SlowMist Monthly Security Report: November Estimated Losses at $86.24 Million
Overview
In November 2024, the total losses from Web3 security incidents amounted to approximately $86.24 million. According to the SlowMist Hacked Database, 21 hacking incidents were recorded, resulting in losses of approximately $76.86 million, of which $25.5 million was recovered. The primary causes of these incidents included smart contract vulnerabilities, account compromises, and price manipulation.
Additionally, data from the Web3 anti-phishing platform Scam Sniffer revealed that 9,208 victims fell prey to phishing attacks in November, incurring a total loss of $9.38 million.
Key Incidents
1. MetaWin
- Date: November 4, 2024
- Loss: Over $4 million
- Details: Blockchain detective ZachXBT reported that the crypto gambling platform MetaWin was compromised on both Ethereum and Solana. The attackers exploited MetaWin’s frictionless withdrawal system, gaining unauthorized access to the platform’s hot wallets.
2. DeltaPrime
- Date: November 11, 2024
- Loss: $4.75 million
- Details: The DeFi protocol DeltaPrime was exploited on Avalanche and Arbitrum due to insufficient input validation in its reward claiming mechanism.
3. Thala
- Date: November 15, 2024
- Loss: $25.5 million (partial recovery)
- Details: The Aptos-based DeFi project Thala was attacked via a smart contract vulnerability, leading to significant losses. The project team froze $11.5 million in assets and, after negotiations, recovered the funds, allowing the attacker to retain $300,000 as a bounty.
4. DEXX
- Date: November 16, 2024
- Loss: $21 million
- Details: Several users of the on-chain trading terminal DEXX suffered losses due to an ongoing attack. The SlowMist security team identified 8,612 attacker addresses on Solana, with EVM-based addresses to follow.
5. Polter Finance
- Date: November 17, 2024
- Loss: $12 million
- Details: The Fantom-based DeFi project Polter Finance fell victim to a flash loan attack that drained BOO token reserves and manipulated token pricing. Efforts to negotiate fund recovery via on-chain messaging and reports to Singaporean authorities remain unresolved.
Analysis and Recommendations
Incident Trends
- The number and scale of incidents decreased compared to the previous month, indicating progress in industry security measures.
- Smart contract vulnerabilities remained the leading cause, accounting for 39% of total losses ($30 million across 7 incidents). Regular security audits and proactive threat monitoring are essential for protecting assets.
Emerging Threats: AI Supply Chain Attacks
- A new trend observed this month involved AI poisoning attacks, where compromised AI-generated code was leveraged in the crypto industry. Developers relying on AI tools should ensure rigorous code review, and all implementations must undergo comprehensive testing before deployment.
- Strengthening supply chain security, including evaluating third-party tools and services, is critical to mitigating risks.
For further details on blockchain security incidents, visit the SlowMist Hacked Database.
About SlowMist
At SlowMist, we pride ourselves on being a frontrunner in blockchain security, dedicating years to mastering threat intelligence. Our expertise is grounded in providing comprehensive security audits and advanced anti-money laundering tracking to a diverse clientele. We’ve established a robust network for threat intelligence collaboration, positioning ourselves as a key player in the global blockchain security landscape. We offer tailor-made security solutions that span from identifying threats to implementing effective defense mechanisms. This holistic approach has garnered the trust of numerous leading and recognized projects worldwide, including names like Huobi, OKX, Binance, imToken, Crypto.com, Amber Group, Klaytn, EOS, 1inch, PancakeSwap, TUSD, Alpaca Finance, MultiChain, and Cheers UP. Our mission is to ensure the blockchain ecosystem is not only innovative but also secure and reliable.
We offers a variety of services that include but are not limited to security audits, threat intelligence, defense deployment, security consultants, and other security-related services. We also offer AML (Anti-money laundering) solutions, Vulpush (Vulnerability monitoring) , SlowMist Hacked (Crypto hack archives), FireWall.x (Smart contract firewall) , Safe Staking and other SaaS products. We have partnerships with domestic and international firms such as Akamai, BitDefender, FireEye, RC², TianJi Partners, IPIP, etc.
By delivering a comprehensive security solution customized to individual projects, we can identify risks and prevent them from occurring. Our team was able to find and publish several high-risk blockchain security flaws. By doing so, we wish to help spread awareness and raise the security standards in the blockchain ecosystem.