Weekly Blockchain Security Watch
March 11 to March 17
From March 11, 2024 to March 17, 2024, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. BLASTOFF Suffers Exploit
On March 11, a Blast deployed dApp BLASTOFF@blastozone suffered an exploit.
After the exploit happened, the team behind the dApp disabled the staking in its pool. Its CEO announced that the team would do repayment and refund to affected users.
150 ETHs worth around US $600,000 were exploited in this incident.
2. Beoble’s X Account Compromised
On March 12, the X account of beoble(@beoble_official) was compromised. A phishing link was sent in the X account. Beoble is a dApp on Ethereum.
3. Mozaic Suffers Exploit
On March 15, an Arbitrum deployed dApp Mozaic@Mozaic_Fi suffered an exploit.
The root cause of this incident was that its private key was compromised.
The attacker is 0xD6d4e8038DF50803412d1b1Ad2c9845BACf7c52b on Arbitrum.
Crypto assets worth US $2.1 million were exploited in this incident.
RUG-PULLS:
1. EigenLayer Token Rug-pull
On March 15, an Ethereum deployed token EigenLayer was confirmed to be a rug-pull.
The token is deployed at 0x1a4f05bd24c95147608657c26cd931c7b246cd21 on Ethereum.
The EigenLayer tokens were dumped for 104 ETHs, worth around US $400,000.
The price of the EigenLayer token dropped 100.00% after the rugpull.
CONCLUSION-
4 notable security incidents have occurred in the past week. Two were attacks on smart contracts , one was an attack on social media and one was a rug-pull.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at
https://www.fairyproof.com/