Weekly Blockchain Security Watch

Mar 13 to Mar 19

SECURITY HACKS:

  • Hacker Exploits Euler Finance Through Flash-Loan

On 13 Mar, a hacker attacked Euler Finance, a lending application deployed on Ethereum.

The root cause of this incident was that Euler’s donateToReserves() function did not have a proper check on collateralization status.

An attacker address started this attack with a flash-loan and created a leverage insolvent position through Euler’s mint() function and the donateToReserves() function.

The address liquidated its position in the same transaction to gain a large amount of eTokens and repeated this process on multiple Euler pools.

In this attack, the following assets were stolen:

8,877,507 DAI

8,080 WETH

846.4 WBTC

73,821 stETH

34,224,863 USDC

Eventually crypto assets worth around US $197 million were exploited in this incident.

Additional Details:

Attacker’s Address:

– 0xB2698C2D99aD2c302a95A8DB26B08D17a77cedd4 (on Ethereum)

– 0xb66cd966670d962C227B3EABA30a872DbFb995db (on Ethereum)

– 0x5F259D0b76665c337c6104145894F4D1D2758B8c (on Ethereum)

– 0xc66dFA84BC1B93df194bD964a41282da65D73c9a (on Ethereum)

Attacking Contract:

– 0x583c21631c48D442B5C0E605d624f54A0B366c72 (on Ethereum)

Attacked Contracts:

– 0xe025e3ca2be02316033184551d4d3aa22024d9dc (on Ethereum)

– 0x1b808f49add4b8c6b5117d9681cf7312fcf0dc1d (on Ethereum)

– 0x0275b156cd77c5ed82d44bcc5f9e93eecff20138 (on Ethereum)

– 0xbd1bd5c956684f7eb79da40f582cbe1373a1d593 (on Ethereum)

– 0xeb91861f8a4e1c12333f42dce8fb0ecdc28da716 (on Ethereum)

  • Hacker Exploits Poolz Finance by Exploiting Implementation’s Arithmetic Overflow

On 15 Mar, a hacker attacked a DeFi application deployed on the BNB chain Poolz Finance by exploiting on a vulnerability in an arithmetic overflow in the application’s implementation.

Hackers exploited this vulnerability to attack Poolz Finance’s token vesting protocols on both the BNB chain and Polygon.

The hacker attacked Poolz Finanace’s token vesting protocols on both the BNB chain and Polygon. Consequentially, POOLZ’s price dropped by around 99%.

Crypto assets worth around US $390,000 were exploited in this incident.

  • Echelon Announces Discord Server Compromised

On 16 Mar, a game project deployed on Ethereum Echelon (@EchelonFND) announced on Twitter that their Discord had been compromised.

In a later update by //Kalos (@templecrash) indicated that the project’s Discord server is back up and operational and that the server was undergoing a cleanup and security pass. The user urged others not to click on any links and that the project will not conduct surprise mints or drops.

  • Hacker Attacks Para Space by Exploiting Logic Vulnerability

On 17 Mar, a hacker attacked Para Space, a DeFi application deployed on Ethereum by exploited on a logic vulnerability found in the implementation’s borrow function.

The attacker attempted to borrow more than legitimate tokens as BlockSec had successfully intercepted the attack. 2900 ETHs were rescued.

However, around US$90, 000 to US$270, 000 worth of crypto assets were still exploited in this incident.

At the time of writing the project has been paused and Para Space’s patch is being audited.

RUG-PULLS:

  1. Harvest Keeper Turns Out to Be A Scam

On 19 Mar, Harvest Keeper (@Harvest_Keeper) deployed on Ethereum, BNB chain and Polygon turned out to be scam.

The contract was deployed at 0x28120471E1e42e15a71Af5E39cA9f93099F34d2d on the BNB chain.

Crypto assets worth around US $933, 000 were exploited by the team in this incident.

CONCLUSION-

5 notable security incidents have occurred in the past week. 4 were attacks on social media, smart contracts, or blockchains, and 1 was a rug-pull.

It is worth noting that the attack on Euler Finance has caused the greatest loss in 2023 so far.

A Reminder for Project Teams: Always test thoroughly. Do smart contract audits before deploying smart contracts on-chain. Be alert to any anomalies happening in the various social media accounts you manage.

A Reminder for Crypto Users: Be cautious about suspicious links, emails, websites, and projects launched by teams without established reputations.

It is important for everyone in the crypto community to gain understanding and practice sufficient levels of cybersecurity.

To stay updated on notable security incidents in the world of Web3.0, subscribe to our newsletter: https://fairyproof.substack.com/

For a better understanding of all things Web3.0: https://medium.com/@FairyproofT

Looking to strengthen the security of your project or looking for an audit? Contact us at

https://www.fairyproof.com/

Leave a Reply

Your email address will not be published. Required fields are marked *