Inventory | More than 22 typical security incidents occurred in November

BEOSIN
4 min readDec 1, 2021

It’s time for another monthly security inventory! Beosin Eagle-Eye shows that in December 2021, various security incidents still occur from time to time. According to BEOSIN’s statistics, more than ‘22’ typical security incidents in occurred November.

On the whole, the number of blockchain security incidents in November is not much different from that in October, and the overall number of security incidents is still at a high risk level. In addition, many speculators and fraudsters began to take advantage of the public’s knowledge blindness about blockchain to concoct scams, coupled with large number of people, wide spread of region and high amount of money involved, thus leading to a high amount of security incidents and causing serious economic losses in this field.

In terms of Defi, there were ‘6’ typical security incidents

№1 VesperLendbeta, the 23rd lending pool on the DeFi protocol RariFuse, was attacked by attackers who ultimately made $3 million in profits.

№2 The private key breach deployed by bZx on Polygon and Coin Smartchain (BSC) has resulted in over $55 million in stolen assets to date.

№3 The asset bridge launched by the cross-chain protocol Synapse Protocol is suspected to be vulnerable, and attackers managed to manipulate the nUSD price and profit from it by about $8 million.

№4 Stablecoin trading protocol Curve lost nearly $30–40 million due to a governance attack on the USDM stablecoin protocol Mochi.

№5 Ploutoz Finance, a BSC on-chain lending protocol, was attacked and hackers made $365,000 in profit.

№6 MonoX is suspected of flash loan attack, with a loss about $31 million.

In terms of fraudulent runaways/crypto scams, there were ‘12’ typical security incidents

№1 On November 1, Squid Game Token developer is suspected to have sold 70 million Tokens and then ran away, making a profit of $11.9 million.

№2 In early November, Police of Henan, China broke up the first national case of a criminal gang using digital RMB for money laundering and arrested 11 gang members in Fujian Province.

№3 On Nov. 06, Chinese authority arrested 31 members of the Star Alliance Network (IPFS) pyramid scheme criminal gang and seized about 400 million yuan of virtual coins.

№4 On November 20, police of Jiangsu, China disclosed a mega network pyramid scheme case in which the suspects developed more than 110,000 members nationwide since 2019 by building a network virtual currency investment platform, and the funds involved amounted to 1 billion yuan. At present, the case is still under further trial.

№5 Israeli police arrested eight suspects for allegedly stealing tens of millions of shekels in a cryptocurrency fraud scheme.

In terms of ransomware/mining Trojans, there were ‘2’ typical security incidents

№1 Nov. 10 — European electronics media MediaMarkt is investigating a Hive ransomware attack launched Sunday night in which the attackers demanded millions of dollars in ransom in Bitcoin.

№2 Nov. 25 — An attacker is using the Babadeda encryption program on Discord to hide malware targeting the crypto, NFT and DeFi communities.

In terms of dark net, there was ‘1’ typical security incident

№1 South Australian police seize $700,000 worth of cryptocurrency in dark web drug bust. The drug dealers are due to stand trial next year and remain in custody after being charged with multiple offences.

In terms of other areas, there were ‘8’ typical security incidents

№1 On November 1, Venezuelan authorities seized more than 100 mining machines operating illegally in a residential area of Miranda, Venezuela.

№2 On November 4, police of Dongguan, China investigated and dealt with a cryptocurrency mining case, seizing more than 260 mining machines.

№3 On the night of Nov. 6, Farmers World, a farm-type chain game, had a coin theft incident, and the amount stolen from Chinese players was rumored to be over 100 million RMB.

№4 On November 12, the crooks used fake websites to lure users to download the app that stole the mnemonic, and the current stolen assets of users were 160,000 USDT.

№5 On November 19, the Discord server of the sci-fi NFT game Phantom Galaxies was hacked.

№6 An executive of Bosecoin, the first South Korean company to conduct an ICO, was sentenced to prison for stealing a large amount of Bitcoin (BTC) stored by the company.

№7 Nov. 19 — A Canadian teenager was arrested for allegedly stealing about $36.5 million worth of cryptocurrency.

№8 Nov. 20 — A man was sentenced to three years in prison for running an unauthorized business that traded at least $13 million in bitcoin and cash.

Note

In light of the current situation of blockchain security, BEOSIN hereby concludes:

In recent years, there has been an outbreak of security incidents in terms of ransomware/mining Trojans, and the occurrence of this type of security incident usually causes a global ripple effect. In addition, users and investors should be more vigilant and careful in investment products and projects, do not to follow blindly of the trend. It is recommended to strengthen one’s own awareness of security and fraud prevention, carefully distinguish relevant news on the Internet, and do not fall into the trap of fraudsters.

--

--

BEOSIN

Blockchian Security · IDE · Beosin-VaaS · Formal Verification · SAS | China leading enterprise in blockchain security field