Security in WEB3 - Issue 6 : 11-July-2022
Weekly roundup on Security, Developer, Research and resources in WEB3
Hey Everyone!
Welcome to my sixth issue on Security in WEB3.
If this is the first time you are visiting this newsletter please consider subscribing if you like to read any of the following.
**The total amount of loss shown are approximations and cannot guarantee that those are actual numbers/losses incurred to people/protocol or profit made by the exploiter.**
Permalink for this Issue powered by @OrbisClub
Hacks🤫
Omni, a non-fungible token (NFT) money market platform, drained about 1,300 ETH ($1.43 million) in a flash loan reentrancy attack on Sunday, according to PeckShield.
Crema Finance hacker returns $8M, keeps $1.6M in deal with protocol
Scams😩
'Stolen' Bored Ape and Mutant Ape and other Ethereum NFTs Now Total Over $27.5M
HackerOne a Bug Bounty Platform Employee Abused Internal Access to Steal Bounties
RugPull - Day of Rights DAO, Wit Link, ProjectX, Klein Bottle, Shade Inu, Zoro Inu, Alienverse
A deep dive into a $376k rug pull done by MissUniverse - Thread by @zachxbt
News 📰
The upcoming Nothing Phone (1) will integrate Polygon’s tech for easier mobile access to dapps, games, payments, and more.
Reddit launched more NFT avatars but would call them blockchain-backed “Collectible Avatar”
Decentral Bank fixes a bug that let one user mint 10 trillion USN for just $10
Defi Gaint AAVE team submitted ARC to launch a self-sovereign overcollateralized stablecoin GHO backed by the Aave Protocol collaterals
Developers behind the SHIBA INU tease the launch of their new L2 Blockchain, Stable Coin & Reward Token, and their further roadmap
Buy a “Bored Ape” Now and Pay Later With New “Teller” Service for Ethereum NFTs
Class action lawsuit claims Solana’s SOL is an unregistered security
Uncertainties🙆♂️
Hypernet Labs shuts down shortly after being hit with a fraud lawsuit
Crypto Exchange Blockchain.com Faces $270M loss on their Loans to Three Arrows Capital
Genesis lost hundreds of Millions due to exposure to Three Arrows Capital and Babel Finance
Jason Stone, the founder of the KeyFi company who formerly managed assets for Celsius, filed a complaint against Celsius Network in a New York court, alleging the company was operating as a Ponzi scheme and owes them "a significant sum of money".
The Spanish cryptocurrency platform 2gether suddenly announced that they were "forced to close service for private accounts" due to a "lack of resources and crypto winter" affecting ~100,000 accounts.
Bitstamp cancels plans to charge Inactivity Fee After Users Revolt
Uprise lost 99% of client funds while shorting LUNA during its price crash: SE Daily
CoinFLEX Entering $84 Million Arbitration Against ‘Large Individual Customer’
Discord Compromises💩
10-July-2022:
09-July-2022:
08-July-2022:
06-July-2022 :
Developer resources💻
Subsidized.sol, a modifier to refund the gas cost of calling functions in your contract by @z0r0zzz
This Is the Code the FBI Used to Wiretap the World - @motherboard
Controversial Decentralized Mixer Tornado Cash Makes Its User Interface Open-Source
HTTP library for Solidity by @devan_non and @_apedev
Devs Behind The Merge 😎 Journey of @benjaminion_xyz
The Sliding Window Challenge Process is a solution for network congestion detection.🌐 research report by @ProtoResearch
Journey to understand Zero-Knowledge Proofs by @alexalexakis
A day of web3 education on July 22nd by @austingriffith & @stonecoldpat0
Consider following @0xViking and @securityinweb3
Weekly Spotlight :
This is a section where every week I will highlight one must-follow Twitter account.
“@rugpullfinder“ - 🕵️♂️ Investigating NFT Projects🕵️♂️