March 01, 2022
Beosin: More than 19 typical security incidents Occurred in February 2022
It’s time for another monthly security recap! BEOSIN Eagle Eye has reported over 19 typical security incidents in February 2022. On the whole, the overall number of security incidents has increased compared to January.
The security risks exposed in DeFi still cannot be ignored. Cross-chain bridge projects have been repeatedly hacked, causing huge economic losses that seriously affect the security and stability of blockchain ecosystem. In addition, the incidents related to [rug pulls/crypto scams] also need to be paid attention to. The number of NFT theft cases has increased, and users still need to take more precautions.
There were 7 typical security incidents
№1 Hackers have stolen nearly $360 million in cryptocurrency from a DeFi platform Wormhole Portal.
№2 KLAYswap, a South Korean DeFi project, issued an announcement that it had been hacked and lost about $1.83 million.
№3 On February 6, Meter.io, a cross-chain bridge was hacked and lost about $4.3 million.
№4 On February 10, the DeFi project Dego Finance was hacked and its liquidity on UniSwap and PancakeSwap has been depleted, with a loss of approximately $17.62 million on all three chains.
№5 Titano Finance was exploited to steal approximately 4,828.7 BNB, or about $19 million.
№6 On February 15, the Build Finance project suffered a malicious governance takeover in which attackers successfully took control of the Build token contract, minted 1.1 million BUILD tokens and drained the project’s liquidity pool.
№7 A vulnerability in Flurry Finance is exploited to allow hackers stealing the funds deployed on the FinanceRabbit strategy, with funds from other strategies remaining safe.
Rug pulls/crypto scams
There were 5 typical security incidents
№1 On February 4, Binance’s CEO tweeted that its customers had been targeted by a “massive” SMS phishing scam.
№2 A security team detected the fake AssangeDAO token JUSTICE on the BNB chain is actually a “honeypot” scam with a 100% tax on the sale of tokens.
№3 A security team detected that MarkMeta on the BNB chain is a honeypot scam.
№4 A suspected vulnerability in the new migration contract launched by OpenSea is being exploited by attackers to steal large amounts of NFTs and sell them for arbitrage.
№5 Local police in Gansu Province, China, cracked a huge pyramid scheme case using virtual currency networks, involving a total value of 126 million yuan.
There was 1 typical security incident
№1 Many victims on social media claimed to have suffered a ransomware attack in which their NAS units were encrypted by Deadbolt and had to pay a bitcoin ransom to unlock their files.
There were 6 typical security incidents
№1 On February 1, a major NFT collector, larrylawliet.eth, said on social media that his holdings of several Bored Ape Yacht Club, Mutant Ape Yacht Club and Doodles NFT, and other series of valuable NFT collections were stolen by hackers.
№2 On February 6, NFT marketplace LooksRare tweeted that the LooksRare website had suffered its third DDoS attack and efforts were underway to bring the site back to normal.
№3 On February 10, an account with approximately 300,000 FST reward reserves (0.3% of supply) was compromised.
№4 IRA Financial’s crypto retirement account was hacked for $36 million worth of cryptocurrency.
№5 A gunman reportedly took an employee and a customer hostage and demanded 200 million euros in cryptocurrency as ransom, and the perpetrator was eventually arrested by police.
№6 Rug Pull occurred at BNB42, where the deployer drained more than 6,400 BNBs or about $2.7 million from unverified contracts.
In view of the current new situation in the blockchain security field, BEOSIN hereby summarizes:
In general, the number of blockchain security incidents in February 2022 has increased compared to January. In terms of DeFi, the higher the concentration of its on-chain assets and the wider the coverage of its users, the more it will naturally become a target of hackers. BEOSIN recommends that all DeFi project parties must do a good job of security audit and security prevention. In addition, criminal activities from rug pulls and crypto scams are becoming increasingly rampant. All parties need to stay vigilant to avoid serious losses.
Related Project Secure Score
Guess you like
Beosin’s Analysis of the Arbitrum-based TreasureDAO exploit
March 03, 2022
Beosin’s Full Analysis of Build Finance’s Governance Takeover Incident
February 15, 2022
Beosin’s Analysis: DEGO is Hacked Due to Suspected Private Key Compromise
February 10, 2022
Beosin and Guardian have entered into a strategic partnership
July 28, 2022