on Ethereum.
3. Phishing Link Posted in Mark Sunset’s Twitter Account
On April 1, a phishing link was posted in the Twitter account of Mark Sunset(@sunsetventurer), an influencer in Twitter.
4. Allbridge Suffers From Flash-loan Attack
On April 2, Allbridge, a project deployed on multiple blockchains including the BNB chain suffered from a flash-loan attack.
The root cause was the token price of an Allbridge pool could be manipulated.
Crypto assets worth around US $574,000 were exploited in this incident.
5. Phishing Link Posted in Raise Finance’s Discord Server
On April 2, a phishing link was posted in the Discord server of Raise Finance(@raise_fi), a wallet project deployed on zkSync.
5 notable security incidents have occurred in the past week. 3 were attacks on social media and 2 were attacks on smart contracts.
It is worth noting that the unaudited contracts lead to a loss of crypto assets worth around US $8.9 million to SafeMoon.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain an understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
To stay updated on notable security incidents in the world of Web3.0
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at