From September 12 to September 18, 2022, all security incidents that have occurred are Security Hacks.
SECURITY HACKS:
1. Alpha Centauri Kid Warns Followers on Scammer Attack in Discord Server
On September 12, artist for NFT project Alpha Centauri Kid (@lphaCentauriKid) urged followers on Twitter not to click on any link in their Discord server. The artist claimed that scammers were in the Discord server.
2. Hackers Hijack Verified Account, Sends Fake Airdrop Links as LooksRare’s Twitter
On September 14, hackers hijacked a verified twitter account “@FreddyAdu”. The Twitter account paraded itself as LooksRare’s Twitter (@LooksRare) and sent fake airdrop links. @FreddyAdu later issued an apology and informed Twitter that the account was recovered.
3. Hacker Exploits Bug, Attacks OMNI Bridge on ETHW
On September 16, a hacker attacked OMNI Bridge, a new cross-chain bridge on the ETHW blockchain forked after the Ethereum merge on September 15.
The OMNI Bridge on ETHW had a bug that failed to verify the ChainID, which was thus exploited by an attacker from 0x82faed2da812d2e5cced3c12b3baeb1a522dc677 (on both Ethereum and ETHW).
The attacker sent 200 ETHs from the OMNI Bridge to Ethereum while the transaction was replayed on ETHW, causing 200ETHWs to be generated on the forked chain. The attacker proceeded to acquire these 200 ETHWs (~US$1, 000).
4. Pumpskin Announces Discord Attack by Malicious Group
On September 18, NFT project Pumpskin (@pumpskin_xyz) announced that its Discord server was attacked by a malicious group looking to push a coin pump. In a Twitter thread represented by “speaking as Kumasama”, Pumpskin mentioned that the hack had occurred through an unassuming DM link.
Pumpskin proceeded to explain that Kumasama was immediately banned from the Discord server, with 2FA rendered invalid within 7 to 10 minutes.
As of the time of reporting, Pumpskin has announced that they have taken precautionary measures, updated all Pumpskin-related passwords, and called on Discord to assist in recovering their admin account.
5. Alter Ego Hunters Announce Discord Hacked, New Server Created
On September 18, multi-faceted Avalanche blockchain community project Alter Ego Hunters (@TheEgoVerse) announced that their Discord server had been hacked.
The project subsequently announced that a new Discord server had been created as they no longer have access to the prior server.
CONCLUSION-
5 notable security incidents related to security hacks have occurred in the past week.
Four of them were attacks against social media and one was a replay attack on a blockchain. However, it seems that the forked chain did not get good support from miners.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding to all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at https://www.fairyproof.com/