Weekly Blockchain Security Watch
September 19 to September 25
From September 19 to September 25, 2022, all security incidents that have occurred are Security Hacks.
1. Wintermute’s Founder, CEO Announces Hack on Platform
On September 20, Founder and CEO of crypto market maker Wintermute Evgeny Gaevoy announced that the platform had been hacked, with the attacker exploiting the leaked private keys to steal crypto assets worth at least US$160 million.
According to a statement, the team behind Wintermute had used a vanity wallet address generator tool Profanity to create a wallet for gas fee optimization. This tool had a vulnerability that had compromised some private keys which were subsequently abandoned. Due to a mistake in Wintermute’s manual operations, the leaked private keys were not removed and were later used by the hacker to exploit crypto assets.
This was not the first time Wintermute was attacked. In June 2022, Wintermute was exploited by hackers and lost 20million OP tokens.
- Attacker’s Address: 0xe74b28c2eAe8679e3cCc3a94d5d0dE83CCB84705 (on Ethereum)
- Attacking Contract: 0x0248f752802b2cfb4373cc0c3bc3964429385c26 (On Ethereum)
- Attacked Contract: 0x00000000AE347930bD1E7B0F35588b92280f9e75 (On Ethereum)
2. Hacker Attacks Fortunas Finance Through Multiple Attacking Contracts
On September 22, a hacker used four attacking contracts to deploy an addition 250 contracts to attack Fortunas Finance, a DeFi application deployed on the BNB chain.
The attacker conducted a flash-loan for Fortuna tokens in KnightSwap, and repeatedly called on token transfers using these tokens among the deployed 250 contracts. Doing so resulted in minting a large quantity of Fortuna tokens without consuming BUSDs. The attacker later paid back the flash-loan and exchanged the remaining Fortunas to BUSDs on Pancake.
Around 180000 BUSDs were exploited in this incident.
- Suspected Attacker’s Address: 0x8Dd7c524EaAc1ab194AfE0D6395282fb7987C08d (on BNB chain)
- Attacking Contracts:
0x419a277314e22869dbc3bab8b73fd9722cbbb907 (on BNB chain)
0x3cd710970b4531be041715309e0c9f08b16764cb (on BNB chain)
0x8bd996b1e09973d2218d4c967e6d36b6fdd2e41c (on BNB chain)
0x87e2592ed8eb7bc6c1f12a63f7829c400c9588b8 (on BNB chain)
- Hash Values of Attack Transactions:
0x68d11391d11994d161e20e6449ae3ba2fe9b44cff0bb3328297c76252eb4c9b4 (on BNB chain)
0x8587dbfbd94f7d12fa114f41eec7f7a1b480bb63645c9c8210b7b836512dc689 (on BNB chain)
0x7448d8bdfe124ca9330dc85e1dd5be8777547b60ba9834438045a2f2fe88c7a6 (on BNB chain)
0x2565549b3eca690c41238a9a052c5024f03b59c4ab67ae4d593fe53a59fcac50 (on BNB chain)
0x39b6b8c558b599ca2161a82f9523c449853ce7d48c62918aed0f50e285936314 (on BNB chain)
3. Suspicious Unicorn Society Urges Followers to Refrain from Clicking on Random Links on Discord During Minting
On September 22, Twitter account of NFT project Suspicious Unicorn Society (@SUSocietyNFT) urged its followers not to click random links on Discord during the project’s mint phase.
The project later reported that although there was an attack, the mint had proceeded smoothly.
4. Hacker Attacks Mutant Cats’ Discord Server
On September 23, a hacker attacked Mutant Cats’ Discord server. Mutant Cats is an NFT project.
5. Twitter User Snarls Barkley Is Exploited
On September 23, Snarls Barkley (@Snarls4651) announced on Twitter that around 20 NFTs including those from BAYC, BACK, Vee Friends, and XCopy were stolen from his wallet.
It was reported that Snarls Barkley had suffered from a phishing attack, of which the hacker had liquidated the NFTs immediately to best offers.
Some of the exploited NFTs were transferred to an addressed marked as a “hacker” that attacked Beeple’s Twitter account.
5 notable security incidents related to security hacks have occurred in the past week.
Two of them were attacks on smart contracts, two on social media and one on wallets.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
To stay updated on notable security incidents in the world of Web3.0
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at https://www.fairyproof.com/