温馨提示:本站仅提供公开网络链接索引服务,不存储、不篡改任何第三方内容,所有内容版权归原作者所有
AI智能索引来源:http://www.bee.com/ko/37639.html
点击访问原文链接

A review of the top ten most influential Web3 attacks in 2024 | Bee Network

进入原网站 导航首页
A review of the top ten most influential Web3 attacks in 2024 | Bee Network Login 인기 뉴스 밈 런치패드 AI 에이전트 DeSci 탑체인 익스플로러 뉴비의 경우 100x 코인 꿀벌 게임 필수 웹사이트 필수 앱 암호화폐 유명인 드핀 루키 에센셜 함정 탐지기 기본 도구 고급 웹사이트 교환 NFT 도구 안녕, 로그아웃 웹3 유니버스 계략 DApp 꿀벌 하이브 성장하는 플랫폼 기원 후 찾다 영어 코인 충전 로그인 다운로드 웹3 유니 계략 DApp 꿀벌 하이브 기원 후 분석•본문 A review of the top ten most influential Web3 attacks in 2024분석1년 전(2024년)업데이트와이엇 41,4362 92 원본 출처: Beosin

In 2024, the blockchain industry is facing increasingly severe security challenges while innovating technology and expanding its ecosystem. According to the Alert platform of security audit company Beosin, as of press time, the total losses in the Web3 field in 2024 due to hacker attacks, phishing scams and project party Rug Pulls reached US$2.491 billion.
These incidents not only exposed technical defects such as private key management and smart contract vulnerabilities, but also highlighted the potential risks of social engineering and internal management. This article will review the top ten Web3 security incidents in 2024 to help the industry learn lessons from them and better deal with future security threats.

No.1 DMM Bitcoin
Amount of loss: $304 million

Attack method: private key leakage

On May 31, 2024, DMM Bitcoin, a long-established 암호화폐currency exchange in Japan, suffered a historic attack. The attacker used the leaked private key to directly transfer more than $300 million worth of Bitcoin and quickly dispersed the stolen funds to more than 10 different addresses. This attack exposed DMM Bitcoins serious 디파이ciencies in private key management and multi-layer security protection. Although the exchange tried to track the hacker through on-chain monitoring and freezing funds, the stolen Bitcoin was dispersed and transferred and cleaned using mixing tools, which brought great challenges to tracking.

On December 24, Japanese police determined that the DMM Bitcoin theft was the work of the North Korean hacker group Lazarus Group. For a detailed analysis of Lazarus Groups past attacks and fund laundering, please read The Most Bold Cryptocurrency Theft Gang in History, Analysis of Money Laundering by the Hacker Group Lazarus Group .

No.2 PlayDapp

Amount of loss: $290 million

Attack method: private key leakage

On February 9, 2024, PlayDapp suffered a heavy blow. Hackers minted 2 billion PLA tokens with an initial value of $36.5 million by stealing private keys . As negotiations between the project and the hackers failed, the hackers further minted 15.9 billion PLA tokens worth $253.9 million in a short period of time. After some of these tokens flowed into the Gate exchange, PlayDapp was forced to suspend the PLA contract and migrate to the PDA token contract. This incident highlights the shortcomings of blockchain projects in private key protection 그리고 incident emergency response .

No.3 WazirX Amount of loss: $235 million

Attack methods: Cyber attacks and phishing

On July 18, 2024, the Safe Wallet multi-signature wallet of WazirX, Indias largest cryptocurrency exchange, was precisely attacked by hackers. The attacker used social engineering to induce the multi-signature signer to sign a contract upgrade transaction, and then used the upgraded contract permissions to transfer all the assets in the wallet. This case highlights the potential risks of multi-signature wallets in terms of management authority configuration and operational transparency, and has also triggered in-depth reflection within the industry on the internal risk control and security mechanisms of the project.

For a detailed analysis of the incident and fund tracking, please read Beosin | Analysis of the $235 million theft from Indian exchange WazirX .

No.4 Gala Games Amount of loss: $216 million

Attack method: Access control vulnerability

On May 20, 2024, a privileged address of Gala Games was hacked. The attacker minted 5 billion GALA tokens at one time by calling the mint function in the token contract. Subsequently, the hacker exchanged the additional tokens for ETH in batches, directly causing a loss of 216 million US dollars. After the incident, the Gala Games team urgently activated the blacklist function to block some hacker accounts and recovered the losses through legal channels.

No.5 Chris Larsen (Ripples co-founder) Amount of loss: $112 million

Attack method: private key leakage

On January 31, 2024, four personal wallets of Chris Larsen, co-founder of Ripple, were hacked, resulting in the theft of $112 million in XRP. These wallets were suspected to have become targets of attack due to the lack of dual protection of hardware devices. After the incident, Binance successfully froze $4.2 million worth of XRP and assisted Larsen in tracking the stolen assets, but most of the funds had been laundered through decentralized exchanges and currency mixing services.

No.6 Munchables Amount of loss: $62.5 million

Attack method: social engineering attack

On March 26, 2024, Munchables, a Web3 game platform based on Blast, suffered a rare internal penetration attack. The attacker was a North Korean hacker disguised as a blockchain developer, who obtained the core code and sensitive keys through long-term lurking. Although the attack caused huge losses, due to pressure from the community and the team, the hacker eventually returned all the stolen funds. This incident reveals the importance of supply chain security, especially for blockchain projects that rely on third-party development.

No.7 BtcTurk Amount of loss: $55 million

Attack method: private key leakage

On June 22, 2024, Turkeys largest cryptocurrency exchange, BtcTurk, was attacked by a private key leak, losing more than $55 million in crypto assets. With the assistance of the Binance team, $5.3 million of the stolen funds were successfully frozen, but other assets have not yet been recovered. This incident has deepened the markets concerns about the private key management of centralized exchanges.

BtcTurk officially releases an attack announcement

No.8 Radiant Capital Amount of loss: $53 million

Attack method: private key leakage

On October 17, 2024, Radiant Capitals multi-signature wallet was hacked. Because it adopted a low-threshold 3/11 signature verification mode, the hacker initiated an off-chain signature by mastering the private keys of three signers, transferred the ownership of the wallet contract to a malicious address, and ultimately led to the theft of $53 million. This attack triggered an industry reflection on the design and governance mechanism of multi-signature wallets.

Before this attack, Radiant Capital lost $4.5 million due to a contract vulnerability , and more than 1,900 ETH were stolen. Web3 project owners still need to pay more attention to security.

No.9 Hedgey Finance Amount of loss: $44.7 million

Attack method: Contract vulnerability

On April 19, 2024, Hedgey Finance suffered an attack on multiple on-chain contracts. Hackers exploited the approval vulnerability of its ClaimCampaigns contract and successfully extracted tokens on both Ethereum and Arbitrum chains, with a total loss of $44.7 million. This incident shows the importance of code auditing, especially the strict verification of token approval logic.

No.10 BingX Amount of loss: $44.7 million

Attack method: private key leakage

On September 19, 2024, the hot wallet of BingX exchange was hacked, involving multiple public chains including Ethereum, BNB Chain, Tron, etc. Although the exchange quickly launched the asset transfer and withdrawal freezing mechanism, the hacker successfully withdrew assets worth 44.7 million US dollars. This attack reflects the high risk of hot wallet management of centralized exchanges and further promotes the industry to explore safer asset storage solutions.

The frequent security attacks in 2024 remind us again that the development of the blockchain industry cannot be separated from the escort of security. From private key leaks to contract loopholes, from internal management omissions to the escalation of external attack methods, each incident has brought profound lessons. In order to cope with the increasingly complex attack threats, all parties in the industry need to continue to increase investment in technology research and development, management standards and risk prevention and control. In the future, we look forward to jointly building a more secure blockchain ecosystem through industry collaboration and technological innovation, and providing more reliable protection for users and investors.

This article is sourced from the internet: A review of the top ten most influential Web3 attacks in 2024

Related: Analysis of daos.fun: Can the sudden popularity of ai16z recreate the myth of pump.fun? Original | Odaily Planet Daily ( @OdailyChina ) Author: Azuma ( @azuma_eth ) The rise of ai16z has boosted the popularity of meme fund startup platform daos.fun. Odaily Note: For detailed information about ai16z , please see Inventory of the Hottest Meme Concepts: AI, Artists, Zoos and Minecraft . Protocol Principle daos.fun is positioned as a Solana-based meme fund launch platform, and the fund launched based on this platform will operate in the form of a DAO and issue corresponding DAO tokens (for example, ai16z is the DAO token of the fund). The operation mode of daos.fun imitates the start-up mode of conventional funds, which can be divided into three stages: fundraising, operation and redemption. Fundraising Stage The first is the fundraising stage, during which the initiator of the fund…

# 분석# 비트코인# 암호# 데피# 이더리움# 교환# 마켓# 토큰# 도구# 웹3© 版权声명배열 上一篇 AAVE hits new high again? Chainlink is expected to increase revenue by tens of millions of dollars per year 下一篇 Delphi Digital 2025 Outlook: Bitcoin still has huge potential, and stablecoins will continue to grow 상关文章 MSX Points Season 1 Complete Guide: How to Obtain “Double Alpha” Through RWA US Stock Trading 6086cf14eb90bc67ca4fc62b 16,810 1 BTC>1Kg Golden Era Arrives: Looking Back at BTC’s Unique “Digital Gold History”Recommended Articles 6086cf14eb90bc67ca4fc62b 26,010 1 Ethereum’s revenue plummeted 75%: a sign of recession or the pain of transformation? 6086cf14eb90bc67ca4fc62b 19,947 2 “Black Monday” Strikes Again, Is Trump Once Again the “Flash Crash Engine”? 6086cf14eb90bc67ca4fc62b 9,264 2 What is the impact of the Provisions on Due Diligence Exemption for Bank Foreign Exchange Business (Trial Implementation 6086cf14eb90bc67ca4fc62b 38,565 The AI Agent upstart Swarm has grown 7 times in a week. What other potential projects are there in the ecosystem? 6086cf14eb90bc67ca4fc62b 39,229 1 댓글 2개 댓글을 남기시려면 로그인이 필요합니다! 즉시 로그인 #BeelieverTYRDVMI 손님 I was scammed on Coinyee in a Bitcoin investment totaling over $500k. However, I was able to recover my funds with the help of  www.BsbForensic.com They are one of the rare and trustworthy services out there.

11개월 전 1TP7트라나카마르 손님 감독자

1년 전(2024년) Bee.com 세계 최대의 Web3 포털 파트너 코인카프 바이낸스 코인마켓캡 코인게코 코인라이브 갑옷 Bee Network 앱을 다운로드하고 web3 여정을 시작하세요 백지 역할 자주하는 질문 © 2021-2026. 모든 권리 보유. 개인 정보 정책 | 서비스 약관 꿀벌 네트워크 앱 다운로드 Web3 여정을 시작해보세요 세계 최대의 Web3 포털 파트너 CoinCarp Binance CoinMarketCap CoinGecko Coinlive Armors 백지 역할 자주하는 질문 © 2021-2026. 모든 권리 보유. 개인 정보 정책 | 서비스 약관 찾다 찾다사이트에온체인사회의소식 熱门推荐 : 에어드롭 헌터 데이터 분석 암호화폐 유명인 함정 탐지기 한국어 English 繁體中文 简体中文 日本語 Tiếng Việt العربية Bahasa Indonesia हिन्दी اردو Русский 한국어

智能索引记录