Weekly Blockchain Security Watch
January 22 to January 28
From January 22, 2024 to January 28, 2024, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. GMEE Suffers Exploit
On January 23, a Polygon deployed dApp GMEE@GAMEEToken suffered an exploit.
The GMEE team identified an unauthorized access to its tokens.
Crypto assets worth around US $7 million were exploited in this incident.
2. ConcentricFi Suffers Exploit
On January 23, an Arbitrum deployed dApp Concentric.fi@ConcentricFi suffered an exploit.
The attacker’s address is 0x105f52fcC329cEF4CBe25BC946f8a3738414E4A1 on Arbitrum.
The root cause is that a privileged function `adminMint` was used to transfer tokens to the attacker.
Crypto assets worth around US $1.72 million were exploited in this incident.
3. Citadel One Suffers Exploit
On January 27, an Arbitrum deployed dApp Citadel.one@CitadelDAO suffered an exploit.
The attacker’s address is 0xfcf88e5e1314ca3b6be7eed851568834233f8b49 on Arbitrum.
Crypto assets worth around US $93,000 were exploited in this incident.
4. Goledo Finance Suffers Exploit
On January 28, a Conflux deployed dApp Goledo Finance@GoledoFinance suffered an exploit.
The attacker’s address is 0xa66b15ff3b9e31f579d06d70b527ad0a8f2ffb58 on Conflux espace.
Crypto assets worth around US $1.7 million were exploited in this incident.
RUG-PULLS:
1. GTAI Token Rug-pull
On January 24, a BNB chain deployed token GTAI was confirmed to be a rug-pull.
The token is deployed at 0xf5461d03062ec667854445cd1e3f6ab5fa25fa44Â on the BNB chain.
798,940,370,140 GTAI tokens were dumped for 329K $USDT.
2. DMAIL Token Rug-pull
On January 25, a BNB chain deployed token GTAI was confirmed to be a rug-pull.
The token is deployed at 0xca02674492fca4fce86121e237a49b6a422dc09c on the BNB chain.
954,785,924,601 DMAIL tokens were dumped for 281K $USDT.
After the rugpull the price of $DMAIL dropped 100.00%.
3. ALT Token Rug-pull
On January 25, a BNB chain deployed token ALT was confirmed to be a rug-pull.
The token is deployed at 0x4597fbaea5eb9c98f0aed9383246522064aff31e on the BNB chain.
226,995,494,385 ALT tokens were dumped for $252K.
Both the deployer of DMA 0.00%↑ IL and the $ALT are 0xe0F9eCF727C5976DBE6D89F9F30e60B98b6e6570
CONCLUSION-
7 notable security incidents have occurred in the past week. Four were attacks on smart contracts and three were rug-pulls.
It is worth noting that the attacks on GMEE, Concentric.fi and Goledo Finance caused a total loss more than US $10 million.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at
https://www.fairyproof.com/