Naveen

On Aug 1, the defi protocol @Convergence_fi was exploited for ~$210k when the hacker exploited a vulnerability in the CvxRewardDistributor contract. In an official post on their ‘X’ handle, @Convergence_fi has advised its users not to interact with the protocol and withdraw

On July 24, 2024, the decentralized exchange and staking platform MonoSwap @monoswapio on the Blast chain was exploited, resulting in a significant loss of approximately 💰$1.3M. How the Hack Happened? In an official post on their X handle, @monoswapio claimed that the exploit was carried out with the help of a botnet (malware), which the hackers installed on one of their developers' office PCs while they were on a call with the developer, pretending to be VCs (Venture Capitalist) interested in making investments in the MonoSwap protocol. Through some surreptitious or social engineering method, they were able to install the malware on the PC, which had access to literally all MonoSwap-related wallets and contracts. As soon as the hackers broke in, they drained the staked liquidity positions. The malware infected the PC when the unaware developer downloaded a malicious app through a phishing link shared by the scammers. The malicious app looked similar to KakaoTalk, a mobile messaging app for smartphones. The Hack Aftermath As soon as the hack became known, MonoSwap warned its users against adding liquidity or stakes to their farming pools until the exploit was fixed. They also advised users to withdraw their staked positions urgently to avoid losing funds in the hack. The hack is currently being investigated, and MonoSwap will soon release updates about the hack and fund recovery. The Total Value Locked (TLV) for this protocol dropped significantly from approximately $1.5 million to $200,000 as a result of the exploit. The hacker withdrew funds to the address: 0x895a80371fc0e6987e27ddc7aa0e851bc3538ea8 only to bridge it to the Ethereum address: 0xd30eBC0a9AcdA91d383675EAAB3ff24f06d07eCE. Later all the bridged fund (371 $ETH) was transferred to the Tornado Cash. How to Avoid Getting Scammed by Crypto Scammers? This article highlights many red-flags which can help you in identifying the fraudulent actors in the crypto space. 💡immunebytes.com/blog/beginners… Also, read about different types of phishing scams that are prevalent in the Web3 space. 💡immunebytes.com/blog/zero-valu… 💡immunebytes.com/blog/ice-phish… 💡immunebytes.com/blog/what-is-a… #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks On July 24, 2023, the decentralized exchange @Palmswaporg, on the Binance smart chain, was exploited for ~💰$900k by manipulating a smart contract vulnerability. The Smart Contract Vulnerability The primary reason for the exploit was a flaw in the calculations used to add or remove liquidity from the pool. This calculation was made to determine the exchange rate between USDP(Palm USD) and PLP(Palm Lp). The getAum() function, which calculated the PLP price after removing liquidity, was dependent upon the value of PoolAmount. Due to the miscalculation, the price of PLP increased every time the buyUSDP() was called to buy USDP. The hacker manipulated this miscalculation and made profits due to the difference in the exchange rate between USDP and PLP while removing and adding liquidity. The analysis showed that the hacker used a buying exchange rate of 1:1, whereas the selling exchange rate was 1:1.9, which explains the profit of ~$900k. How to Prevent Such Hacks? 👉 @ImmuneBytes offers reliable and effective smart contract and blockchain security audit services that can help prevent possible exploits by malicious actors in the Web3 space. Reach out for an audit for your Web3 project at 🔍 🔎immunebytes.com/contact-us/ Technical Details of the Hack: Attacker Address: bscscan.com/address/0xF84e… Victim Contract: bscscan.com/address/0x5525… Exploit Transaction: bscscan.com/tx/0x62dba5505… #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts

In a major security breach on July 18, @WazirXIndia—one of the largest cryptocurrency exchanges in India, was hacked for an astonishing ~💰$234M. As per the official release by WazirX India, the breach happened in one of the multisig wallets. WazirX India is currently

RT @ImmuneBytes: On July 16, @lifiprotocol was exploited to steal ~💰$9.7M worth of crypto assets on the Ethereum and Arbitrum chains. The l…

On July 14, the cryptocurrency lending protocol @Minterest on the #mantle chain was exploited for ~💰$1.4M. The hack investigation is currently underway to uncover the reasons behind the exploit. Meanwhile, Minterest has temporarily paused its “Supply & Borrow” and “Repay & Withdraw” services to investigate and contain the hack. The attacker was initially funded by the infamous @TornadoCash on the #ETH chain. As per the last update, the hacker has bridged stolen funds (~$428 ETH) to #ETH. Stolen Funds: The stolen funds were moved to the two contract addresses by the exploiter. 👉mantlescan.xyz/address/0xf762… 👉mantlescan.xyz/address/0x4c1d… Was Minterest Ever Audited? As per the published blog on the official website on Nov 8, 2023, it has undergone 7 security audits by 4 different security audit companies. Whether it was some insider job, compromised security keys, or a smart contract vulnerability will be known once the detailed hack analysis report is out and shared with the community. Ref: minterest.com/blog/minterest… Technical Details of the Hack Hacker Address: mantlescan.xyz/address/0x618F… Txn hash: mantlescan.xyz/tx/0xb3c4c313a… Exploited Contract mantlescan.xyz/address/0x9b50… #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts

Just in: On July 12, the defi @DoughFina on the #Ethereum chain has been exploited for ~💰$1.8m worth of crypto assets. @DoughFina has already acknowledged the hack through its official X handle. Although the hack investigation is still underway but, the likely cause behind

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks On 😈July 10, 2022, the Omni Protocol, a decentralized finance (DeFi) platform, was compromised in a significant security breach. The exploit resulted in the loss of approximately 💰$1.4 million worth of cryptocurrency.

On July 2, 2024, the WMRP token contract on the #BNB chain was exploited for 103 BNB worth ~💰$58k. The attack was carried out by manipulating the price of the MRP using a reentrancy attack. The detailed hack analysis is underway, but executing crypto exploits using

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks June 27, 2023, marks the day of the exploit for Themis Protocol, a decentralized lending and borrowing platform on the #Arbitrum chain. The exploit caused losses of ~💰$370K to the protocol. The attack was carried out by

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks On June 26, 2022, the NFT lending pool @XCarnival_Lab’s XToken lending contract on #ethereum was exploited for ~💰$3.8M (~3,087 $ETH) The hack was a result of a smart contract vulnerability, which allowed the hacker to use

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks Harmony’s Horizon Bridge, a cross-chain bridge, was exploited for 💰$100M on June 24, 2022. The hacker used the compromised private keys in the @harmonyprotocol and stole multiple cryptocurrencies, including ETH, USDC, WBTC,

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks On June 17, 2023, the defi protocol Midas Capital on the BNB chain was exploited to steal 💰$600K worth of crypto assets. The critical vulnerability responsible for the exploit at Midas Capital was a rounding issue within its lending protocol. This protocol, a derivative of Compound Finance's V2 codebase, had a flawed redemption process, which the attacker manipulated using a rounding issue and flash loans. The detailed analysis of the Midas Capital hack can be found here: immunebytes.com/blog/midas-cap… 🤔Coincidentally, the same rounding issue was behind the 💰$7.4M exploit of @HundredFinance in April 2023. immunebytes.com/blog/hundred-f… Useful Read: immunebytes.com/blog/precision… How to Prevent Such Hacks? The exploiter carried out the attack by exploiting a vulnerability in the smart contract which could have been identified by a detailed and careful analysis of the smart contract before its deployment on the mainnet. 👉 @ImmuneBytes offers reliable and effective smart contract and blockchain security audit services that can help in preventing possible exploits by malicious actors of the Web3 space. Reach out for an audit for your Web3 project at 🔍 🔎immunebytes.com/contact-us/ You can also connect with us here t.me/immunebytes #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts #SmartContractSecurity

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks On June 12, 2023, defi protocol Sturdy Finance was exploited due to a smart contract vulnerability. In the attack, @SturdyFinance lost 442 ETH worth ~$775k. The manipulated vulnerability was the read-only reentrancy in the Balancer which led to the exploit by allowing a faulty price oracle to determine the cB-stETH-STABLE asset price and consequently help the exploiter in make illicit profits. The detailed analysis report for the hack can be found here: immunebytes.com/blog/sturdy-fi… How to Tackle Read Reentrancy Attacks? This hack could have been prevented if the developers had taken the following precautions and steps: ✔️ To detect potential vulnerabilities, regularly perform thorough code reviews and security audits by experts. 🔎@ImmuneBytes brings you a team of expert auditors who can sniff out all potential vulnerabilities in your contract that might become a doorway for hackers. Setup a free consultation call here: immunebytes.com/contact-us/ or t.me/immunebytes ✔️ Implementing Reentrancy Guards is an effective strategy against such attacks. The ReentrancyGuard from OpenZeppelin is commonly used by developers across the Web3 space. immunebytes.com/blog/shield-yo… ✔️ Ensures that the state is updated before any external calls are made. This can prevent the attacker from reentering the contract with the old state. ✔️ If using call, set a fixed gas limit for external calls to mitigate the risk of reentrancy attacks by limiting the amount of gas the called function can consume. ✔️ Prefer pull payment models over push payment models. In a pull payment model, users withdraw their funds instead of the contract sending funds to users automatically. ✔️ Leverage well-audited libraries and contracts, such as those provided by OpenZeppelin, to benefit from community scrutiny and best practices. Technical Details of the Hack Exploiter Add: etherscan.io/address/0x1e84… Exploited Contract: etherscan.io/address/0x5927… Exploit Txn etherscan.io/tx/0xeb87ebc0a… #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts #SmartContractSecurity

MEV Bot service provider @JokInTheBoxETH on the #ethereum chain suffered an exploit on June 11 and lost ~💰$34K worth of its assets. The lost assets include ~109 billion $JOK, which were swapped for 9.12ETH by the attacker post-hack. Team @JokInTheBoxETH acknowledged the exploit through a post on their official X handle and stated that to compensate the users affected in the exploit, they would airdrop the exact amount of tokens each user staked and lost on the platform within 24h. They also reassured the community of their commitment to the platform's stability and value by announcing a token buyback and burn strategy. In an effort to reduce the circulating supply, they will buy back 110B $JOK tokens from the market over time and burn them, demonstrating their dedication to the community's long-term interests. The exact reason behind the exploit is not known yet but the exploit is currently being investigated. Attacker: etherscan.io/address/0xfcd4… Attack contract: etherscan.io/address/0x9d34… Attack Txn: etherscan.io/tx/0xd14f5d518… Target contract: etherscan.io/address/0xa644… (JokInTheBoxStaking) #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts #SmartContractSecurity

The Defi protocol @UwU_Lend was exploited in an attack on June 10, resulting in the loss of ~💰$20M worth of crypto assets. The Attack The initial analysis indicates that the attacker (who was initially funded by Tornado Cash) carried out the attack using Oracle price

🏴‍☠️ On This Day: Revisiting Past 😈#Crypto #Hacks On June 10, 2023, Atlantis Loans (an abandoned project on the BNB Chain) experienced a governance attack, which resulted in a loss of over 💰$1 million. The exploiter managed to establish themselves as the administrator of the token's proxy contract, thereby gaining control and manipulating its functionalities. Any users who had granted approvals for the Atlantis Loan contract and have not revoked them had funds extracted from their wallets. The detailed hack analysis can be found here: 🔎immunebytes.com/blog/atlantis-… Governance attacks in the cryptocurrency context refer to malicious or manipulative actions aimed at influencing the governance mechanisms of a blockchain or decentralized organization (such as a Decentralized Autonomous Organization, or DAO) for personal gain or to cause disruption. Must Read: 💡immunebytes.com/blog/what-are-… 💡immunebytes.com/blog/exploring… Here are some common forms of governance attacks: 51% Attack: If an entity controls the majority of the voting power (or stake in proof-of-stake systems), they can unilaterally make decisions, passing proposals that benefit them even if these proposals are harmful to the network. 💡immunebytes.com/blog/51-attack… Sybil Attack: An attacker creates multiple identities to gain a disproportionate influence over the voting process. This is easier in systems where the cost of creating new identities is low. 💡immunebytes.com/blog/is-sybil-… Front-Running: In blockchain systems, proposals and votes are often public. Attackers can see upcoming proposals and position themselves to influence the outcome before other stakeholders can react. 💡immunebytes.com/blog/front-run… Proposal Manipulation: Attackers can submit misleading or malicious proposals that appear beneficial on the surface but contain hidden mechanisms or clauses that serve their interests. Snapshot Manipulation: Manipulating the timing of when snapshots of token holdings are taken for voting purposes, allowing attackers to temporarily acquire tokens just long enough to influence a vote, and then offload them. #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts #SmartContractSecurity

On June 9, the Defi ZK-rollup protocol @loopringorg on the #ethereum chain was exploited for ~💰1373 $ETH worth ~ 💰$5M. How the Hack Happened? The hacker breached the security (2FA service) of the Loopring Official Guardian wallet and obtained the required privileges to pose

Velocore—the decentralized exchange (DEX) protocol on zkSync and Linea—was hacked on June 2, causing a loss of ~💰$10M of the users’ funds. The root cause of the hack has been found to be the vulnerabilities within the Balancer-style CPMM pool contract. The Vulnerabilities There was a flaw in the logic within the ‘velocore__execute()’ function of the ConstantProductPool. Along with that, there was also an underflow vulnerability which comes into play when withdrawing LP into a single token. On top of that, there was an additional vulnerability due to which the `velocore__execute()`function does not verify whether the caller is the Vault or not? The attacker, who was initially funded from the Tornado cash, exploited these vulnerabilities in conjunction with flash loans to carry out the attack. The stolen funds were later bridged to the Across Bridge, finally deposited it back to the Tornado cash. Learn How Underflow and Overflow Vulnerabilities can Prove to Be Fatal In an Attack immunebytes.com/blog/explained… Hack Status As per the official update by Team Velocore, - All volatile pools(CPMM) in Linea and zkSyncEra Velocore are affected. - No stable pools are affected. - The vulnerabilities have been taken care of to avoid any further exploit - A snapshot of the blockchain state prior to the incident has already been taken. - The affected users will be duly compensated once the operations are resumed. - Efforts are ongoing to track, freeze and recover the stolen funds by collaborating with various exchanges and security security partners. - An on-chain negotiation with the hacker is also being contemplated. Balancer-style CPMM pool contract github.com/velocore/veloc… Attacker address: 0x8cdc37ed79c5ef116b9dc2a53cb86acaca3716bf Stolen Funds are currently parked at-0xe4062fcade7ac0ed47ad794028967a2314ee02b3 EOA: 0x8cdc37ed79c5ef116b9dc2a53cb86acaca3716bf 0xd8c465ecd8c6f1a0c114890f1ef553f82e59d274 Affected Contracts: 0xed4e130f6f9e68918996f7e1e46a3306b3e12cec 0xb7f6354b2cfd3018b3261fbc63248a56a24ae91a 0xc030fba4b741b770f03e715c3a27d02c41fc9dae 0xf7f76b30a301524fe76508546B1e3762eF2B9267 Hack Txs lineascan.build/tx/0xed11d5b01… lineascan.build/tx/0x37434e674… explorer.zksync.io/tx/0x4156d73ca… #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts #SmartContractSecurity

On This Day: Revisiting Past 😈#Crypto #Hacks May 29, marks the day of multiple hacks in the Web3 space. 📌On May 29, 2021, defi Belt Finance @BELT_Finance on Binance Smart Chain (BSC) came under a flash loan attack and lost ~$6.2M worth of cryptocurrencies. The exploiter deployed a smart contract leveraging PancakeSwap for flash loans and exploited the beltBUSD pool along with its underlying strategy protocols. Subsequently, they executed the contract eight times, yielding a total profit of 6,234,753 BUSD. 📌On May 29, 2023, dex @EDE_Finance on the #Arbitrum chain fell victim to a white hat exploit, which was conducted using flash loans and Oracle price manipulation. The white hat hacker who profited 597,694 USDC and 86,222 USDT (worth ~$520K at the time of the hack), offered to return 90% of the stolen funds in exchange for a 10% bug bounty. Exploited contract: arbiscan.io/address/0x171c… Attacker Address: arbiscan.io/address/0x8082… Attacker’s contract: arbiscan.io/address/0x6dd3… #Hacked #exploited #crypto #CryptoInvestor #CryptoInvestment #CryptoInvesting #cryptomarket #CryptoCommunity #web3community #bugbountytips #Blockchain #Blockchain101 #WEB3 #web3community #web3jobs #BugBounty #blockchaintechnology #blockchaindevelopment #blockchaingaming #blockchainrevolution #blockchaineducation #blockchains #blockchaincommunity #blockchainjobs #blockchainsecurity #blockchaindevelopers #blockchainsolutions #blockchaintech #web3development #web3education #web3event #cryptocurrency #cryptocurrencynews #cryptocurrencies #cryptonews #bugbountytip #cryptowallet #smartcontracts #SmartContractSecurity