Weekly Blockchain Security Watch December 12 to December 18


  • Hacker Attacks Baby Apes Society’s Discord Server

On 12 Dec, a hacker attacked Baby Apes Society’s discord server. Baby Apes Society is an NFT project deployed on Polygon.

  • Hacker Attacks Elastic Swap

On 13 Dec, a hacker attacked Elastic Swap, a DeFi application deployed on both Ethereum and Snow.

The root cause of the incident was its implementation did not validate the K value in the AMM algorithm.

The algorithms for adding and removing liquidity were different in Elastic Swap. On the Snow blockchain, the attacker added liquidity and then sent USDC.E tokens to the liquidity pool of the TIC-USDC. The attacker then removed the liquidity to exploit the contract by leveraging the vulnerability. This process was repeated to exploit the AMPL-USDC pool on Ethereum.

The attacker exploited 22,454 AVAXs (US $290,328) on Snow and 445 ETHs (US $564,000) on Ethereum.

At the time of writing the exploited assets on Snow were still in 0xDd8429b85a92b35712659bd945462a41BFd60cBD and some of exploited assets on Ethereum were still in 0xbeadedbabed6a353c9caa4894aa7e5f883e32967

Crypto assets worth around US $850,000 were exploited in this incident.

Additional Details:

– Attacker’s Addresses:

– 0xbeadedbabed6a353c9caa4894aa7e5f883e32967 (Ethereum)

  – 0x3bdf01ed32f07e8e843163b5d478d4502f5743cd (Snow)

Hash Values of Attack Transactions:

  – 0xb36486f032a450782d5d2fac118ea90a6d3b08cac3409d949c59b43bcd6dbb8f (Ethereum)

  – 0x782b2410fcc9449ead554a81f78184b6f9cca89f07ea346bc50cf11887cd9b18 (Snow)

  • NFT Project 1Minute Alpha Announce Hack on Discord, Collaboration Account

On 14 Dec, NFT project 1Minute Alpha reported on Twitter that their Collaboration Account “@0x1Minute” and Discord had been hacked. The project urged users not to click on any links and await further information.

Subsequently, the account announced that its Discord ID and channel had been successfully restored while the main Twitter account “@ONEMINNFT” had not been hacked. The account went on to report that “everything had been normalized” and gave opportunities for minimal compensation to those damaged by the hacking.

  • Hacker Leverages Flash-Loan to Attack Nimbus Platform

On 14 Dec, a hacker leveraged a flash-loan to attack Nimbus Platform, a dApp deployed on the BNB chain.

The platform had a flaw in its reward computation, allowing the hacker to exploit 278 BNBs, worth approximately US $76,000.

Additional Details:

– Attacker’s Address: 0x86aa1c46f2ae35ba1b228dc69fb726813d95b597 (BNB chain)

– Hash Value of Attack Transaction:


  • Hacker Exploits Vulnerability in FRP LP’s Wallet in Attack Against FRP Token

On 15 Dec, an attacker exploited a vulnerability in FRP LP’s wallet to attack the FRP token deployed at 0xA9c7ec037797DC6E3F9255fFDe422DA6bF96024d. FRP is a dApp deployed on the BNB chain.

The attacker managed to exploit crypto assets worth around US $30,000.

  • Raydium Announces Compromise of Private Keys Leading to Attack

On 16 Dec, Raydium, a dApp deployed on Solana, had announced the compromise of the private keys of the owner of several liquidity pools, leading to an attack. The attacker accessed the owner’s wallet and called the withdrawalPNL function to withdraw the fees earned in transactions. Liquidity pools including SOL-USDC, SOL-USDT, RAY-USDC, and RAY-USDT were exploited.

Crypto assets worth around US$4.395million were exploited.

  • Hacker Attacks Mekawaii’s Discord Server

On 16 Dec, a hacker had attacked Mekawaii’s discord server. Mekawaii is an NFT project deployed on Ethereum.

  • Hacker Attacks Neo Tokyo’s Discord Server

On 18 Dec, a hacker had attacked Neo Tokyo’s discord server. Neo Tokyo is an NFT project deployed on Ethereum.


8 notable security incidents have occurred in the past week. Four of them were attacks on smart contracts and the other four were attacks on social media.

A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. In addition, manage and store private keys with great care.

A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.

It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.

To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter: https://fairyproof.substack.com/

For a better understanding of all things Web3.0: https://medium.com/@FairyproofT

Looking to strengthen the security of your project or looking for an audit? Contact us at https://www.fairyproof.com/

Leave a Reply

Your email address will not be published. Required fields are marked *