6 security incidents occurred in 10 days, and the loss amount exceeded 800 million US dollars. When will the security on the chain be resolved?

周日

22-10-12 20:00

Read this article in 10 Minutes

AI summary

View the summary

The Crypto market in October did not usher in an unexpected recovery, but it seems to have become a hacker's paradise. According to incomplete statistics, the losses caused by hacking attacks in only 12 days once exceeded 800 million US dollars. Many users joked that 2020 is DeFi Summer; 2021 is NFT Summer; 2022 is Hack Summer.

Although some project teams responded immediately after being attacked and recovered part of the losses, frequent security issues still made many users frightened. BlockBeats summarizes the hacking incidents from October 1 to the present as follows, reminding users to pay attention to asset security again, and remember to cancel the authorization contract in time.

《TP Wallet Flash DEX Transit Swap Hacked, asset loss may exceed 15 million US dollars"

On October 2, the encrypted wallet Token Pocket The DEX Transit Swap official stated that it was attacked by hackers, and lost nearly 30 million US dollars at one time. However, with the efforts of the team and security agencies, the hacker has returned more than 18.9 million US dollars, Returned funds accounted for about 83.6% of the total stolen funds. And Transit Swap also promises to 100%

users who lost in this hacking attack.

The episode of the theft incident is also very interesting:Transit Swap Hacked Trades Snatched, Arbitrage Bots Profit Over $1M. Many users laugh, hackers and project

teams will eventually be defeated in the dark forest.

《BNB Chain official bridge hacked , a total loss of about 718 million US dollars, the largest chain attack in history "

The Transit Swap incident has not yet settled, just five days later , On October 7, the official bridge of BNB Chain, Binance Bridge, was hacked, and about 2 million BNB were withdrawn by the attacker, worth $566 million. Within hours of the attack, BNB Chain attackers have moved about $89.5 million to other chains. Subsequently, BNB Chain officially announced that BNB Chain was suspended and immediately investigated potential vulnerabilities.

On October 12th, BNB Chain (BSC) announced that it will perform a hard fork this week to fix a bug that caused the platform to lose $100 million. According to a post on GitHub on Tuesday, the hard fork known as Moran will take place at block height 22,107,423 and is expected to occur at 16:00 Beijing time on October 12. As a temporary emergency patch, this hard fork aims to restart the cross-chain infrastructure. Ordinary users will not be affected, but node operators must stop the operation of actual nodes.

《Layer1 block of quantum computing attack Chain QANplatform offline bridge smart contract was attacked, QANX fell by more than 93%》

On October 11, the offline bridging smart contract of the Layer1 blockchain QANplatform, which is resistant to quantum computing attacks, was attacked, and the attacker has successfully stolen Token. The official reminds users not to perform any transactions related to QANX Token. At present, the price of QANX has fallen by more than 93% in a short-term dive. On the same day, QANplatform issued a document stating that it may take a snapshot of the state before the attack, and then airdrop new Token.

"TempleDAO Suspected Attack, Losses Up to $2 Million"

October 11, TempleDAO was revealed to have been hacked and lost $2 million. Paidun stated that the attacker obtained funds from SimpleSwap and transferred 1,831 ETH (about 2.34 million U.S. dollars) to the address starting with 0x2B63d. TempleDAO stated that the core vault has more than $100 million in stablecoins, and the operation of the project will not be affected. "The attacker will not cause further damage and will compensate all affected users."

"There is a loophole in the DeBank wallet Rabby contract, users are advised to revoke all existing Swap approvals on all chains"

On October 11, Rabby, a plug-in wallet developed by DeBank, claimed that its Swap smart contract did have loopholes, and suggested that users revoke all existing Rabby Swap approvals on all chains. Subsequently, the SlowMist security team informed that the Swap contract of the Rabby wallet project on the ETH chain was attacked. So far, the Rabby Swap event hacker has made more than 190,000 US dollars in profits.

《Solana Ecological DeFi Platform Mango Hacked Attack, loss of more than 100 million U.S. dollars"

On October 12, Mango, the Solana ecological DeFi platform, was hacked and lost more than 100 million U.S. dollars. Blockchain auditor OtterSec stated on its social media that attackers were able to manipulate its Mango collateral, inflate the price of the collateral, and obtain large loans from the Mango treasury. Among them, the Solana ecological revenue aggregator Tulip Protocol was affected by about 2.5 million US dollars in the Mango attack< /a>; Solana ecological stability agreement UXD Protocol affected nearly 20 million funds in the Mango attack USD.

On that day, Mango attack The hacker initiated a proposal, hoping to use about 70 million USDC in the Mango treasury to repay bad debts. If the proposal is passed, the hacker will transfer the MSOL, SOL and MNGO in the account to the address released by the Mango team. As of press time, nearly 99% of voters chose "yes."