It’s time for another monthly safety check! According to the security public opinion monitoring data of Chengdu Lian’an[Chain Bing-Blockchain Security Situational Awareness Platform] : In April 2022, the number of various security incidents decreased compared with March. There were more than 21 more typical security incidents in April. The total loss of security incidents in the attack category is approximately US$280 million.
A total of “9” typical security incidents occurred
No.1 On April 2, the lending platform Inverse Finance suffered a price manipulation attack and lost about $15 million.
No.2 On April 8, the revenue aggregator Starstream on the Ethereum layer 2 network Metis was stolen $4 million due to a contract loophole.
The No.3 Creat future (CF) token contract is fundamentally flawed, allowing anyone to consume someone else’s $CF balance, resulting in a loss of approximately $1.8 million due to the contract.
No.4 Marvin Inu’s cross-chain bridge was hacked due to the disclosure of private keys, resulting in a loss of about $350,000.
No.5 On April 13, the stablecoin platform Elephant Money suffered a flash loan attack, resulting in a loss of $22 million.
The No.6 Metaverse DeFi protocol Rikkei Finance was hacked on April 15. The attacker used a contract loophole to launch an oracle attack and made a profit of about $1.1 million.
No.7 On April 17, the stablecoin protocol Beanstalk Farms was attacked by a flash loan. The protocol lost about $182 million, and the hacker actually made a profit of about $80 million.
No.8 On April 21, the DeFi protocol ZEED was hacked. The attacker made a total profit of more than 1 million US dollars, but set the contract to be automatically destroyed without taking it out, resulting in the profited funds being permanently locked in the contract.
No.9 On April 28, the multi-chain derivatives protocol Deus Finance was attacked by a flash loan, and the hacker made a profit of about $13.4 million. The project was also attacked on March 15 with a loss of about $3 million.
Fraud runaway/crypto scam aspect
A total of “6” typical security incidents occurred
The No.1 P2E game Crypto Klash has run away, and the project has deleted its social account. Crypto Klash scammers transfer 800 BNB to Tornado Cash.
No.2 The automatic pledge protocol MaxAPY Finance on BNB Chain has a Rug Pull, and its official Twitter account and Telegram group have been deleted.
No.3 The project ANA on the BNB Chain had a Rug Pull, and the Token price fell by 91%.
No.4 Avalanche On the Metaverse real estate project Universe, a Rug Pull occurred, and the contract deployer minted about 16 trillion UNIV and sold it.
No.5 Rug Pull occurred on MetalSwap on BNB Chain, and the token Metal dropped by 99% in a short time
The project BuccaneerFi on No.6 BNB Chain has a Rug Pull. At present, the project’s social media account and community have been deleted, and about 841 BNB have been transferred to Tornado Cash.
A total of “4” typical security incidents occurred
No.1 On April 7th, the NFT game WonderHero was attacked due to the disclosure of private keys, resulting in a loss of about $2.8 million.
No.2 On April 23, the NFT project party Akutar had two loopholes in the contract, causing the project party to permanently lock up $34 million.
No.3 On April 25, BAYC’s official Instagram account was hacked, and the hacker posted a phishing link, which resulted in the theft of 91 NFTs, and the hacker made a profit of about $2.4 million.
No.4 A user lost $570,000 worth of BAYC NFT to a “fake verification” scam.
A total of “2” typical security incidents occurred
No.1 The U.S. Department of Justice has successfully seized about $34 million worth of cryptocurrency from a seller on the dark web in what it says is one of the largest cryptocurrency civil forfeitures in U.S. history.
The No. 2 blockchain security firm has discovered a vulnerability that could lead to the loss of a $15 billion Rug Pull. The vulnerability has now been fixed.
In view of the current new situation in the field of blockchain security, “Chengdu Lianan” summarizes here:
Overall, blockchain security incidents in April 2022 are down from March. The total loss of security incidents in the attack category is approximately US$280 million. The security risks exposed in DeFi still cannot be ignored. The number of NFT theft cases has increased, and everyone needs to take more precautions. It is recommended that security audits and security precautions should be done well before the project is launched.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/the-total-amount-of-blockchain-ecological-theft-in-april-was-about-280-million-us-dollars-which-is-more-than-21-typical-security-incidents/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.