Weekly Blockchain Security Watch

July 25 to July 31

From 25 July 2022 to 31 July 2022, all security incidents that had occurred are Security Hacks

SECURITY HACKS:

1. Attacker Leverages Flashloan, Exploits “_transfer” Function Against LPC
On July 25, a DeFi application deployed on the BNB chain LPC suffered a flashloan attack.

The “_transfer” function in its smart contract did not correctly calculate the balance of an address. When the sender’s address and the receiver’s address are the same, the balance would be incorrectly calculated. The attacker leveraged a flashloan and exploited this vulnerability to steal 845 million LPC tokens and exchanged them for 178 BNBs (~US$45,000)

Additional Details:

- Attacker’s Address: 0xd9936ea91a461aa4b727a7e3661bcd6cd257481c (BNB Chain)

- Attacking Contract: 0xcfb7909b7eb27b71fdc482a2883049351a1749d7 (BNB Chain)

  • Attacked Contract: 0x1E813fA05739Bf145c1F182CB950dA7af046778d (BNB Chain)

2. Hackers Attack NEN Studio’s Discord Server

On July 25, NEN Studio’s Discord server was attacked. Some thefts were confirmed during this attack.

3. Attacker Carries Out Flashloan Attack on Nirvana Finance

On July 27, Nirvana Finance, a DeFi application deployed on Solana suffered a flashloan attack.

Here is how the attack was carried out:

Step 1: The attacker used a flashloan to borrow 10.25 million USDCs

Step 2: The attacker minted ANAs by staking 10 million USDCs as collateral, however, due to a vulnerability in its smart contract, the total value of the ANAs minted was nearly $13.49 million.

Step 3: The attacker exchanged all the ANAs held to 13.49 million USDTs.

Step 4: The attacker exchanged 13.49 million USDTs to USDCs

Step 5: The attacker paid back the debt and eventually attained a net profit of 3.49 million USDCs.

The attacker transferred 3.49 million USDCs across-chain from the BNB chain to Ethereum via the Wormhole cross-chain bridge and exchanged all the USDCs to 3.57 million DAIs.

Additional Details:

- Attacker’s Address:

76w4SBe2of2wWUsx2FjkkwD29rRznfvEkBa1upSbTAWH (Solana)

0xB9AE2624Ab08661F010185d72Dd506E199E67C09 (Ethereum)

- Hash Value of the Attack Transaction:

5yF3VH82Wa3TC4zxdzxmEq4jL3EvSPovHVLG3XASzjHNpiyeSt1t2FF6WrHN94hBJc4AAHb3sUWgsAsupSRuszF7 (Solana)

4. Attackers Send Phishing Links to The Americans’ Discord Serve

On July 27, phishing links were sent to The Americans’ Discord server. The Americans is an NFT project.

5. Attackers Send Phishing Links to Tasty Bones’ Discord Server

On July 28, phishing links were sent to Tasty Bones’ Discord server. Tasty Bones is an NFT project.

The attacker’s address was disclosed to be 0x2a1bF7a077E2C8c20A67A75bDD37cC88F3319054 (Ethereum).

6. Attackers Send Phishing Links to DAISUKI’s Discord Server

On July 29, phishing links were sent to DAISUKI’s Discord server. DAISUKI is an NFT project.

7. Attackers Send Phishing Links to Old Sport’s Discord Server

On July 29, phishing links were sent to Old Sport’s Discord server. Old Sport is an NFT project.

8. Attackers Send Phishing Links to ApachesNFT’s Discord Server

On July 29, phishing links were sent to ApachesNFT’s Discord server. ApachesNFT is an NFT project.

9. Attackers Send Phishing Links to EpoLabs’ Discord Server

On July 30, phishing links were sent to EpoLabs’ Discord server. EpoLabs is an NFT project.

CONCLUSION-

9 notable incidents had occurred in the past week. All of them were security attacks.

Flashloan attacks occurring in the Solana blockchain are becoming common. Previously, these attacks often occur in the Ethereum blockchain. It is worth noting that flashloan attacks are beginning to spread to other blockchain ecosystems. Additionally, most of the attacks in the past week were carried out through social media targeting NFT projects.

A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be aware of potential issues in governance mechanisms.

A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.

It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.

Looking to strengthen the security of your project? Contact us at

https://www.fairyproof.com/

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store