From May 29, 2023 to June 4, 2023, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. EDE Finance Suffers Exploit
On May 30, a multi-chain deployed DeFi application EDE Finance suffered an exploit.
The root cause is that the implementation had a vulnerability that was exploited by a hacker to manipulate the token prices.
Crypto assets worth around US $520,000 were exploited in this incident.
2. Push Protocol’s Discord Server Gets Compromised
On May 30, the discord server of Push Protocol(@pushprotocol) was compromised. Push Protocol is a Web 3 messaging application deployed on Ethereum.
3. Bi Social’s Discord Server Gets Compromised
On May 30, the discord server of Bi.social(@Bitislands) was compromised. Bi Social is a Web 3 social application deployed on both Ethereum and Polygon.
4. QuestN’s Discord Server Gets Compromised
On May 30, the discord server of QuestN(@MemeExplorers) was compromised. Meme.com is a platform for Meme coins.Â
5. Ocean Protocol’s Discord Server Gets Compromised
On May 23, the discord server of Ocean Protocol(@QuestN_com) was compromised. QuestN is a Web 3 application deployed on Ethereum, BNB Chain, Arbitrum and more.
6. Pika Protocol’s Discord Server Gets Compromised
On May 31, the discord server of Pika Protocol(@PikaProtocol) was compromised. Pika Protocol is a DeFi application deployed on Optimism.
7. Ordinal Tortoises’ Discord Server Gets Compromised
On May 31, the discord server of Ordinal Tortoises(@ordinaltortoise) was compromised. Ordinal Tortoises is an NFT project deployed on Bitcoin.Â
8. Base Name Service’s Discord Server Gets Compromised
On June 1, the discord server of Base Name Service(@basenameapp) was compromised. Base Name Service is a naming application on Base.Â
9. Flare’s Discord Server Gets Compromised
On June 1, the discord server of Flare(@FlareNetworks) was compromised. Flare is a Layer 1 blockchain.
10. CELL Token Suffers Exploit
On June 1, a BNB Chain deployed token CELL suffered a flashloan attack.
The token is deployed at 0xd98438889Ae7364c7E2A3540547Fad042FB24642 on the BNB Chain.
The root cause is that a smart contract that migrated the old liquidity to the new one didn’t  take into account the changing spread between them during the migration.
245.5 BNBs worth around US $75.1K were exploited.
11. Orbiter Finance’s Discord Server Gets Compromised
On June 1, the discord server of Orbiter Finance(@Orbiter_Finance) was compromised. Orbiter Finance is a cross-chain bridge deployed on multiple chains including Ethereum, Arbitrum and more.
12. Équilibre’s Discord Server Gets Compromised
On June 1, the discord server of Équilibre(@EquilibreAMM) was compromised. Equilibre is a DeFi application deployed on Kava.
13. unshETH’s Private Key Leaked
On June 1, an Ethereum deployed dApp unshETH’s private key was leaked.
Crypto assets worth around US $375,000 were exploited in this incident.
14. ZK Secure Gets Exploited
On June 2, a BNB Chain deployed dApp ZK Secure was exploited.
The token is deployed at 0xc8b77F282B7f83B745514D5ACb70b9E87F5b1A3DÂ on the BNB Chain.
Crypto assets worth around US $7.8k were exploited in this incident.
15. Manta Network’s Discord Server Gets Compromised
On June 4, the discord server of Manta Network(@MantaNetwork) was compromised. Manta Network is a layer 1 blockchain.
16. Atomic Wallet Suffers Exploit
On June 4, an more than 10-year established wallet Atomic Wallet suffered an exploit.
At the time of writing, the root cause is still under investigation.
Crypto assets worth around US $35,000,000 were exploited in this incident.
RUG-PULLS:
1. BlockGPT Turns Out to Be A Rug-pull
On May 30, BlockGPT (@@BlockGPT_BSC) was confirmed to be rug-pull.
Crypto assets worth around US $256,000 were exploited in this incident.
CONCLUSION-
17 notable security incidents have occurred in the past week. 1 was a rug-pull and 16 were attacks on dApps. Among those attacks on dApps.
It is worth noting that Atomic Wallet suffered a huge loss in an exploit.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at
https://www.fairyproof.com/