The total loss due to security-related attacks and exploits in September is about $164.32 million US dollars. According to data from Beosin Blockchain Security, the number and amount of various security incidents decreased in September, compared to August.
The $160 million hack of Wintermute in September was the biggest loss in Web3 space in recent times. Apart from that, there have also been several security incidents that made use of trending events to defraud in the same month, such as Elizabeth tokens, Ethereum’s merge, imitation disk games, etc. To avoid being scammed, users are advised to be more vigilant and not blindly follow trends.
1. On September 2, crypto exchange Kyber Network suffered a front-end attack and lost about $265,000.
2. On September 2, ShadowFi was attacked, causing its SDF token to plummet, and the attacker made a profit of about $300,000.
3. On September 5, the DAO Officials project on BNBChain was attacked by a flash loan, and the attacker made a profit of about $580,000.
4. On September 7, Nereus Finance, a project on the Avalanche chain suffered a flash loan attack and the attacker made a profit of about $380,000.
5. On September 8, the New Free Dao project suffered a flash loan attack, and the attacker made a profit of $1.25 million.
6. On September 10, the DPC token contract on BNBChain was attacked by hackers, resulting in a loss of about $100,000.
7. On September 18, the Ethereum hard fork blockchain ETHW’s Gnosis Omni Bridge cross-chain bridge project had a contract-level replay vulnerability, which resulted in a profit of about $6,000 for the attacker.
8. On September 20, the crypto market maker Wintermute utilised the Profanity tool to generate a vanity address, resulting in a private key leak and a loss of $160 million.
9. On September 27, an MEV bot was attacked, and the loss was about $1.4 million.
10. On September 28, BXH’s contract once again suffered another flash loan attack, causing a loss of about $40,000.
1. On September 9, the Elizabeth token was launched, taking advantage of the popularity of Queen Elizabeth’s death, and a malicious code was built into the contract, resulting in investors’ funds being at risk.
2. On September 15, as Ethereum’s merge was approaching, there were lots of fake live broadcasts on YouTube. Fraudsters faked videos of crypto celebrities as the official live stream and attached links to the phishing site.
3. North Korea's Lazarus hackers lure macOS developers and artists with fake job postings on cryptocurrency exchanges.
4. On September 29, the official website and Twitter of the BNB Chain knock-off game “Sheep a Sheep” (YLGY) are now inaccessible, and it is suspected to be a rug pull. The game is modeled after a Chinese mobile game with the same title, yet the game developers clarified they had never developed or licensed any blockchain games.
The SDK of the decentralized exchange dYdX uses a malicious third-party component that may lead to user credentials leakage.
Overall, the total loss caused by various blockchain security incidents in September 2022 is about $164.32 million. Among them, the largest loss was incurred by the leakage of private keys. Users and project parties who are using third-party tools or services have to take extra caution.
Magic Eden has launched two distinct domains, magiceden.us for US users and magiceden.io for international users, to cater to regional needs and regulations. Despite a market downturn, Magic Eden remains a leading NFT marketplace with a $122.47 million trading volume in August 2024, holding a 36.7% market share.
AnaisWith deepfakes rising in generative AI, YouTube plans to introduce two tools to protect creators' intellectual property. While the details of these tools are promising, the platform has yet to disclose their official release dates.
CatherineAt the 2024 Shanghai Bund Conference, Ant Financial announced its business progress and strategic layout for the first time after its independence. Its chief scientist Yan Ying said that the Web3 industry has entered a new stage of asset integration.
AlexTRON's Dave Uhryniak highlights the cultural and artistic impact of memecoins at Korea Blockchain Week, introducing SunPump as a new platform for creating and trading meme coins.
MiyukiMichael Smith faces federal charges for defrauding streaming platforms by using AI to create fake songs and bots to generate billions of streams, leading to $10 million in illicit royalties. His scheme involved setting up thousands of fake accounts and using custom software to stream his music, making it appear as though many unique listeners were tuning in.
AnaisAlexAlexChatGPT's latest macOS update finally brings the "Memory" feature to Europe and South Korea, allowing users to save preferences and personal information for more personalised responses. By remembering details like preferred formats and past interactions, could this elevate personalisation even further?
CatherineElon Musk plans to establish a human city on Mars within 20 years, starting with uncrewed missions in 2026 and a crewed mission two years later. But will this interplanetary dream become reality or remain an unattainable utopia?
KikyoDonald Trump is making free speech a central focus of his 2024 campaign, vowing to fire federal employees involved in censorship and banning critical race theory in schools. He faces a close race against Kamala Harris, with both candidates preparing for a crucial debate amid concerns over the economy and rising legal threats.
Anais