Monthly Security Review: February 2024

Stay updated with February's security trends and our recent developments. πŸ™Œ

Monthly Security Review: February 2024

Security at a Glance πŸ‘€

In February 2024, DeFi exploits have led to losses of around $8 million. Numerous malicious proposals have been detected, signaling a cautionary note for DAOs. Additionally, a backdoor found in Tornado Cash's frontend allowed a bad actor to steal more than 3200 Ether.

DeFi Exploits

  • Seneca Exploit Incident

On February 29, Seneca on Ethereum and Arbitrum suffered an exploit resulting in a loss of $6 million. The root cause was an arbitrary call issue. DeFi users should regularly check their approvals and stay vigilant! Read more about this.

  • Blueberry Exploit Incident

On February 23, Blueberry on Ethereum suffered an exploit resulting in a loss of $1.4 million. The root cause was the use of inconsistent logic for token price normalization, involving a mismatch between the price sources and their respective normalization methods. The coffeebabe_eth's MEV bot successfully front-ran the exploit and returned 367 Ether. Read more about this.

  • DeezNutz_404 Exploit Incident

On February 22, DeezNutz_404 on Ethereum was exploited, with total losses estimated at around $170K. The root cause was a calculation issue caused by self-transfer. The ERC404 series of tokens have experienced multiple similar exploits. Please exercise caution when engaging in investments. Read more about this.

  • Particle Trade Exploit Incident

On February 15, Particle Trade on Ethereum was exploited, resulting in approximately $140K in losses. The root cause was unverified user input. Read more about this.

  • CheckDot Protocol Malicious Proposal Incident

On February 1, a bad actor submitted a malicious proposal to Checkdot Protocol, with potential losses of $120K. After we informed the Checkdot team, they acknowledged the severity of the threat as critical and implemented a fix.

🚨 We have detected multiple malicious proposals (nounsbr, LeagueDAO, wearecultdao etc. ) in February and would like to remind DAOs to be aware of the risk of proposal attacks.

πŸ‘‰ You can view attack transactions, root cause, and PoC of the above incidents in our Security Incidents List.

Attack transactions of the Seneca Exploit Incident

Backdoor

  • Tornado Cash Frontend Backdoor Incident

A malicious developer implanted a backdoor in the frontend of Tornado Cash, stealing depositor's credentials and at least 3200 Ether in deposits. After Tornado Cash was sanctioned, the project transitioned to community governance. Since then, the project has been subjected to multiple proposal attacks. Read more about this.

Blog Articles

Top Ten "Awesome" Security Incidents in 2023

"What we learn from history is that we do not learn from history."

In this blog, we outline the top ten security incidents worth mentioning in 2023 and their reasons.

For each security incident, we also present the root cause and the attack steps in the following separate blog posts.

Demystify the Access Control Mechanism in Puffer Protocol

Curious about how #PufferProtocol keeps its funds secure? Check out BlockSec's deep dive into its access control architecture! Understand the roles, smart contracts, and strategies for managing over $900M assets. Knowledge is power!

BlockSec’s Perspectives and Solutions on the Security of L2 Blockchains

In this blog, we will first systematically review the security challenges of L2 blockchains and then propose our solutions.

Podcast: How BlockSec Intercepted $15M of Web3 Exploits in Real Time

Andy Zhou, our CEO, joined the host DeGatchi on the Scraping Bits podcast to talk about how we block attacks in Web3. This blog is a transcript of the podcast content.

Exciting Partnership

We are excited to announce our collaboration with Puffer Finance (one of the top restaking protocols, with a TVL of $461M) for a comprehensive audit of the campaign.

Moreover, we are integrating Phalcon (our attack monitoring and blocking platform) into Puffer’s protocol to enhance their security measures.

Events

Mar 1-9, the BlockSec team embarks on our US trip.

We're open for collabs, chats, and all things blockchain. DM us for meetups!

πŸ“ First stop: #ETHDenver, Mar 1 to Mar 2

πŸ“ Second stop: Silicon Valley, Mar 3 to Mar 9

Product Updates

In February, we hosted the Phalcon 3.0 Webinar and collected valuable feedback about Phalcon from users.

In March, we are going to launch Phalcon 3.0β€”a next-gen SaaS platform that auto-detects and blocks hacks, tailored for protocols, LPs/traders, L1/L2 chains, and exchanges.

Brace yourselves for a Web3 security revolution! πŸš€


Stay informed, stay secure! See you next time! πŸ‘‹

Sign up for the latest updates