Inventory From Beosin | There Were Over 32 Typical Security Incidents In May. Over 10 Projects On BSC Were Attacked, With a Loss Of Approximately 300 Million Us Dollars In “Black May”.
According to the monitoring data for security incidents of Beosin-Eagle Eye: In May 2021, according to incomplete statistics, there were over 32 typical security incidents in the entire Blockchain ecosystem, and the overall security risk rating was HIGH. Although typical security incidents in terms of others decreased in May, in terms of DeFi frequently occurred and became the “Hardest Hit”, which required a high degree of vigilance; Binance Smart Chain (BSC) bore the brunt and became the “Main Battlefield” for hackers to launch lightning loan attacks.
A plenty of projects on BSC were hacked simultaneously in May and the industry called it as “Black May”, and which was also a month with the highest frequency of attacks and the hugest losses in the history of DeFi. According to preliminary statistics, the economic loss caused was approximately 300 million US dollars. The frequent occurrence of typical security incidents has also directly caused price collapse of a variety of virtual assets. This May was an unprecedented “Gray” month for investors, project parties, and the entire DeFi ecosystem.
The following were the detailed matters of this month’s security report.
In terms of Exchange, there was 1 typical security incident occurred in total:
The Hotbit exchange was attacked by hackers, causing some basic services to be paralyzed. As a result, the Hotbit team would turn off all services for more than 7 days for inspection and recovery.
In terms of DeFi, there were 14 typical security incidents occurred in total:
On May 2, Spartan, the DeFi project suffered lightning loan attack, resulting in a loss of 30 million US dollars.
On May 7, ValueDeFi was attacked by hackers, and IRONFinance’s some of pools and products were attacked, possibly resulting in the exhaustion of STEELLP tokens.
RariCapital, the DeFi revenue aggregator, was hacked, resulting in the loss of ETH worth more than 14.71 million US dollars.
xToken, the DeFi protocol, suffered lightning loan attack, resulting in a loss of 24.5 million US dollars.
On May 16, bEarn Fi was attacked, resulting in a loss of nearly 11 million US dollars.
On May 19, VENUS, the BSC’s largest lending platform, occurred a large liquidation. At present, the VENUS platform has generated more than 100 million US dollars in bad debts.
On May 20, PancakeBunny, the DeFi revenue aggregator, encountered lightning loan attack, with a loss of about 45 million US dollars in WBNB and BUNNY.
FinNexus, the on-chain option agreement, was suspected of being attacked. As a result, hackers minted 323 million FNX on Ethereum through one address, worth 6 million US dollars, and minted 60 million FNX on BSC, worth 1.6 million US dollars.
Bogged Finance officially stated that hackers carried out lightning loan attack on BOG token contracts, and transaction fees were currently banned.
AutoSharkFinance suffered lightning loan attack, and price collapse occurred with the drop range of more than 99% at one point.
Merlin was suspected of being attacked. It was reported that the project party seemed to have temporarily suspended the minting of MERL tokens.
BurgerSwap was suspected of suffering lightning loan attack, with a theft of 3.3 million US dollars of Burger.
On May 28, JulSwap encountered lightning loan attack, and the drop range of $JULB was more than 95% in a short time.
On May 30, Belt Finance, the AMM protocol that combines multi-strategy revenue optimization on BSC, suffered lightning loan attack.
Comments of Beosin:
Various projects on BSC were hacked frequently in May and suffered heavy losses, which was a wake-up call to BSC, DeFi, and even the entire Blockchain ecosystem. By reviewing the commonalities of typical security incidents in May, it is not difficult to find that the “lightning loan attack” is the main attack method adopted by hackers; What’s more, the amount of attacks is generally large, and at least the losses of 6 projects have exceeded 10 million US dollars.
Here, the security team of Beosin solemnly appeals that follow-up DeFi project parties should pay more attention to safeguard against lightning loan attack. As DeFi project parties, security auditing, security protection, and security reinforcement must not be ignored; when necessary, project parties should link the power of third-party security companies to establish a set of comprehensive and professional risk control measures.
In terms of Crypto Frauds/ Crypto Scams, there were 7 typical security incidents occurred in total:
GEC (Green Entrepreneurship Coin) was driven out and investigated by local government many times. After the currency price plummeted, GEC was exposed again as suspected MLM (Multi-level marketing) .
A fraud team defrauded 100,000 US dollars of virtual assets at SNL (Saturday Night Live).
Someone posing as a member of the Coingecko team deceived the crypto project party, claiming to be able to list tokens on the Coingecko platform when paying.
Carl Pei,the co-founder of OnePlus, his twitter account was hacked and used to promote crypto scams.
The official YouTube account of the Spanish National Guard (Civil Guard) suffered a suspected spear phishing attack and was taken over by XRP scammers. The name of the account was changed to “Ripple-XRP Foundation” and all content was deleted.
The US Office of the Comptroller of the Currency (OCC) issued a warning on recent crypto fraudulent e-mails that it had not sent such messages or held any funds for personal gain.
DeFi100, the decentralized financial protocol based on BSC, was exposed to be a scam. The operator defrauded investors’ money and ran away.
Comments of Beosin:
Although security incidents in terms of DeFi were severe in May, the security threats in terms of Crypto Frauds/ Crypto Scams could not be underestimated. Seven Star Laboratory of Beosin has noticed that recently there have been a number of fund projects under the banner of “DeFi”, which are actually MLM scams. As an investor, remember to keep your eyes open and beware of MLM scams under the banner of “DeFi”!
In terms of Ransomware/ Mining Trojan, there were 3 typical security incidents occurred in total:
Trend Micro, an Internet security software company, found a new type of malware called “Panda”. Researchers said that crypto wallets, like bank accounts, have already become targets of online theft.
Last Friday, Colonial Pipeline paid hackers a ransom of nearly 5 million US dollars. But it was reported in previous coverage that the company did not intend to pay ransom for hackers to help the US pipeline recover.
The Ministry of Health in Waikato, New Zealand, confirmed that the ransomware used in the previous cyberattacks was “Zeppelin”. The director of the Health Ministry did not deny this.
In terms of Others, there were 7 typical security incidents occurred in total:
The ITO contract of Mask Network was attacked by a robot, and the official has put the address on the blacklist.
On May 6, Hpool officially stated that the front end of its official website was suffered DDOS attack, which could not be accessed normally , but the mining service was not affected.
FeiLabs, the development team of FeiProtocol, found and disclosed a vulnerability in the contract, immediately suspending the contract. At present, the vulnerability has not been exploited and would not affect any users.
The National Security Council of Kyrgyzstan (GKNB) cracked down on illegal mining in the capital Bishkek and Chuy region, raiding and seizing 2,000 illegal virtual asset mining equipment.
British police raided a warehouse near Birmingham and found that it was a fairly large Bitcoin mine. The Bitcoin mining machine was illegally driven by electricity separated from the main power, and the equipment has been seized by the police.
A California man admitted to operating an unlicensed remittance business, money laundering and anti-money laundering which fails to operate effectively. He was confiscated by the United States of BTC (18.4 pieces) and ETH (222.5 pieces) worth approximately 1.25 million US dollars.
The core developers of Ethereum found a major error in EIP-1559. At present, developers have added 4 checks to EIP-1559 and fixed the bug.
In view of the current security situation of Blockchain ecosystem, Beosin hereby warmly prompts:
On the whole, the total number of typical security incidents in May increased significantly compared to April. The overall number of incidents exceeded “30”, and the overall security risk rose sharply from LOW to HIGH. Especially in terms of DeFi, a series of hacker attacks, frequent occurrence of security incidents, and financial losses exceeding 300 million US dollars have undoubtedly caused a catastrophic blow to the security order of the entire DeFi ecosystem.
Under the severe situation, the security team of Beosin noticed that after Pancakebunny was attacked by lightning loan, imitation projects such as Merlin and AutoSharkFinance on BSC have also “fallen”. This was enough to show that the FORK projects did not have a deep understanding of the ORIGINAL projects, which introduced new security risks in the process of updating the code.
Defi being an innovative financial model, how to find a balance between “innovation” and “security” on Defi requires Defi project developers to reflect deeply. Here, we recommend that all project parties should do a good job on relevant security protection construction, and keep real-time monitoring on abnormal operations. Find them right away and solve them! Users should also enhance their own security awareness, guard against security risks, and avoid economic losses.