From July 17, 2023 to July 23, 2023, all security incidents that had occurred can be categorized into Security Hacks and Rug-pulls.
SECURITY HACKS:
1. Social Media Accounts Compromised
From July 17 to July 23, the following social media accounts were compromised and phishing links might be sent in these accounts:
Aiko Desho@AikoDeshoBTC, Flex@Flex_strk, ElseVerse World@ElseVerseWorld, El Cafe Cartel@ElCafeCartel, Swisstronik@swisstronik and GrizzlyFi@GrizzlyFi
2. Utopia Suffers Exploit
On July 20, a BNB Chain deployed DeFi application Utopia suffered an exploit.
The token of this project was deployed at 0xb1da08C472567eb0EC19639b1822F578d39F3333 on the BNB Chain.
The attacker’s address is 0xe84ef3615b8df94c52e5B6eF21acbf0039b29113 on the BNB Chain.
492 BNBs worth around US $119.3K were exploited in this incident.
3. Alphapo Hot Wallets Are Drained
On July 20, Alphapo hot wallets suffered an exploit.
Crypto assets including 6.074 million USDTs, 108K USDCs, 100.2 million FTNs, 430K TFLs, 2.5K ETHs and 1.7K DAIs were drained from its hot wallets.
The hacker’s address is 0x040a96659fd7118259EBCD547771f6eCb9580d17 on Ethereum.
Crypto assets worth around US $23 million were exploited in this incident.
4. Conic Finance Suffers Exploit
On July 22, an Ethereum deployed DeFi application Conic Finance suffered an exploit.
The root cause is that the implementation had a re-entrancy vulnerability.
The hacker's address is 0x3d32C5a2E592c7B17e16bdDc87EAb75f33ae3010 on Ethereum.
Crypto assets worth around US $ 3.2 million were exploited in this incident.
RUG-PULLS:
1. DMD Token Rug-pull
On July 17, a BNB Chain deployed token DMD (0xdD63525fAb69a97224962A076A642bfCF0714f2E) was confirmed to be a rug-pull.
Crypto assets worth around US $100,00 were exploited in this incident.
2. IPO Rug-pull
On July 20, a BNB Chain deployed token IPO (0xb524a9a21702813f8Ea7A79c16aFCB5fb4660544) was confirmed to be a rug-pull.
483K BUSDs worth around US $483K were exploited in this incident.
CONCLUSION-
11 notable security incidents have occurred in the past week. 6 were attacked on social medial accounts, 3 were attacks on smart contracts and 2 were rug-pulls.
It is worth noting that the attack on Alphapo hot wallets caused a loss of US $23 million.
A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.
A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.
It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.
To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter:
For a better understanding of all things Web3.0: https://medium.com/@FairyproofT
Looking to strengthen the security of your project or looking for an audit? Contact us at
https://www.fairyproof.com/