On October 15th, Knownsec Blockchain Lab monitored that Indexed Finance, the DeFi protocol on Ethereum, suffered a flash loan attack and lost more than 16 million U.S. dollars. The Lab tracked and analyzed this incident as soon as possible.
Analyze attack transactions:
1. First use Flash Loan to obtain…
Some time ago, there was a small episode of the Poly Network theft event. An address transferred to the hacker’s address and was told in the input data that USDT had been frozen and can not use USDT. The hacker then transferred 13.37 ETH to the address.
After the event…
On August 15, the XSURGE protocol on the BSC chain was attacked by a lightning loan, and the loss exceeded 5 million U.S. dollars.
In this regard, Knownsec Blockchain Lab has conducted a comprehensive review of the attack process and code details.
Attack tx: 0x7e2a6ec08464e8e0118368cb933dc64ed9ce36445ecf9c49cacb970ea78531d2
From the perspective of Defi security, the security incidents in September have decreased compared with August, but from the perspective of overall security, it is still not optimistic, and the loss amount involved in hacker attacks is huge.
Knownsec Blockchain Lab summarized all kinds of security incidents in September and…
EVM is a lightweight virtual machine designed to provide a virtual execution environment for the Ethereum network to run smart contracts regardless of hardware, operating system, and another compatibility.
Simply put, EVM is a completely separate sandbox. Code running in EVM cannot access the network, file system, or other processes…
Those who pay attention to blockchain often see information about Zero Knowledge Proof (ZKP) in the circle, and zkSync, mina, and other well-known projects also use Zero Knowledge Proof technology.
In fact, this is not a new technology. Back in 1985, MIT professor Shafi Goldwasser, Silvio Micali, and Cryptography guru…
On September 12, Knownsec Blockchain Lab detected the DeFi protocol Zabu Finance project on Avalanche was attacked by Flash loan. We tracked this incident and analyzed it for the first time.
Attack 1: 0 x0e65Fb2c02C72E9a2e32Cc42837df7E46219F400
Attrack 2 : X5c9AD7b877F06e751Ee006A3F27546757BBE53Dd 2–0 against contract
The cause of the vulnerability lies…
The emergence of Loot continues to drive the NFT wave. What is the magic “Loot”?
In the past few months of the NFT boom, a variety of encryption assets have been pushed to the altar, soaring prices, and in the past half-month, in the NFT this encryption area, the emergence…
As DoS attacks become more rampant and more serious, how can contract developers fix bugs? How best to prevent such attacks?
DoS is short for Denial of Service. Any interference with a Service that reduces or loses its availability is called a Denial of Service. Simply put, normal service requests…