Weekly Blockchain Security Watch
December 18 to December 24
From December 18, 2023 to December 24, 2023, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. Transit Finance Suffers Exploit
On December 20, a multi-chain deployed dApp Transit Finance suffered an exploit.
The attacker injected a fake liquidity, manipulated the actualAmountIn in a swap, causing SwapRouter to take the manipulated actualAmountIn as the initial value for swap.
Crypto assets worth around US $110,000 were exploited in this incident.
2. Unisat.io’s X Account Compromised
On December 22, Unisat.io’s X account was compromised. Unisat.io is the most popular Bitcoin inscription and trading platform.
Phishing links were sent in the X account.
3. Pine Protocol Suffer Exploit
On December 22, an Ethereum deployed dApp Pine Protocol suffered an exploit.
The attacker’s address in 0x05324c970713450ba0bc12efd840034fcb0a4baa on Ethereum.
Crypto assets worth around US $46K were exploited in this incident.
RUG-PULLS:
1. BitRGB Rug-pull
On December 21, an Ethereum deployed token BitRGB was confirmed to be a rug-pull.
The token is deployed at 0xb9c18262f5bc7779c637d072c9e8e44411ea3409 on Ethereum.
2,200,000,000,000,000 BitRGB tokens were dumped for 26.7 ETH worth around $58.7K.
The price of $OIL dropped nearly 100.00% after the rug-pull.
CONCLUSION-
4 notable security incidents have occurred in the past week. 2 were attacks on smart contracts, 1 was an attack on social media, and 1 was a rug-pull.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at
https://www.fairyproof.com/