温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.bee.com/ar/37639.html
点击访问原文链接

A review of the top ten most influential Web3 attacks in 2024 | Bee Network

进入原网站 导航首页
A review of the top ten most influential Web3 attacks in 2024 | Bee Network Login الأخبار الشائعة منصة إطلاق ميمي وكلاء الذكاء الاصطناعي ديسي مستكشف السلسلة الأعلى لنوبي 100x عملات معدنية لعبة النحل المواقع الأساسية يجب أن يكون لديك التطبيق مشاهير التشفير ديبين الناشئين الأساسية كاشف الفخ الأدوات الأساسية المواقع المتقدمة التبادلات أدوات NFT أهلاً، خروج عالم الويب 3 ألعاب تطبيق خلية نحل منصة النمو إعلان يبحث إنجليزي إعادة شحن العملات تسجيل الدخول تحميل ويب 3 يوني ألعاب تطبيق خلية نحل إعلان بيتتحليل•A review of the top ten most influential Web3 attacks in 2024 A review of the top ten most influential Web3 attacks in 2024تحليلمنذ 1 سنة (2024)جديدوايت 41٬4292 96 المصدر الأصلي: Beosin

In 2024, the blockchain industry is facing increasingly severe security challenges while innovating technology and expanding its ecosystem. According to the Alert platform of security audit company Beosin, as of press time, the total losses in the Web3 field in 2024 due to hacker attacks, phishing scams and project party Rug Pulls reached US$2.491 billion.
These incidents not only exposed technical defects such as private key management and smart contract vulnerabilities, but also highlighted the potential risks of social engineering and internal management. This article will review the top ten Web3 security incidents in 2024 to help the industry learn lessons from them and better deal with future security threats.

No.1 DMM Bitcoin
Amount of loss: $304 million

Attack method: private key leakage

On May 31, 2024, DMM Bitcoin, a long-established تشفيرcurrency exchange in Japan, suffered a historic attack. The attacker used the leaked private key to directly transfer more than $300 million worth of Bitcoin and quickly dispersed the stolen funds to more than 10 different addresses. This attack exposed DMM Bitcoins serious تحديciencies in private key management and multi-layer security protection. Although the exchange tried to track the hacker through on-chain monitoring and freezing funds, the stolen Bitcoin was dispersed and transferred and cleaned using mixing tools, which brought great challenges to tracking.

On December 24, Japanese police determined that the DMM Bitcoin theft was the work of the North Korean hacker group Lazarus Group. For a detailed analysis of Lazarus Groups past attacks and fund laundering, please read The Most Bold Cryptocurrency Theft Gang in History, Analysis of Money Laundering by the Hacker Group Lazarus Group .

No.2 PlayDapp

Amount of loss: $290 million

Attack method: private key leakage

On February 9, 2024, PlayDapp suffered a heavy blow. Hackers minted 2 billion PLA tokens with an initial value of $36.5 million by stealing private keys . As negotiations between the project and the hackers failed, the hackers further minted 15.9 billion PLA tokens worth $253.9 million in a short period of time. After some of these tokens flowed into the Gate exchange, PlayDapp was forced to suspend the PLA contract and migrate to the PDA token contract. This incident highlights the shortcomings of blockchain projects in private key protection و incident emergency response .

No.3 WazirX Amount of loss: $235 million

Attack methods: Cyber attacks and phishing

On July 18, 2024, the Safe Wallet multi-signature wallet of WazirX, Indias largest cryptocurrency exchange, was precisely attacked by hackers. The attacker used social engineering to induce the multi-signature signer to sign a contract upgrade transaction, and then used the upgraded contract permissions to transfer all the assets in the wallet. This case highlights the potential risks of multi-signature wallets in terms of management authority configuration and operational transparency, and has also triggered in-depth reflection within the industry on the internal risk control and security mechanisms of the project.

For a detailed analysis of the incident and fund tracking, please read Beosin | Analysis of the $235 million theft from Indian exchange WazirX .

No.4 Gala Games Amount of loss: $216 million

Attack method: Access control vulnerability

On May 20, 2024, a privileged address of Gala Games was hacked. The attacker minted 5 billion GALA tokens at one time by calling the mint function in the token contract. Subsequently, the hacker exchanged the additional tokens for ETH in batches, directly causing a loss of 216 million US dollars. After the incident, the Gala Games team urgently activated the blacklist function to block some hacker accounts and recovered the losses through legal channels.

No.5 Chris Larsen (Ripples co-founder) Amount of loss: $112 million

Attack method: private key leakage

On January 31, 2024, four personal wallets of Chris Larsen, co-founder of Ripple, were hacked, resulting in the theft of $112 million in XRP. These wallets were suspected to have become targets of attack due to the lack of dual protection of hardware devices. After the incident, Binance successfully froze $4.2 million worth of XRP and assisted Larsen in tracking the stolen assets, but most of the funds had been laundered through decentralized exchanges and currency mixing services.

No.6 Munchables Amount of loss: $62.5 million

Attack method: social engineering attack

On March 26, 2024, Munchables, a Web3 game platform based on Blast, suffered a rare internal penetration attack. The attacker was a North Korean hacker disguised as a blockchain developer, who obtained the core code and sensitive keys through long-term lurking. Although the attack caused huge losses, due to pressure from the community and the team, the hacker eventually returned all the stolen funds. This incident reveals the importance of supply chain security, especially for blockchain projects that rely on third-party development.

No.7 BtcTurk Amount of loss: $55 million

Attack method: private key leakage

On June 22, 2024, Turkeys largest cryptocurrency exchange, BtcTurk, was attacked by a private key leak, losing more than $55 million in crypto assets. With the assistance of the Binance team, $5.3 million of the stolen funds were successfully frozen, but other assets have not yet been recovered. This incident has deepened the markets concerns about the private key management of centralized exchanges.

BtcTurk officially releases an attack announcement

No.8 Radiant Capital Amount of loss: $53 million

Attack method: private key leakage

On October 17, 2024, Radiant Capitals multi-signature wallet was hacked. Because it adopted a low-threshold 3/11 signature verification mode, the hacker initiated an off-chain signature by mastering the private keys of three signers, transferred the ownership of the wallet contract to a malicious address, and ultimately led to the theft of $53 million. This attack triggered an industry reflection on the design and governance mechanism of multi-signature wallets.

Before this attack, Radiant Capital lost $4.5 million due to a contract vulnerability , and more than 1,900 ETH were stolen. Web3 project owners still need to pay more attention to security.

No.9 Hedgey Finance Amount of loss: $44.7 million

Attack method: Contract vulnerability

On April 19, 2024, Hedgey Finance suffered an attack on multiple on-chain contracts. Hackers exploited the approval vulnerability of its ClaimCampaigns contract and successfully extracted tokens on both Ethereum and Arbitrum chains, with a total loss of $44.7 million. This incident shows the importance of code auditing, especially the strict verification of token approval logic.

No.10 BingX Amount of loss: $44.7 million

Attack method: private key leakage

On September 19, 2024, the hot wallet of BingX exchange was hacked, involving multiple public chains including Ethereum, BNB Chain, Tron, etc. Although the exchange quickly launched the asset transfer and withdrawal freezing mechanism, the hacker successfully withdrew assets worth 44.7 million US dollars. This attack reflects the high risk of hot wallet management of centralized exchanges and further promotes the industry to explore safer asset storage solutions.

The frequent security attacks in 2024 remind us again that the development of the blockchain industry cannot be separated from the escort of security. From private key leaks to contract loopholes, from internal management omissions to the escalation of external attack methods, each incident has brought profound lessons. In order to cope with the increasingly complex attack threats, all parties in the industry need to continue to increase investment in technology research and development, management standards and risk prevention and control. In the future, we look forward to jointly building a more secure blockchain ecosystem through industry collaboration and technological innovation, and providing more reliable protection for users and investors.

This article is sourced from the internet: A review of the top ten most influential Web3 attacks in 2024

Related: Analysis of daos.fun: Can the sudden popularity of ai16z recreate the myth of pump.fun? Original | Odaily Planet Daily ( @OdailyChina ) Author: Azuma ( @azuma_eth ) The rise of ai16z has boosted the popularity of meme fund startup platform daos.fun. Odaily Note: For detailed information about ai16z , please see Inventory of the Hottest Meme Concepts: AI, Artists, Zoos and Minecraft . Protocol Principle daos.fun is positioned as a Solana-based meme fund launch platform, and the fund launched based on this platform will operate in the form of a DAO and issue corresponding DAO tokens (for example, ai16z is the DAO token of the fund). The operation mode of daos.fun imitates the start-up mode of conventional funds, which can be divided into three stages: fundraising, operation and redemption. Fundraising Stage The first is the fundraising stage, during which the initiator of the fund…

تحليل ## بيتكوينعملة # المشفرة# ديفي# ايثريومتبادل ## السوقرمز #أداة ## ويب 3© 版权声明المصفوفة 上一篇 AAVE hits new high again? Chainlink is expected to increase revenue by tens of millions of dollars per year 下一篇 Delphi Digital 2025 Outlook: Bitcoin still has huge potential, and stablecoins will continue to grow 相关文章 Betting on Transparency: How Prediction Markets Are Pricing the Digital Asset Market Transparency Act of 2026 6086cf14eb90bc67ca4fc62b 9٬369 Aster CEO explains token value; staking and on-chain buybacks are coming. 6086cf14eb90bc67ca4fc62b 17٬701 SignalPlus Macro Analysis Special Edition: October Rally 6086cf14eb90bc67ca4fc62b 22٬543 2 AB (AceBitx): Building a comprehensive and robust one-stop crypto trading platform with compliance as its foundation and 6086cf14eb90bc67ca4fc62b 17٬926 5 A live streamer raked in $150,000 in two days, and Pump.fun launched an on-chain revolution in the live streaming econom 6086cf14eb90bc67ca4fc62b 20٬741 The barriers between “trading and interest-earning” have been broken down, and the CEX financial management paradigm is 6086cf14eb90bc67ca4fc62b 22٬390 1 2 تعليقات يجب عليك تسجيل الدخول لتترك تعليق! تسجيل الدخول على الفور #BeelieverTYRDVMI ضيف I was scammed on Coinyee in a Bitcoin investment totaling over $500k. However, I was able to recover my funds with the help of  www.BsbForensic.com They are one of the rare and trustworthy services out there.

منذ 11 شهر 1TP7تراناكامار ضيف ممتاز

منذ 1 سنة (2024) أحدث المقالات Did Jane Street “Manipulate” BTC? Decoding the AP System, Understanding the Power Struggle Behind ETF Creation and Redemption Pricing منذ 21 ساعة 656 Stop Comparing Bitcoin to Gold—It’s Now a High-Volatility Software Stock منذ 21 ساعة 708 Matrixport Research: $25 Billion Gamma Unwinding Imminent, Liquidity Yet to Return Behind the Rebound منذ 21 ساعة 653 ERC-5564: Ethereum’s Stealth Era Has Arrived, Receiving Addresses No Longer ‘Exposed’ منذ 21 ساعة 544 Hong Kong Regulatory Green Light: Asseto Enables DL Holdings to Achieve Compliance for Two RWA Business Implementations منذ 21 ساعة 620 المواقع الشعبيةTempoLighterGAIBطائرة شراعيةبلانكرايلزبوكر BCPokerفوي Bee.com أكبر بوابة Web3 في العالم الشركاء كوين كارب بينانس CoinMarketCap كوين جيكو كوين لايف الدروع قم بتنزيل تطبيق Bee Network وابدأ رحلة web3 ورق ابيض الأدوار التعليمات © 2021-2026. جميع الحقوق محفوظة. سياسة الخصوصية | شروط الخدمة تحميل تطبيق Bee Network وابدأ رحلة web3 أكبر بوابة Web3 في العالم الشركاء CoinCarp Binance CoinMarketCap CoinGecko Coinlive Armors ورق ابيض الأدوار التعليمات © 2021-2026. جميع الحقوق محفوظة. سياسة الخصوصية | شروط الخدمة يبحث يبحثفي الموقععلى تشيناجتماعيأخبار العنوان: صيادو الإنزال الجوي تحليل البيانات مشاهير التشفير كاشف الفخ العربية English 繁體中文 简体中文 日本語 Tiếng Việt 한국어 Bahasa Indonesia हिन्दी اردو Русский العربية

智能索引记录