More than 41 typical security incidents occurred in August, how many attacks still exist for hackers?

It’s time for monthly security inventory again! The public opinion monitoring of the blockchain security situational awareness platform (Beosin-Eagle Eye) shows that in August 2021, various security incidents are still frequent. According to the statistics of Chengdu Lianan Technology, more typical security incidents occurred in August over “41 ” Up .

Security incidents this month are still concentrated in areas such as exchanges, DeFi, and encryption scams , which often cause huge losses. Here, Chengdu Lianan advises users to learn more before participating in some projects to avoid being deceived. The other is that the project party should pay attention to safety precautions. It is best to find a professional safety audit company in the industry to conduct an audit before the project goes live.

Exchange side 

A total of “3” typical security incidents occurred

No.1   Japanese encryption currency exchange Liquid release heat purse was reported attacks, unauthorized party will total approximately US $ 91.35 million of encryption Liquid assets removed from the wallet. Among them, 16.13 million US dollars of ERC-20 assets have been frozen.

No.2   40 million DVPN tokens were stolen on HitBTC Bitcoin exchange. The theft was due to HitBTC exposing its mnemonic phrase.

No.3   Bilaxy exchange hot wallet was hacked and lost more than 21 million U.S. dollars .

DeFi aspect 

A total of “13” typical security incidents occurred

No.1   Starting at around 23:45 on August 3, Beijing time, BSV suffered a “large-scale” 51% attack, resulting in three versions of the chain being mined at the same time.

No.2   On August 4, Wault Finance, the DeFi protocol on BSC and Polygon , was suspected of being attacked by lightning loans, and funds worth more than US$ 800,000 flowed out through Anyswap in the form of ETH .

No.3   On August 4, the Sorbetto Fragola product under Popsicle Finance, a platform for improving cross-chain profitability, was attacked, resulting in a loss of nearly US$20.7 million .

The No.4   multi-chain synthetic asset protocol Duet Protocol pioneer network Zerogoki suffered an oracle attack, and the wrong price resulted in unrecognized transactions.

No.5   On August 10, the cross-chain protocol Poly Network was attacked, and nearly $600 million in funds on the three chains of Ethereum, BinanceChain, and Polygon were stolen.

Punk Protocol, the No.6   decentralized annuity protocol, recently issued a statement that it encountered an attack during the fair launch process and caused more than 8.9 million U.S. dollars in losses. The team later recovered more than 4.95 million U.S. dollars. These funds have been transferred to a safe wallet.

The No.7   encryption incubator DAO Maker may be attacked. A large number of USDC recharged by users were transferred out and replaced with about 2261 Ethereum, worth more than 7 million U.S. dollars .

No.8   On August 13th, the Neko Network, a lending protocol on Binance’s smart chain, was attacked and all asset pools have been frozen.

No.9   XSURGE stated that a potential security loophole in the SurgeBNB contract was discovered on August 16, local time. After the statement was released, XSURGE subsequently stated that it was under attack. The attacker stole $ 5 million in SurgeBNB through a backdoor vulnerability .

No.10   At around 7:40 pm on August 18th, Beijing time, PineconeFinance was attacked by hackers and lost approximately 3.53 million PCT tokens (approximately US$200,000).

No.11   On August 25, the DeFi revenue aggregator Dot.Finance on the BSC chain suffered a lightning loan attack. Analysis found that the attack was a homologous attack by PancakeBunny.

No.12   On August 29, xtokenmarket was attacked by a lightning loan, and its xSNX contract vulnerability was exploited.

No.13   On August 30, Cream Finance, a mortgage lending platform, suffered a lightning loan attack and lost US$18 million.

Beosin review 

This month, the largest DeFi hacking incident of the year occurred! Regarding this incident, the project team was also helpless in front of the hackers. Fortunately, the white hat hacker finally returned the stolen assets. In addition, it is also very important for ordinary people to take good care of their own digital assets.

In terms of fraud/encryption scams 

A total of “14” typical security incidents occurred

The No.1   California man faces five years in prison for participating in a securities fraud scheme involving two crypto companies, involving millions of dollars.

No.2 The   Wulin Police Station of the Public Security Bureau of Honghu City, Hubei Province focused on the implementation of the “Card Broken” special operation deployment, successfully arrested 2 suspects and uncovered a criminal activity that helped information network fraud.

No.3   A resident of Israel was sentenced to eight years in prison for stealing 75,000 DASH and about 6.8 million U.S. dollars of cryptocurrency from his friend .

No. 4 The   US Department of Justice stated that the CEO of blockchain technology company Alchemy Coin was sentenced to 6 years in prison for relieving loan fraud and ICO fraud.

No.5   Russian police officials are investigating one of the country’s largest Ponzi schemes involving cryptocurrencies. One of the founders was arrested, and others have reportedly left Russia. The victim’s loss may be as high as 95 million U.S. dollars .

Ryan Farace, the No.6   dark web drug trafficker, was accused of money laundering involving Bitcoin worth 136 million U.S. dollars.

No.7   British detectives seized a USB flash drive containing 9.5 million U.S. dollars of Ethereum (ETH), which was stolen through a cryptocurrency scam.

No.   8 At 15:14 on August 16, Beijing time, KuCoin hackers started to transfer money and launder money. Over 430,000 USD was transferred from the KuCoin hacker address.

The founder of No.9   Bitcoin mixer Helix has pleaded guilty to money laundering conspiracy and is suspected of laundering more than 350,000 bitcoins.

No.10   Former Manchester United midfielder Anderson is under police investigation for allegedly participating in the use of cryptocurrency to launder 4.7 million pounds .

No.11  Australian police investigated drug trafficking activities on the dark web and seized a record $8.49 million in cryptocurrency at the same time.

No.12   On August 26, the Brazilian police seized $28.8 million in cryptocurrency and arrested 5 people.

No.13   On August 29, the police cracked a 120 million yuan scam of “Mythology Coin”. The criminal team induced the victims to inject funds into Bitcoin and “mythical coins” through fake trading apps, which quickly “evaporated” 120 million yuan from 500 victims across the country .

No.14 The   public security organs of Wuhan City raided a virtual currency trading platform in accordance with the law. This “Shengchang Technology Company”, which provides online trading channels for investment fraud gangs, was “one pot end” by the police.

Beosin review 

The sickle for harvesting leeks has been raised! Where there is interest, there will be crimes. If you dream of getting rich overnight, you will often fall into the tricks of liars. If you find that you have been deceived, you should keep relevant evidence in time, transfer the funds out, reduce losses, and then report to the local public security agency as soon as possible. Chengdu Lianan reminds everyone to pay attention to virtual currency fraud!

Ransomware/mining Trojans 

A total of “7” typical security incidents occurred

No. 1   Polish police recently discovered illegal Bitcoin mining activities at its headquarters in Warsaw.

No. 2   On August 18, the Chengdu Municipal Public Security Bureau issued a notice to file investigations against Yang Moumou, Chen Moumou and others suspected of using the virtual currency of “GUCS” and “Kirin Mining Machine” to conduct criminal activities. Criminal suspects take compulsory measures of criminal detention.

No. 3 The   Bolivarian National Police (PNB) seized 17 devices used to mine bitcoin in the La Pastora parish west of the Venezuelan capital of Caracas on August 20. A bitcoin miner was accused of smuggling. Arrested.

No. 4   Spanish police seized a mine that illegally digs cryptocurrency on August 20.

No. 5   On August 27, the Turkish authorities are investigating the suspected USD 119 million Dogecoin mining scam.

No. 6   Fortune 500, consulting firm Accenture suffered a Bitcoin ransomware attack by the hacker organization Lockbit, and data has been leaked on the dark web.

No. 7   On August 30, the Malaysian police and local power company Sarawak Energy took a joint operation and seized 1,069 Bitcoin mining machines.

 Other aspects 

A total of “4” typical security incidents occurred

Hodl Hodl, the No. 1   peer-to-peer bitcoin lending and trading platform, said that some users’ payment passwords may have been leaked during recent internal and external audits, and measures are currently being taken to ensure the safety of users’ funds.

The No. 2   blockchain security company warned that it has identified a number of token fraud phishing sites, including ShibaDrop[.]io ($SHIB); AAExchange[.]io ($AAE),; BSCTOKEN[.]IO ($ BSCTOKEN); BestAir[.]io ($AIR); AirStack[.]net ($AIR); and BNBw[.]me ($BNBW). Please pay attention to prevent risks.

No. 3 The   old version of Ethereum client Geth has a bug, BSC, Polygon and other chains are affected. This bug may cause double-spending attacks.

No. 4 A   Venezuelan man plots a false kidnapping case for stealing $1.15 million worth of Bitcoin.


In view of the current new situation in the field of blockchain security, “Chengdu Lianan” summarizes here:

On the whole, the overall number of security incidents on the blockchain in August is still at a high risk level. Chengdu Lian’an once again suggested that the majority of project parties must do the corresponding safety protection construction to avoid serious losses.


Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2021-08-31 13:27
Next 2021-08-31 14:06

Related articles