Summary of Recent Hack Events
Decades ago we all heard about heists taking place around the entire world, which included in our imaginations, movies or any such random stories about the heists taking place. However, these heists were all planned and executed and only made for entertainment purposes.
What about the real heists taking place in the industries and market? Our modern hacking events took place in the form of heists, phishing attacks, ransomware, and even through botnets. All these hacking events only led to damage and huge losses to the companies. All that included was stealing the company’s private data, plotting a ransomware attack, or maybe just activating the bots to initiate the process. Earlier the information was easily robbed and this leniency let the hackers get the confidence to carry out the activity more often.
Crypto Hack
This took place in 2021 and almost all the hackers stole $3.2 billion in cryptocurrency and six times more they made off in 2020. That year there were almost six hacks that took place.
Aave Hack
This took place in April 2022, wherein the hackers exploited the DeFi platform called Aave to make enormous profits on the stablecoin protocol which was called Beanstalk Farms. The hack was designated as a flash loan attack and led to a loss of almost $182 million.
BadgerDAO Hack
This event took place in the year 2021 wherein the hackers were able to access their application’s website and inoculate fraudulent javascript code and this code was generated to carry out malicious transaction approvals, which was all with good faith was approved by the users and they allowed the hackers to wrench funds to their own wallets instead of those controlled by BadgerDAO at a later date.
In an interview with the team of BadgerDAO it stated that the undertaking shall be decided by the 32000 users of BadgerDAO and the 25 contributors, many of them having a different idea about the incurred losses of almost $53 million.
Ronin Bridge Hack
In late March, Ronin, an Ethereum sidechain was built by a popular game called Axie Infinity, a play-to-earn gaming company was hacked over 173600 Ether (ETH) and 25.5 million USD Coin (USDC) for a combined value of over $600 million.
The entire breach of the Ronin bridge took place in the presence of their very own developers of the popular play-to-earn game. The official reports stated that the hackers were able to access the private keys to validator nodes resulting in the compromise of five validator nodes, which is also the loophole to get the transactions approved. The Ronin chain currency consists of nine validators nodes and the hackers team found a solution to get access to more four such validator nodes including a third-party validator which was run by a decentralized private organization (DAO) commonly known as Axie DAO. The hackers thought that they’ll make a lot of money however the Ronin bridge was then closed in the aftermath with all the deposits and investments halted until the entire investigation was completed successfully.
How to solve the problem?
Web 3 is still in its infancy, and there’s still a lot to figure out. If you’re using Web 3, the first security measure to take is: Don’t connect your primary wallet to any decentralized application. If you encounter a situation where you must connect your wallet to Dapp, make sure it is the right dApp to avoid losing money.
While you’re using social media apps like WeChat and Discord to chat with people who seem to have similar interests, you often don’t fully understand what those people are really up to on the social platform. Just as it is recommended not to click on shared random links on the internet, do not click on shared links on these platforms unless you can verify their origin.
If you insist on using these links, be careful when clicking on them to open DAPP, as links can be easily redirected. Make sure that the specific links you visit are the ones that particular DAPP shares on its social pages.
Using the same password on different social networking sites is never a good idea. Consider a password manager, and good password manager not only create strong passwords, but also unique passwords. That way, even if one of your accounts is eventually hacked, the others will still be safe.
Web 3 is still in its infancy, but the next generation of the internet is likely to dominate in the next decade. As a result, security and safety are top priorities for the average user as they familiarize themselves with and experience Web 3.
About DeHacker
DeHacker is a team of auditors and white hat hackers who perform security audits and assessments. With decades of experience in security and distributed systems, our experts focus on the ins and outs of system security. Our services follow clear and prudent industry standards. Whether it’s reviewing the smallest modifications or a new platform, we’ll provide an in-depth security survey at every stage of your company’s project. We provide comprehensive vulnerability reports and identify structural inefficiencies in smart contract code, combining high-end security research with a real-world attacker mindset to reduce risk and harden code.
