In July, the total cumulative losses across the entire network amounted to approximately $2.9 billion, with losses due to private key leaks accounting for 88.31% of the total. Among them, WazirX suffered a loss of approximately $2.35 billion due to a multi-signature wallet private key leak, making it the largest security incident in July.
Largest Security Incident - Private Key Leak
On July 18, WazirX suffered a private key leak in its multi-signature wallet, resulting in a loss of approximately $2.35 billion.
Largest Security Incident - Phishing Scam
On July 24, the address 0x07…fDC9 on the ETH chain lost $4.69 million worth of Pendle tokens due to a re-collateralization scam.
Largest Security Incident - REKT
On July 16, the LiFi Protocol cross-chain bridge aggregation protocol was attacked, resulting in a loss of approximately $10 million. The attacker exploited an arbitrary call vulnerability to steal assets authorized to the contract user.
Largest Security Incident - RugPull
On July 21, ETH TrustFund experienced a RugPull and stole approximately $2 million worth of cryptocurrency on Base.
Case Analysis
On July 15, Minterest encountered a major security incident on Mantle, resulting in a loss of approximately $1.4 million. Currently, the project team has suspended the protocol.
Process Analysis:
1) Borrowed $4.265 million USDY from the USDY/USDT liquidity pool on Mantle DEX.
2) Borrowed $0.3927 million USDY from the mUSDY market.
3) Deposited $4.265 million USDY and exchanged it for 4.473 million mUSD based on the share price.
4) Used the obtained 4.473 million mUSD share tokens to borrow 27.47677 million mUSDY.
5) Withdrew the underlying USDY assets, allowing the hacker to profit approximately $1.4 million after about 25 cycles.
OKLink Tips
In July, the total cumulative losses across the entire network amounted to approximately $2.9 billion, representing a 38.01% increase compared to June. Losses due to private key leaks accounted for 88.31% of the total. OKLink reminds users not to disclose their private keys or mnemonic phrases to anyone, and to avoid saving or memorizing them through screenshots. Users should also refrain from clicking on unverified links, as security awareness is a crucial defense in the Web3 world.
Web3 on-chain tools have become an important means of risk mitigation. OKLink provides tools for address querying and monitoring, on-chain data reporting, and setting up private labels, offering multi-dimensional data comparison to safeguard every operation.
Additionally, OKLink has launched Explorer-as-a-Service (EaaS), an expandable solution designed to address challenges faced by projects. It provides features such as zero-cost setup, rapid deployment, multi-chain support, advanced block analysis, and open APIs.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。