In December 2023, the amount of losses from various security incidents compared with 11 Monthly decline. Total losses due to hacking attacks, phishing scams and rug pulls in December were approximately $24.94 million. Phishing and fraud incidents remain unabated this month, and users need to increase their anti-fraud awareness.
- < p style="text-align: left;">On December 5, 2023, there was a security vulnerability in the Web3 development platform Thirdweb, which affected multiple smart contracts. At least three projects were attacked due to the vulnerability, resulting in losses of approximately210,000 USD. [Web3 development tool platform Thirdweb stated in its official blog that at 18:00 on November 20, security vulnerabilities were discovered in common open source libraries of multiple Web3 smart contracts (including some of Thirdweb’s pre-built smart contracts), including Airdrop ERC20 (v1 .0.3 and higher), ERC721 (v1.0.4 and higher), ERC1155 (v1.0.4 and higher), etc. Except for the impact of smart contracts, wallets, payments and infrastructure services are not affected and are operating normally. 】
On December 6, 2023, the BSC ecological project and decentralized reserve currency protocol BEARNDAO was attacked and gained more than$700,000Proceeds. [The attacker address "0xCE27b" exploited the error in ConvertDustToEarned() and used a sandwich attack to attack the contract "0x21125d"]
On December 12, 2023, OKX's abandoned DEX market maker contract management rights were stolen, resulting in a loss of approximately $2.7 million. [On December 13, OKX Chinese tweeted that after verification, this incident was caused by the theft of the management rights of an abandoned OKX DEX market merchant contract that is no longer in use, and the assets of 18 addresses authorized for the contract were transferred. 】
On December 14, 2023, the Ledger Connect Kit, a code base commonly used by Web3 projects, suffered a supply chain attack, and the attackers profited Approximately$600,000.
On December 16, 2023, NFT Trader was attacked by a re-entrancy vulnerability, resulting in a loss of approximately US$3 million
strong>, the stolen assets have been returned by the attacker, and the attacker has retained 10% as a bounty. [On December 16, the NFT Trader attacker posted on the chain that stolen NFT assets are safe and will eventually be returned to users. The original attacker of the vulnerability is 0x3dc115307c7b79e9ff0afe4c1a0796c22e366a47b47ed2d82194bcd59bb4bd46. The attacker stated that it was not the original attacker and stated that the original attacker was continuing to prepare to attack a new vulnerability. 】On December 17, 2023, the NFT trading market Flooring Protocol was hacked, resulting in a loss of approximately$1.6 million .
On December 20, 2023, the DeFi protocol Transit Finance was hacked, resulting in a loss of approximately$110,000.
On December 23, 2023, the DEX project Paraluni suffered a price manipulation attack, resulting in a loss of approximately33 Ten thousand U.S. dollars. [The attacker exploited the price manipulation vulnerability in the Paraluni protocol and made a profit of approximately US$336,000 from the contract. According to previous news, Web3 security platform Ancilia posted on Twitter that the Metaverse project Paraluni on the Binance Smart Chain is experiencing price manipulation attacks. The attackers use price manipulation to amplify the value of the collateral, thereby lending more funds, causing the project to loss. 】
On December 26, 2023, the Telcoin wallet was attacked, resulting in a loss of approximately$1.2 million.
Between December 13 and 26, 2023, Levana, the perpetual transaction protocol on the Osmosis chain, was attacked. More than 13 days after the breach occurred, the attacker exhausted 10% of the liquidity pool on Levana and lost more than $1.1 million.
On December 27, 2023, the multi-chain trading platform Thunder was suspected of being attacked. The attacker had86.5 ETH Go to Railgun. [Attacker address: 0x2a2C200af4E659348C4182DD9806a340851df42e. Thunder responded that the third-party service it used was suspected of being attacked, and 114 of more than 14,000 addresses were affected. 】
On December 30, 2023, Channels Finance on BSC was hacked, causing losses of more than320,000 US dollars.
On December 1, 2023, a Rug Pull was suspected to occur on the Grok-2 token on BNB Chain. The token price has fallenby 100%.
On December 1, 2023, a Rug Pull occurred in QMYX, about 10 trillion QMYX was exchanged for 57.18 WETH< /strong>. [MYX Finance token QMYX has fallen 100%. Address 0x7634...168d has exchanged 9,999,999,999,999 QMYX for 57.18 WETH ($119,700). 】
On December 5, 2023, a Rug Pull occurred for the CKD token on BNB Chain, and the deployer made a profit of about $540,000.
On December 13, 2023, the address 0xEbC5 was phished, resulting in a loss of approximately 94,500 US dollars. [Address 0xEbC5 became a victim of a phishing scheme, resulting in the loss of 382.88 crvCRVETH and 43.5 stETH (worth approximately $94,500)]
On December 21, 2023, monitoring revealed that a wallet hacker linked to phishing campaigns on Google Search and X Ads stole approximately$58 million from more than 63,000 victims in 9 months .
On December 24, 2023, the address starting with 0xf8c was stolen710,000 USDC due to a zero-transfer phishing attack. Phishing address: 0x949D0DbE58c77EEF31eDAB5E476f41E4F5ef861B.
On December 26, 2023, a rug pull occurred on MegabotETH, and the deployer made a profit of approximately US$740,000 >.
On December 26, 2023, two victims lost approximately more than $1.5 million due to phishing scams
On December 29, 2023, a user lost value due to a phishing attack because he signed an "increase Allowance" transaction. LINK for $4.4 million.
? Phishing scams continued unabated this month, with multiple incidents involving more than one million dollars stolen from a single address. Users Still need to be more vigilant.
On December 4, 2023, a cadre in Taixing City participated in a virtual currency pyramid scheme He was sentenced to 4 years and 6 months in prison for his activities, and the amount involved amounted to more than 37 million yuan. [A cadre in Taizhou, Jiangsu Province was accused of organizing and leading pyramid schemes, involving more than 37 million yuan. The cadre was sentenced to four years and six months in prison and fined 300,000 yuan in the first instance for organizing and leading pyramid schemes. It is reported that the MBI Group, a cadre from Taixing City, Jiangsu Province, participated in, in the name of investment and financial management, requires participants to pay a certain amount of fees each time to purchase the virtual currency "barter coins" (M coins) issued by the group's relevant platforms. It was determined that the number of people offline under Zhao's development reached 476 on the 2nd floor. 】
On December 6, 2023, the Henan Procuratorate disclosed a large-scale virtual currency pyramid scheme involving more than120 million Yuan. [The Procuratorate of Xichuan County, Henan Province recently handled a virtual currency pyramid scheme case involving a total amount of 120 million yuan. The criminal suspect Wang commissioned a high-tech company to customize software, set up the "Red Bull Decentralized Exchange" website, and publicly issued it on the Internet. NB Coin (Niu Coin)", developed the corresponding Red Bull Coin Speculation App, carried out MLM activities in the name of virtual currency and blockchain, and established a "Red Bull Business School Lecturer Group" to carry out offline promotion. In just one year, the gang involved in the case had 2,128 members and defrauded more than 120 million yuan of property. 】
News on December 6, 2023, crypto exchange Bitzlato Lianchuang admitted USD 700 million Money laundering crime.
News on December 10, 2023, Hong Kong police cracked a case of laundering 30 million Hong Kong dollars through virtual currency gang.
News on December 13, 2023, the U.S. Department of Justice charged two men with operating a 25 million U.S. dollar Crypto Ponzi Scheme. [The two lured victims to invest in various trading projects, which falsely promised to use artificial intelligence automatic trading robots to trade in the cryptocurrency market and earn high profits, and promoted investment projects under various names. The two embezzled the victims funds to cover personal expenses. 】
On December 15, 2023, the U.S. Department of Justice disclosed that four people were charged with cryptocurrency fraud and money laundering, resulting in over Losses of $80 million. [According to court documents, Lu Zhang, Justin Walker, Joseph Wong and Hailong Zhu allegedly conspired to open shell companies and bank accounts to launder the proceeds of victims of cryptocurrency investment scams (also known as "killing pigs") and other fraudulent schemes. . 】
On December 30, 2023, the Guangxi Public Security Bureau cracked a pyramid scheme involving a live streaming APP involving virtual currency, and the amount involved exceeded< strong>300 million yuan. [The Public Security Bureau of Hechi City, Guangxi cracked a pyramid scheme involving a virtual currency live-streaming APP. The suspect used an APP called Weiwei to build groups and live-stream to deliver goods, and formulated a pyramid scheme to attract people, develop levels, and provide rebates for online registration. model, which promotes virtual services through the in-app purchase function of the software and distributes reward dimension coins set by the platform. At the same time, it constantly promotes it under the banners and labels of e-commerce, virtual currency, national-level projects, etc., covering up its offline development. The essence of profit making]
In December 2023, the amount of losses from various security incidents decreased compared with November. Total losses due to hacking attacks, phishing scams and rug pulls in December were approximately $24.94 million.
Dante
ZeZheng
Sanya
JinseFinance
CryptoSlate
Cryptoknowmics
Bitcoinist
Cointelegraph