Inventory: More than 32 typical security incidents occurred in May, and more than 10 BSC on-chain projects were attacked, with losses of about $300 million
How to find a balance between “innovation” and “security” to achieve a balance and parallelism
In May 2021, according to incomplete statistics, there were over 32 typical security incidents in the entire blockchain ecology, and the overall security risk rating was [high]. This month, although the typical security incidents in other areas have moderated, DeFi has become the “hardest hit area” with frequent typical security incidents and needs to be highly alerted; BSC has taken the brunt of the attack and become the “main battlefield” for hackers to launch lightning loan attacks.
A number of BSC chain projects in May concentrated “lightning”, the industry called “Black May”, and this is also the highest frequency of attacks suffered in the history of DeFi, the largest losses in the month. According to preliminary statistics, the resulting economic losses amounted to approximately $300 million. The frequency of typical security incidents also directly triggered the flash crash of multiple virtual asset coin prices. This May was an unprecedentedly “gray” month for investors, project parties, and even the entire DeFi ecosystem.
Here are the details of this month’s monthly security report.
On the exchange side, there were ‘1’ typical security incidents
The Hotbit exchange was attacked by an attacker, causing some basic services to go down. The Hotbit team will shut down all services for more than 7 days to check and recover.
For DeFi, there were ’14’ typical security incidents
On May 2nd, DeFi project Spartan was hit by a lightning lending attack, resulting in a $30 million loss.
On May 7th, ValueDeFi was hacked and part of IRONFinance’s pool and products were attacked, leading to a possible exhaustion of STEELLP tokens.
DeFi revenue aggregator RariCapital was hacked, resulting in the loss of over $14.71 million worth of ETH.
DeFi protocol xToken suffered a lightning lending attack, resulting in a loss of $24.5 million.
On May 16, bEarn Fi was attacked, resulting in a loss of nearly $11 million.
On May 19, BSC’s largest lending platform, VENUS, experienced a large liquidation. This has now caused over $100 million in bad debt to the Venus platform.
On May 20, DeFi earnings aggregator PancakeBunny was attacked by Lightning Lending, losing approximately $45 million in WBNB and BUNNY.
The on-chain options protocol FinNexus was suspected to be attacked. It resulted in hackers minting 323 million FNX worth $6 million on Ether and 60 million FNX worth $1.6 million on BSC through a certain address.
Bogged Finance officials said that hackers conducted a lightning credit attack on the BOG token contract and have now disabled transaction fees.
AutoSharkFinance was attacked by flash lending and the coin price had a flash crash, dropping over 99% at one point.
Merlin is suspected to be under attack. It is reported that the project owner appears to have temporarily suspended the minting of MERL tokens.
BurgerSwap is suspected to have suffered a lightning lending attack and about $3.3 million of Burger was stolen.
On May 28, JulSwap was hit by a lightning lending attack and $JULB dropped over 95% for a short period of time.
On May 30, Belt Finance, an AMM protocol on the BSC chain that combines multi-strategy revenue optimization, was attacked by lightning lending.
The frequent “lightning” and heavy losses of BSC on-chain projects in May are enough to sound an alarm to BSC, DeFi, and the entire blockchain ecosystem. By reviewing the commonality of each typical security incident, it is easy to find that “lightning loan attack” is the most important attack technique taken by hackers; and the amount of attack is generally large, with at least 6 projects losing more than $10 million.
Here, Chengdu Chain Security Team solemnly calls on DeFi project parties to focus on preventing attacks related to “lightning loans”. Security audit, security protection and security reinforcement should not be neglected by DeFi project owners; if necessary, they can link up with third-party security companies to establish a set of perfect and professional risk control measures.
There are 7 typical security incidents in the area of fraudulent run/encryption scams
GEC Eco-coin has been driven out and investigated by local government for many times, and after the plunge of this coin price, it was exposed again as a suspected pyramid scheme.
Fraudulent team scammed $100,000 in virtual assets at SNL (Saturday Night Live) event.
A person posing as a member of the Coingecko team defrauded crypto project parties by claiming to pay to list tokens on the Coingecko platform.
OnePlus co-founder Carl Pei’s Twitter account was hacked and used to promote a crypto scam.
The official YouTube account of the Spanish National Guard (Civil Guard) was subject to a suspected spear phishing attack and has been taken over by XRP scammers. The name of the account has been changed to “Ripple – XRP Foundation” and all content has been removed.
The Office of the Comptroller of the Currency (OCC) issued a warning regarding recent emails about crypto fraud, stating that no such messages were sent and no funds were held for personal gain.
DeFi100, a decentralized financial protocol built on BSC, has been exposed as a scam, with the operator having run away after scamming investors out of their money.
This month, although the security situation [on the DeFi side] is serious, the security threat from [on the scam run/crypto scam side] should still not be taken lightly. Chengdu Chain Security (Beosin) – Seven Stars Lab has noticed that recently there have been a number of various capital market projects on the market under the banner of “DeFi”, which are actually pyramid schemes. As an investor, remember to keep your eyes peeled and beware of money market scams under the banner of “DeFi”!
In terms of ransomware/mining Trojan, there were 3 typical security incidents
Trend Micro, a cybersecurity software company, has discovered a new type of malware called “Panda. Researchers say crypto wallets have been targeted for online theft, as have bank accounts.
Colonial Pipeline paid a ransom of nearly $5 million to hackers on Friday, after reports that the company had no intention of paying ransom to hackers to help restore the U.S. pipeline to operation.
New Zealand’s Waikato Ministry of Health confirmed that the ransomware used in the previous cyber attack was “Zeppelin”, which the Minister of Health did not deny.
In other areas, there were ‘7’ typical security incidents
Mask Network’s ITO contract was attacked by a bot, and the address was officially blacklisted.
On May 6, Hpool officially said that the front-end of the official website was attacked by DDOS, and temporarily could not be accessed normally, but it did not affect the mining service.
FeiProtocol development team FeiLabs discovered and disclosed a contract vulnerability and immediately suspended the contract. The vulnerability is currently unexploited and will not affect any users.
Kyrgyzstan’s National Security Committee (GKNB) cracked down on illegal mining operations in the capital Bishkek and the Chuy region, raiding and seizing 2,000 units of illegal virtual asset mining equipment.
UK police raided a warehouse near Birmingham and found it to be a sizable bitcoin mine. The bitcoin mine was powered by electricity illegally separated from the mains and the equipment was seized by police.
A California man pleaded guilty to operating an unlicensed money transfer business, money laundering, and failing to maintain an effective anti-money laundering program and had approximately $1.25 million worth of Bitcoin (18.4) and Ether (222.5) confiscated by the United States.
Ethercore developers discovered a significant vulnerability in EIP-1559, and the developers have now added four checks to EIP-1559 and fixed the vulnerability.
Given the current security posture of the blockchain ecosystem, here is a summary.
In general, typical security incidents in May were significantly higher than in April. The total number of incidents exceeded the “30” mark, and the overall security risk rose steeply from [low] to [high]. Especially in DeFi, a series of hacking attacks, frequent security incidents, and capital losses of over 300 million USD have undoubtedly dealt a catastrophic blow to the security order of the entire DeFi ecosystem.
Under the severe situation, the security team of Chengdu Chain Security (Beosin) noticed that after Pancakebunny was attacked by lightning loan, its BSC chain such as Merlin, AutoSharkFinance and other imitation plates also “fell” one after another, which is sufficient to show that the FORK project did not have a deep understanding of the original project. This shows that the FORK project did not have a deep understanding of the original project and introduced new security risks in the process of updating the code.
As an innovative financial model, DeFi needs a deep reflection from the developers of DeFi projects on how to find a balance between “innovation” and “security” and to achieve both. Here, we recommend that project owners remember to do a good job of security protection, monitor abnormal operations in real time, and find and solve them immediately! As users, they should also enhance their security awareness, prevent security risks, and avoid economic losses.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/inventory-more-than-32-typical-security-incidents-occurred-in-may-and-more-than-10-bsc-on-chain-projects-were-attacked-with-losses-of-about-300-million/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.