According to statistics from the SlowMist Technology Blockchain Hacked Event Library (hacked.slowmist.io/en) , there were 122 blockchain security incidents that were disclosed in the blockchain ecology in 2020: 54 of which were smart contract and token security incidents. There were 29 exchange security incidents, 12 public chain attacks, 12 wallet attacks, and 15 other attacks.
With the implementation of various applications, the security problems caused by blockchain digital assets are generally on the rise. There are various types of digital currency crimes. Theft, fraud, illegal fundraising, money laundering, illegal transactions on the dark web, crimes and other cases are frequent, for various reasons The resulting “black swan” incidents are endless. Through data statistics, we can see that there has been a significant increase in smart contract security incidents this year, and exchange attacks have also accounted for a relatively large proportion. Digital currency fraud, blackmail, and money laundering incidents occur almost every month.
SlowMist will use this article to sort out the major events that have a significant impact on the blockchain security and privacy ecology in 2020, review the details for readers, and attach SlowMist views to each type of event. Although this article is only the tip of the iceberg, it is very representative. Let us get a glimpse of the “extraordinary” of the blockchain ecological world in 2020 through this article.
01 DApp and DeFi security incidents
bZx suffered two lightning loan attacks
On February 15, the DeFi loan protocol bZx was attacked. The attacker completed a flash loan leverage arbitrage transaction across multiple protocols at the same time, resulting in the theft of ETH worth 350,000 US dollars. On February 18, bZx suffered another lightning loan attack. By controlling the price of the oracle machine, the attacker made a profit of 2,388 ETH, or approximately $644,000. (Analysis:SlowMist: Detailed DeFi protocol bZx was hacked twice)
MakerDAO liquidation mechanism is abnormal
On March 12, due to the sharp drop in the price of Ethereum ETH, MakerDAO’s large number of mortgage debt warehouses fell below the liquidation threshold, triggering the execution of the liquidation process. The clearing bot (Keeperbot) that was supposed to be involved in the clearing process set a lower gas value and blocked the bid. A clearer (Keeper) won the auction with a 0DAI bid without competitors.
Uniswap’s ERC777 reentry risk
On April 18th, hackers took advantage of the compatibility problems between the DeFi platform Uniswap and the ERC777 standard to implement a reentry attack on Uniswap. Specifically, the hacker used the tokensToSend callback function of the ERC777 standard for transfers to achieve a reentry attack when trading ETH-imBTC, and the total profit was US$340,000. (Analysis: SlowMist: Detailed explanation of Uniswap’s ERC777 reentry risk)
DeFi platform Lendf.Me long-range reentry attack
On April 19, the Ethereum DeFi platform Lendf.Me secretly re-entered the intrusion attack and lost approximately $25 million. Later, the SlowMist security team assisted in recovering the stolen assets. (Analysis: SlowMist: DeFi platform Lendf.Me hacked detailed analysis and defense suggestions)
Vulnerability in Hegic code causes user assets to be permanently locked
On April 27th, a vulnerability in the Hegic code of the DeFi project caused user assets to be permanently locked by the user. A few hours after the project went live, an error in its code locked the platform’s smart contract worth 28,000 US dollars in user funds. Due to the vulnerability, the funds were locked in an expired contract, making it inaccessible.
Security flaw in Bancor’s new contract
On June 18th, due to the unverified safeTransferFrom () function on the new Bancor Network contract, user funds will be exhausted. The Bancor team stated: 1. A security vulnerability was discovered in the new Bancor Network v0.6 contract released two days ago; 2. After the vulnerability was discovered, the team conducted a white hat attack to transfer funds to a safe address; 3. Smart contract The review has been completed. But 135,229 US dollars of funds were preemptively traded by two unknown arbitrage robots.
Balancer liquidity pool was attacked by hackers twice
On June 29, the liquidity pool of the well-known DeFi platform Balancer was attacked by hackers in a lightning loan attack, resulting in a loss of $500,000. The Balancer liquidity pool was attacked by lightning loans and lost 500,000 US dollars. The two token pools STA and STONK suffered losses on the Balancer. At present, the liquidity of these two token pools has been exhausted. On June 30th, hackers again used dYdX’s lightning loan to attack the COMP trading pairs in the partial liquidity pool of Balancer, and drew away the unclaimed COMP rewards from the pool, and made a profit of 10.8 ETH, which is approximately US$2408. (Analysis: Slow Mist: Detailed analysis of Balancer being hacked for the first time)
Vether (VETH) was hacked
On July 1, VETH suffered a hacker attack on the decentralized exchange Uniswap. Hackers stole 919,299 VETH (worth US$900,000) using only 0.9 ETH. After the attack, VETH officially stated, “The contract was used by the UX improvement placed in transferForm(). This is our fault. We will redeploy vether4 and will compensate all affected Uniswap pledgers.” (Analysis: SlowMist: Analysis of VETH Contract Hacked)
Opyn put options were maliciously exploited by external participants
On August 5, on-chain options platform Opyn disclosed that its Ethereum put options were maliciously used by external participants. Opyn pointed out that all other Opyn contracts except Ethereum put options are not affected by this vulnerability. The attacker doubled the use of oToken and stole the mortgage assets of the put option seller. According to Opyn statistics, a total of 371,260 USDC has been stolen so far. The Opyn team conducted a white hat hacking attack based on the Convexity Protocol and successfully recovered 439,170 USDC from the unpaid vault to further mitigate the loss. (Analysis:SlowMist: Detailed analysis of Opyn contract hacked)
Vulnerabilities in the YAM contract of the DeFi project
On August 13th, the well-known Ethereum DeFi project YAM officially posted on Twitter that it found loopholes in the contract. The price plummeted by 99% within 24 hours, which led to the “permanent destruction” of the governance contract, and the $750,000 Curve token was locked It cannot be used. (Analysis: SlowMist: DeFi YAM, how can a group of people evaporate hundreds of millions of dollars?)
DeFi project YFValue found vulnerabilities in YFV pledge pool
On August 25, the DeFi project YFValue (YFV) officially issued an announcement stating that the team found a loophole in the YFV pledge pool yesterday. Malicious participants used this loophole to reset the YFV timer in pledge separately, and USD 170 million of funds existed. Risk of being locked in. Currently, a malicious participant is trying to blackmail the team using this vulnerability. (Analysis: SlowMist:YFValue, how to lock hundreds of millions of assets in one line of code)
EOS project EMD runs off
On September 9, according to the intelligence of the slow fog area, the EOS project EMD was suspected of running away. Up to now, the project contract emeraldmine1 has transferred 780,000 USDT, 490,000 EOS, and 56,000 DFS to the account sji111111111, and 121,000 EOS has been transferred to the changenow coin laundering platform. The current total market value of the loss: US$2,468,838.
DeFi liquidity mining project “Coral” was attacked
On September 10, the wRAM of the EOS ecological DeFi liquidity mining project “Coral” was attacked by hackers and lost more than 120,000 EOS.
Bantiample team smashed the plate and cashed out
On September 19, the project Bantiample team on the Binance Smart Chain has cashed out 3000 BNB to run away. The main developer of the team has deleted the Telegram account, and the project token BMAP has fallen by more than 90% in a single day.
Ethereum mining project LV Finance project runs off
On September 20th, according to the intelligence of the slow fog area, the Ethereum mining project LV Finance project was suspected to have gone away. In less than an hour, 4 million people were transferred away. The project used fake audit websites and provided false audit information to trick investors Invest and run away when the amount in the fund pool is large enough after a period of time. Currently, the project website lv.finance is no longer accessible.
SushiSwap imitation disk project GemSwap runs off
On September 26, the SushiSwap imitation project named GemSwap was exposed and LP was taken away. The query found that the project posted a tweet at around 15:00 and revealed that it was attacked by the developer of “whatitdobb”. It is understood that the project completed the liquidity migration earlier, but the developer who initiated the attack received the The relevant permission can take away the tokens in the liquidity pool. It is not yet clear the specific losses caused by this attack.
Eminence (EMN) suffered a lightning loan attack
On September 29th, Eminence (ENM), a game project just launched by yearn.finance founder Andre Cronje, suffered a lightning loan attack. Hackers returned $8 million in funds to the yearn deployer contract. The official will redistribute the attacked USD 8 million.
DeFi Saver exchange vulnerability caused 310,000 DAI to be stolen
On October 8, imToken, a decentralized wallet, tweeted that users reported that 310,000 DAI had been stolen, which was related to the DeFi Saver Exchange vulnerability. DeFi Saver responded that the stolen funds are still safe and are contacting the victimized user. Up to now, all funds have been returned to the victimized users. (Analysis: SlowMist: How was the 310,000 DAI of DeFi Saver users stolen?)
Ethereum project WLEO contract was hacked
On October 11, the WLEO contract of the Ethereum project was hacked, resulting in the theft of $42,000 worth of funds. The hackers stolen Ethereum from the pool of the decentralized exchange Uniswap by casting WLEO to themselves and replacing it with Ethereum .
Harvest.finance was attacked by lightning loan and was huge arbitrage
On October 26, a user discovered that the DeFi mining project Harvest.finance was used to achieve huge arbitrage by using the lightning loan function. Harvest’s official tweet explained that the arbitrage attack originated from a huge flash loan and manipulated the price of Curve y Pool multiple times to arbitrage the price difference between fUSDT and fUSDC to make profits. (Analysis:SlowMist: A brief analysis of Harvest.Finance’s hack )
SharkTron Anonymous Developer Runs
On November 10th, Daniel Wood, the anonymous developer of the DeFi project based on the Tron blockchain and the JustSwap whitelist project SharkTron, ran away. Although the specific loss is not clear at present, Twitter users reported that 366 million to 400 million TRX were lost. (Worth about 10 million US dollars).
The Akropolis contract has been repeatedly attacked
On November 13, hackers used the storage asset verification flaw of the Akropolis project to launch multiple consecutive reentry attacks on the contract, causing the Akropolis contract to issue a large number of pooltokens out of thin air without new asset injection, and then reuse it. These pooltokens withdrew DAI from the YCurve and sUSD pools, resulting in the loss of 2.03 million DAI in the project contract. Analysis: SlowMist: DeFi protocol Akropolis reentry attack brief analysis)
Value DeFi protocol is attacked by lightning loan
On November 15, the Value DeFi protocol was attacked by a flash loan on Saturday. It is reported that the attacker borrowed 80,000 ETH from the Aave protocol and executed a lightning loan attack to carry out arbitrage between DAI and USDC. After exploiting the $7.4 million DAI, the attacker refunded $2 million to Value DeFi and retained $5.4 million. Subsequently, the Value DeFi team tweeted to confirm that its MultiStables vault was “a complex attack with a net loss of 6 million US dollars. (Analysis: SlowMist: A brief analysis of Value DeFi protocol lightning loan attacks)
Cheese Bank was attacked and lost $3.3 million
On November 16, Cheese Bank, a decentralized autonomous digital banking platform based on Ethereum, suffered a loss of USD 3.3 million due to a hacker attack. Hackers conducted a series of malicious lending operations on platforms such as dYdX and Uniswap by using an automatic market maker (AMM)-based oracle machine, resulting in a total of over US$3.3 million in losses, including US$2 million in USDC.
OUSD suffers from lightning loan + reentry attack
On November 17, the DeFi protocol Origin Protocol stablecoin OUSD was attacked. The attacker used dYdX’s lightning loan to carry out a reentry attack, resulting in the loss of 7.7 million USD worth of ETH and DAI. (Analysis:SlowMist: OUSD lost 7 million US dollars technical analysis )
Pickle Finance unaudited contract vulnerability exploited
On November 22, the DeFi project Pickle Finance (Pickled Cucumber), a DeFi project praised by V God, lost nearly US$20 million in DAI due to a hacker attack on an unaudited newly created smart contract vulnerability. (Analysis:SlowMist: Demystifying the Black Process of Pickle Finance)
Compound’s price feed error caused $ 90 million in assets to be liquidated
On November 26, Compound’s $90 million assets were liquidated. Hongbo, the founder of Debank, said that the huge liquidation event of Compound was actually caused by the dramatic fluctuation of the DAI price of the oracle data source Coinbase Pro. By manipulating the information source that the oracle relies on, short-term price manipulation can be achieved to mislead the chain. price.
Sushi Swap was attacked by liquidity providers
On November 30th, according to the intelligence of the slow fog area, Sushi Swap, the Ethereum AMM token exchange protocol, was attacked by a liquidity provider and lost approximately $15,000. (Analysis: SlowMist: A Brief Analysis of the Sushi Swap Attack)
Warp Finance encounters lightning loan attack
On December 18, Warp Finance, the DeFi protocol for liquid LP token mortgage lending, suffered a lightning loan attack, and about 8 million US dollars were stolen. Later, Warp Finance issued a statement regarding the lightning loan attack. It is said that lightning loan attackers can steal up to US$7.7 million worth of stablecoins, but the Warp Finance team has formulated a plan to recover approximately US$5.5 million worth of stablecoins still in the mortgage vault. The US$5.5 million will be The proportion is distributed to users who have suffered losses. (Analysis:SlowMist: Warp Finance is hacked in detail)
Cover contract vulnerability was hacked
Twitter netizens stated that Cover Protocol lost $3 million due to a loophole in the award contract. In addition, the data on the chain shows that attackers (0xf05Ca…943DF) have used the Cover contract to issue a total of about 10,000 COVER, and have replaced them with assets such as WBTC and DAI. The latter block explorer showed that the attacker (address label Grap Finance: Deployer) who made a profit of 3 million US dollars by issuing additional COVER returned 4350 ETH to the address label YieldFarming.insure: Deployer. Cover Protocol officially tweeted announcing that it will provide a new COVER token based on the snapshot before the vulnerability was abused. And the 4350 ETH returned by the attacker will also be returned to the LP token holder through the snapshot process. The official said that it is still under investigation and do not buy COVER. (Analysis: SlowMist: A brief analysis of the Cover protocol being hacked)
SlowMist View: Due to the popularity of DeFi projects, phishing attacks against DeFi projects have become more frequent and more advanced. Investors should pay attention to project risks when investing in projects. They should pay attention to whether the smart contracts used on the platform are open source, whether the platform itself has security audits, and whether there are problems with smart contracts. At the same time, any DeFi project should be fully approved by a professional security team before going online. audit.
02 Exchange Security Incident
Altsbit exchange closed after attack
On February 5th, the Italian cryptocurrency exchange Altsbit’s server storing the private keys of the hot wallet was hacked, resulting in the loss of 6.929 Bitcoins, 23 ETH, and other amounts of cryptocurrencies. Subsequently, the exchange announced its closure on May 8. .
VBITEX exchange was hacked
On February 17, the VBITEX trading platform announced that it was hacked, causing platform data to be maliciously tampered with and virtual assets stolen.
Cryptocurrency exchange Bisq stolen
On April 9, the cryptocurrency exchange Bisq was stolen. The attacker used a flaw in the Bisq transaction protocol to steal transaction funds for a single transaction. The 7 victims lost a total of 3 BTC and 4,000 XMR.
LMEX Stock Exchange was hacked
On May 27, the LMEX Stock Exchange’s community issued a notice on the adjustment of exchange operations, stating that the platform was hacked and stolen and lost 150,000 USDT, which made the platform not low in debt. The deposit and withdrawal has been closed.
Cryptocurrency exchange Cashaa was stolen
On July 12, the British cryptocurrency exchange Cashaa stated that hackers had stolen more than 336 bitcoins from one of the wallets. Currently, the exchange has stopped all crypto-related transactions.
Spanish cryptocurrency payment app 2gether stolen
On July 31, the Spanish cryptocurrency payment application 2gether announced that it had stolen US$1.4 million by hackers.
Empire Market closes operations after fraudulently obtaining funds
On August 30, Empire Market, a well-known dark web market, closed its operations. When it exited, the website defrauded 1.3 million users of approximately 2638 bitcoins, worth nearly 30 million U.S. dollars.
Some hot wallets of European exchange ETERBASE were stolen
On September 8, the European crypto exchange ETERBASE encountered a hacker attack, resulting in the theft of some hot wallets, including BTC, ETH and ERC-20 tokens, XRP, TRX, XTZ and ALGO. Lost more than $5 million in assets. Among them, ETH and ERC-20 token addresses lost the most funds, reaching about 3.9 million U.S. dollars, followed by XTZ addresses with a loss of about 471,000 U.S. dollars.
KuCoin exchange was hacked
On September 26, the KuCoin exchange was hacked and a large number of ETH and ERC20 tokens were transferred, including 11,486 Ethereum, 19,788,586 USDT, 525,405 Gladius (GLA), 77,874 Hawala (HAT), 21,660,274 Ocean Token (OCEAN), 8,893,428 Chroma (CHR), 30,452,178 Ampleforth (AMPL), 198,678,919 Ankr Network (ANKR), etc. Since then, the hacker’s runaway funds have been jointly blocked by various major exchanges.
Liquid data breach
Mike Kayamori, CEO of the cryptocurrency exchange Liquid, posted a notice on the official website that a data leakage security incident occurred on the exchange on November 13. A domain hosting provider that manages a core domain name mistakenly transferred control of the account and domain name to a malicious intruder, allowing it to change DNS records, thereby controlling a large number of internal email accounts, and being able to partially damage the exchange’s Infrastructure and gain access to stored documents.
Major security breach in British exchange Exmo
On December 21st, a major security breach occurred in the British cryptocurrency exchange Exmo, which caused the platform to freeze all withdrawals. According to research analysts at The Block, EXMO seems to have lost $10.5 million in funds.
Russian trading platform Livecoin was attacked
On December 24, the Russian cryptocurrency trading platform Livecoin was hacked, and the price of the tokens on the platform was manipulated.
SlowMist View: The exchange has a huge amount of funds, and it is easy to attract hackers. Once a problem occurs, almost all users will be affected, and the exchange should increase prevention. Simultaneously. Hackers will also maliciously invade exchanges to make profits from data leakage. The platform should take all security measures in the early architecture design to avoid such information leakage incidents. In addition, there are some malicious behaviors that the platform party runs away from thunder. After all, humanity cannot stand the test of money.
03 Public chain security incident
Bitcoin Gold suffered two 51% attacks
On January 28, Bitcoin Gold suffered two 51% computing power attacks, and both recharge transactions to exchanges were cancelled, involving about 1,900 BTG and 5267 BTG, which was close to 90,000 US dollars.
Cocos-BCX mapping wallet information was stolen
On April 3, Cocos-BCX verified with the exchange and internal investigations, due to the malicious theft of the mapping wallet information, asset loss and malicious selling occurred. After verification and confirmation with the exchange, the total amount of tokens stolen this time is 1,087,522,819.2 COCOS, and the exchange confirmed that the total amount has been sold.
Filecoin code vulnerabilities can achieve unlimited Filecoin issuance
On May 28th, the pomegranate mining pool technicians discovered a serious loophole in the Filecoin code, through which Filecoin can be increased unlimitedly. The pomegranate mining pool stated that in order to prove the validity of the vulnerability, 6 Block’s three miner accounts t01043, t027999, and t0234783 have achieved 1.6 billion Filecoin issuance through the vulnerability, occupying the top three of the Filecoin rich list.
Vulnerabilities in the Ravencoin (RVN) blockchain
On July 3, the CryptoScope team discovered a vulnerability in the Ravencoin (RVN) blockchain, and an emergency update was released after confirmation by the rvn chief development team. It is reported that this vulnerability can generate additional RVN, but will not affect or control existing RVN assets. Because the vulnerability caused the total RVN to be 1.5% more than the original plan, and the RVN generated by the vulnerability has already flowed into the market, it is impossible to perform operations such as rollback.
ETC suffered three large-scale attacks in a row
On August 1, Bitfly tweeted that the ETC blockchain had undergone a chain reorganization of 3693 blocks at a block height of 10904146. This causes all state construction nodes to stop synchronizing. The ETC chain did not produce blocks for nearly 6 hours, and then the block production returned to normal. On August 6, Bitfly officially tweeted that today ETC encountered another large-scale 51% attack. The attack has resulted in the reorganization of more than 4000 blocks. The report shows that the initiator of this attack and the initiator of the first attack were the same miner. The attackers profited at least $1.68 million from this attack. On August 30th, Bitfly officially tweeted that today ETC encountered another large-scale 51% attack, which resulted in the reorganization of more than 7,000 blocks, which is equivalent to about two days of mining time. All lost blocks will be removed from the unexpired balance and it will check all payouts to find lost transactions.
Chainlink node operator was attacked by spam
On September 5th, nine Chainlink node operators were hit by a so-called “spam attack”. The attackers obtained approximately 700 ETH from their “hot wallet”.
Grin network was 51% attacked
On November 10th, the Grin network was recently attacked by 51%. An unknown entity controlled more than 57% of network computing power on Saturday.
Aeternity (AE) was attacked by 51%
On December 8, Aeternity’s official Twitter confirmed that Aeternity (AE) was attacked by a hacker 51% yesterday. According to core members of the Aeternity community, the 51% attack caused a loss of more than 39 million AE tokens. The official team is To solve the problem, the main damages are exchanges and mining pools. Exchanges are concentrated in OKEx, Gate, and Binance.
SlowMist View: Once the public chain has a loophole, it will affect the entire chain, so the public chain must go through a professional security audit before going online. It is recommended that the public chain team cooperate with a credible and professional security team to deploy security recommendations tailored to local conditions to enhance the security dimension.
04 Wallet security incident
Electrum suffered multiple phishing attacks
On January 19th, Electrum suffered a “phishing” behavior. On August 30, GitHub user “1400 BitcoinStolen” stated that his huge amount of Bitcoin had disappeared in a hacker attack. The user is using the Bitcoin wallet Electrum software. The user has not safely updated this software, so when he transfers bitcoins, he prompts to update and fix potential problems, but when he operates according to the prompts, the software uses a vulnerability to connect On the hacker’s server, 1,400 bitcoins (worth 16 million US dollars) were deposited into the hacker’s wallet. On October 12, a ZDNet investigation revealed that hackers stole 22 million U.S. dollars from users of Bitcoin wallet Electrum by inducing users to install fake software updates. And this technique was highest in 2018. Since this attack was first discovered two years ago, the Electrum team has taken some steps to prevent it. But this attack still applies to users who use older versions of the application.
Vulnerability in Trinity, the official IOTA wallet app
On February 12, hackers used a loophole in IOTA’s official wallet application Trinity to steal funds, and the official announced the closure of the entire network.
EtherCrash cold wallet stolen
On October 30th, AlonGal, the chief technology officer of the cybercrime intelligence company HudsonRock, tweeted that on October 27th, the cold wallet that claimed to be “EtherCrash, the most mature and largest gambling game on Ethereum,” was stolen, with a loss of approximately US$2.5 million. By insiders.
Ledger data breach
On December 21, a database containing personal information of more than 270,000 Ledger customers was leaked on RaidForums. The leaked information included the emails, physical addresses, and phone numbers of Ledger hardware wallet purchasers. RaidForums is a marketplace for buying, selling, sharing and sharing hacked information. The leaked Ledger information was caused by a data breach in June this year and contained emails from more than 1 million Ledger customers. Ledger CEO subsequently stated that it would not provide compensation to users who suffered data breaches.
SlowMist View: When choosing a wallet, users try to choose an internationally renowned and first-class wallet. At the same time, pay attention to whether the code of the wallet App is open source, whether the code has been security audited, whether there is a CSO or security officer in the team, these may affect the wallet Is safety guaranteed during continuous iteration and upgrade? At the same time, as a user, you must download the App from the official website of the wallet to avoid mistakenly entering the phishing website to download the wallet App with the backdoor implanted.
05 Other types of security incidents
SIM card hacked and stolen
On February 22, the Josh Jones SIM card, the founder of Bitcoin Builder and the second largest creditor of Mt.Gox, was hacked, resulting in the theft of digital currency worth $45,000,000.
Trident Crypto Fund was attacked resulting in data breach
On March 5th, the Trident Crypto Fund, a crypto fund, was hacked and the data of 266,000 users was leaked.
Cryptocurrency mining organization BitClub Network telecom fraud
On July 10, according to an announcement issued by the Federal Attorney General of New Jersey, the programmer Silviu Catalin Balaci admitted to participating in the establishment of the cryptocurrency mining organization BitClub Network, conducting telecom fraud and selling unregistered securities. Balaci confirmed that in the five years of the implementation of the plan, BitClub defrauded investors of at least $722 million in Bitcoin.
Multiple Twitter accounts were hacked
In the early morning of July 16, the Twitter accounts of many celebrities and politicians and some companies were hacked. These Twitter accounts all released information about digital currency phishing scams. However, these phishing messages were deleted a few minutes after being posted. So far, the scammers have received a total of 12.86 bitcoins.
CWT was hijacked and agreed to pay Bitcoin
On August 1, CWT, the fifth largest travel company in the United States, agreed to pay $4.5 million worth of bitcoin to hackers who hijacked its computer system.
Israeli manufacturer of wireless chips and camera sensors was attacked by ransomware
On September 7, hackers carried out a ransomware attack on Tower Semiconductor Ltd (TSEM), a manufacturer of wireless chips and camera sensors listed on the Israeli Nasdaq, and demanded a ransom of hundreds of thousands of dollars in Bitcoin. For safety reasons, TSEM shut down some running servers and suspended production in some factories.
Foxconn attacked by ransomware
On December 8, Foxconn was attacked by ransomware, which briefly caused problems in its production facilities in Mexico and resulted in the theft of data. In response, Foxconn responded that its factories in the Americas have indeed been attacked by cyber ransomware recently. At present, its internal information security team has completed software and operating system security updates, while improving the level of information security protection. At the same time, the affected factories are restoring the network, which has little impact on the group’s overall operations.
The personal address of the founder of DeFi insurance agreement Nexus Mutual was attacked
On December 14, DeFi insurance agreement Nexus Mutual stated on Twitter that the personal address of its founder Hugh Karp was attacked by a platform user, stolen 370,000 NXM and lost more than 8 million US dollars. Officials stated that this was a targeted attack. Only Karp’s address was affected, and Nexus Mutual or other members had no subsequent risks. According to the official, Karp used a hardware wallet. The attacker obtained remote access to his computer and modified the wallet plug-in MetaMask to trick him into signing the transaction and transferring the funds to the attacker’s own address.
OneCoin cryptocurrency Ponzi scheme
On December 14, the Procuratorate of Cordoba, Argentina prosecuted 12 scammers involved in the OneCoin cryptocurrency Ponzi scheme and ordered their arrests last Thursday. Eight of them have been arrested. It was previously reported that the OneCoin Ponzi scheme caused related investors to suffer a total of US$4.4 billion in financial losses from their investment in the project from April 2014 to March 2018.
SlowMist View: The market has become hot recently, followed by an endless stream of blackmail, fraud, pyramid schemes, and phishing incidents. The situation of various types of attacks on platforms or individuals is grim, and a large number of individuals have lost millions to tens of millions of dollars at present! Please be vigilant , strengthen your own security awareness, be sure to enable secondary authentication (SMS or GA, email verification code is not recommended) , and keep all types of private information carefully.
2020 was a year of ups and downs, the epidemic Black Swan, Bitcoin recover from lows near 3.12 and in the event of rose close to record highs, liquidity mining DeFi prosperity and rapid growth of landing and so on. Blockchain is not only unknown, but also full of possibilities. I hope that the new year of blockchain will burst with greater energy and create a more diversified industry. SlowMist will also live up to your expectations and continue to escort the ecological safety of the blockchain!
PS:MistTrack tracking service has been fully launched, please contact team@slowmist.com if necessary.
About us
SlowMist Technology is a company focused on blockchain ecological security. It was founded in January 2018 and is headquartered in Xiamen. It was founded by a team with more than ten years of front-line network security attack-defense experiences, and the team members have created the security project with world-class influence. SlowMist Technology is already a top international blockchain security company, served many global well-known projects mainly through “the security solution that integrated the threat discovery and threat defense while tailored to local conditions,” including: cryptocurrency exchanges (such as Huobi, OKEx, Binance, etc.), cryptocurrency wallets (such as imToken, RenrenBit, MYKEY, etc.), smart contracts (such as TrueUSD, HUSD, OKUSD, etc.), DeFi projects (such as : JUST, BlackHoleSwap, DeFiBox, etc.), the underlying public chain (such as EOS, OKChain, PlatON, etc.), there are nearly a thousand commercial customers, customers distributed in more than a dozen major countries and regions.
