Blockchain security incidents increased significantly in July, with losses due to hacker attacks reaching $286 million
Lunaray’s monthly security incident highlights have begun! According to statistics from some blockchain security risk monitoring platforms, in July 2024, the amount of losses from various security incidents increased significantly compared to June. More than 32 typical security incidents occurred in July, and the total loss amount caused by hacker attacks, phishing scams and Rug Pulls reached US$286 million, an increase of about 56.3% from June. Among them, the attack incidents were about US$271 million, an increase of about 92.2%; the phishing scam incidents were about US$12.1 million, a decrease of about 67.6%; the Rug Pull incidents were about US$3.58 million, a decrease of about 13.1%.
Hacker Attacks
10 Typical Security Incidents
(1) On July 2, the AI project Bittensor was attacked, and 32,000 TAO (worth $8 million) were stolen from the address starting with 5FbWTr. In addition, ZachXBT said that the attack on Bittensor was caused by the theft of private keys. However, Bittensor later said that the affected users were actually attacked because a malicious Bittensor package was uploaded to Python’s PyPi package manager.
(2) On July 12, Dough Finance was attacked due to a contract vulnerability, and some unauthorized funds were withdrawn by hackers, resulting in a loss of approximately $1.81 million.
(3) On July 14, the Mantle on-chain project Minterest was attacked by a flash loan, resulting in a loss of approximately $1.4 million.
(4) On July 16, LI.FI was attacked on the Ethereum and Arbitrum chains, causing users to lose more than $10 million. The attack occurred shortly after the deployment of a new smart contract. On July 18, LI.FI released a security incident report stating that this was a human error during the supervision of the deployment process. It is estimated that 153 wallets were affected, with losses of approximately $11.6 million worth of USDC, USDT, and DAI stablecoins.
(5) On July 18, the Indian exchange WazirX was attacked, claiming that a security vulnerability occurred in one of its multi-signature wallets, resulting in a loss of approximately US$230 million. The incident may be related to the North Korean hacker group Lazarus Group.
(6) On July 19, Scroll ecosystem lending platform Rho Markets was hacked due to oracle problems. The attack was preempted by Mev bot, and the profit of $7.6 million has been returned to the project party.
(7) On July 23, the dYdX.exchange domain name was hacked. During the approximately 2 hours of hijacking, two users lost a total of approximately $31,000. dYdX Trading has contacted these users and will ensure that they are fully compensated. After re-securing the domain name, dYdX has added additional control measures to prevent such incidents from happening again, including migrating the domain name to Cloudflare.
(8) On July 25, MonoSwap, a DEX project of the Blast ecosystem, was attacked, resulting in a loss of approximately $1.3 million. The attack originated from developers being tricked into downloading malware.
(9) On July 26, Casper Network was attacked. Casper Network subsequently tweeted that in order to minimize the impact of this security vulnerability, it has worked with validators to suspend the network until the security vulnerability is fixed. According to the preliminary security incident report released by Casper Network on July 31, 13 wallets were affected in this incident, and the total amount of illegal transactions was approximately US$6.7 million.
(10) On July 31, the Terra blockchain was attacked by a vulnerability related to IBC hooks. Someone exploited the IBC vulnerability to mint multiple tokens on the Terra chain, including ASTRO. At least approximately $5 million worth of tokens were stolen. The Terra team has taken emergency measures to prevent further losses and coordinated with validators to apply patches to fix the vulnerability.
Rug Pull / Phishing Scam
8 Typical Security Incidents
(1) On July 1, the address starting with 0x98f6 was hit by a phishing scam, resulting in a loss of approximately $2.41 million.
(2) On July 2, the fake TRUMP (MAGA) token on BNB Chain was rug pulled, resulting in a loss of approximately $950,000.
(3) On July 3, the address starting with 0xD7b2 was hit by a phishing scam, resulting in a loss of 6 “Boring Ape” NFTs and 40 Beans (worth approximately $1 million or more).
(4) On July 21, the UPS token on BNB Chain was rug pulled, resulting in a profit of $520,000 for the deployer.
(5) On July 22, the ETHTrustFund on the Base chain was rug pulled, resulting in a profit of approximately $2 million for the scammer, who laundered the money through Tornado Cash and Railgun.
(6) On July 24, the address starting with 0x0719 was hit by a phishing scam, resulting in a loss of $4.69 million worth of Pendle.
Summarize
From the analysis of the above multiple events, the largest hacker attack in July came from the Indian exchange WazirX, with a loss of approximately US$230 million, accounting for 85% of the amount of attacks that month. The second largest attack was LI.FI, which lost approximately US$11.6 million due to a contract vulnerability. The amount of losses from various blockchain security incidents in July 2024 increased significantly, and the methods of attack in July were also diverse. The Zero Hour Technology Security Team recommends that project parties always remain vigilant, carry out internal security training and authority management, and find professional security companies to conduct audits and conduct project background checks before the project goes online.