On December 3rd, 2021, the SlowMist identified a sophisticated phishing attack on the Gnosis Safe Mutisig in the Habitat team fund. This is our brief analysis of the situation so far.

Relevant Information

Hacker’s first address: Habitat Multsig Drainer Fund Supplier 0x62a51ad133ca4a0f1591db5ae8c04851a9a4bf65

Hacker’s second address : Habitat Multsig Drainer 0x26a76f4fe7a21160274d060acb209f515f35429c

Fake Gnosis…

On October 27, 2021, Cream Finance suffered another attack loss of approximately US$130 million. The SlowMist security team immediately intervened in the analysis and shared its brief analysis as follows.

The root cause of the attack

The contract of this attack is to use the flaws in the Cream lending pool to obtain the price of…

Timelines

  • 2021/09/22 18:00 UTC+8, Post updates
  • 2021/09/22 11:00 UTC+8, First published

Background

On September 21, 2021, Vee Finacne was attacked and contract funds were stolen.

Project Description

Vee Finance is a lending protocol that is mainly forked from Compound Protocol and add leveraged trading logic on this basis. Users can obtain loan vouchers through…

According to the intelligence of the SlowMist Zone, on September 12, 2021, the Zabu Finance project on Avalanche suffered flashloan attack.

  1. The attacker first created two attack contracts, then swapped WAVAX into SPORE tokens through attack contract 1 in Pangolin, and deposited the obtained SPORE tokens to ZABUFarm contract, to…

SlowMist

Focuses on Blockchain Ecosystem Security, have served over 1k+ customers.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store