Metacurity

Share this post
Special Report: Four-Day Crypto Hacking, Phishing Spree Nets Bad Actors $106.5 Million
metacurity.substack.com

Special Report: Four-Day Crypto Hacking, Phishing Spree Nets Bad Actors $106.5 Million

Rari Capital and Fei Protocol lose $77 million, Hacker nets $10 million from Saddle Finance, Deus Finance exploited for $13.4 million, Bored Apes phishing scheme scams $6.1 million

Cynthia Brumfield
May 2
1
Share this post
Special Report: Four-Day Crypto Hacking, Phishing Spree Nets Bad Actors $106.5 Million
metacurity.substack.com

April was one of the cruelest months for cryptocurrency projects, with many hacks and cyber incidents, causing a total loss of around $359 million. Approximately 30% of this total came in a five-day spree beginning April 28th. Our special report highlights these four incidents.

Fei Protocol said they suffered a $77 million hack five months after their merger.

Fei offered the hacker a $10 million bounty if they returned the remaining user funds, “no questions asked.” Meanwhile, the hacker has already started moving crypto to Tornado Cash, allowing users to mask transactions. The hacker drained funds from several Fuse pools by exploiting a reentrancy vulnerability. (Emily Nicolle and Sidhartha Shukla / Bloomberg)

Related: U.Today, Web3 is going just great, The Block, Bitcoinist.com, Security Affairs

Twitter avatar for @BlockSecTeamBlockSec @BlockSecTeam
Our monitoring system detected that multiple pools related to @RariCapital @feiprotocol were attacked, and lost more than 80M US dollars. The root cause is due to a typical reentrancy vulnerability. @defiprime
versatile.blocksecteam.com/tx/eth/0xadbe5…

April 30th 2022

37 Retweets74 Likes

A decentralized exchange for trading stablecoins, Saddle Finance, was hacked in a DeFi exploit, with the hacker netting over $10 million in ether cryptocurrency.

Smart contract audit firm BlockSec rescued $3.8 million from the exploiters who initially stole $13.8 million with an "internal system" that can detect and front-run hacking incidents using off-chain arbitrage bots called flashbots. (Vishal Chawla / The Block)

Related: BeInCrypto, CryptoPotato

Twitter avatar for @peckshieldPeckShield Inc. @peckshield
1/ @saddlefinance was exploited in a flurry of txs (
etherscan.io/tx/0x2b023d654… and etherscan.io/tx/0xe7e047479…), resulting in the protocol loss of >$10M.

April 30th 2022

40 Retweets167 Likes

Security researchers at PeckShield said that decentralized finance (DeFi) application Deus Finance was exploited for the second time in two months, with the attacker gaining more than $13.4 million of cryptocurrency.

The attacker used a flash loan to trick the way Deus's smart contracts read data on the platform’s liquidity pools. This technique allowed the attacker to artificially inflate the value of some assets, borrow funds and make a profit after repaying the loan. (Shaurya Malwa / CoinDesk)

Related: The Block, Bitcoinist, The Record

Twitter avatar for @peckshieldPeckShield Inc. @peckshield
The @DeusDao was exploited today in
ftmscan.com/tx/0x39825ff84… with ~$13.4M gain for the hacker (The protocol loss may be larger).Fantom Transaction Hash (Txhash) Details | FtmScanFantom (FTM) detailed transaction info for txhash 0x39825ff84b44d9c9983b4cff464d4746d1ae5432977b9a65a92ab47edac9c9b5. The transaction status, block confirmation, gas fee, FTM, and token transfer are shown.ftmscan.com

April 28th 2022

72 Retweets270 Likes

Some of the historically phishing-prone fans of the pricey Bored Apes project fell for scams that pretended to be the Bored Apes' new land project, called "Otherside.”

One address netted around $1 million and two other scammer wallets contained $5.1 million of other stolen NFTs. (Molly White / Web3isGoingJustGreat)

Related: The Gamer

Twitter avatar for @zachxbtzachxbt @zachxbt
1/ As we all anticipated Otherside phishing sites would appear Today 0xb87 stole $1.03m (369 ETH) worth of NFTs. Most notably 4 MAYC, 1 BAYC, & 30+ SandboxNFT This lead to 0xa8 & 0x5d which have $5.1m worth of stolen NFTs! 4 BAYC, 19 Azuki, 2 MAYC, 2 WOW & more $6.2m in total!
Image
Image
Image

May 1st 2022

136 Retweets511 Likes
Twitter avatar for @GergelyOroszGergely Orosz @GergelyOrosz
"Web 3 is going great" by @molly0xFFF is a masterpiece and required reading for anyone planning to invest their savings in web3. The past 2 days, $91M has been stolen in 3 hacks. This month: $359M. This year so far: $1.76B. These numbers are hard to comprehend: yet real.
$91M frad in web3 projects the past 3 days
$385M frad in web3 projects the past month
$1.76B frad in web3 projects this year

April 30th 2022

200 Retweets936 Likes

Image by Sergei Tokmakov Terms.Law from Pixabay

Share
Share this post
Special Report: Four-Day Crypto Hacking, Phishing Spree Nets Bad Actors $106.5 Million
metacurity.substack.com
TopNew

No posts

Ready for more?

© 2022 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing