In brief⚡
🔥 Atomic Wallet Explosion! $35M Gone in Hacking Heist! 💥
💔 NFDAO Investors Robbed! $88.3K Vanishes in Rug Pull Scam!
⚠️ USEA Devastated! $1.1M Disappears in Rug Pull Nightmare! 😱
🚫 MURATIAI Ambushed! $87.1K Sucked into Contract Black Hole!
🕳️ UN lost ~$26K to a Front Run Bot
Hacks and Scams⚠️
Atomic Wallet
Amount of Loss: ~ $35M
Analysis
On June 3, several Atomic Wallet users reported that their wallet assets had been stolen on social media.
According to analysis, the total loss to Atomic Wallet users is now around $35 million.
Atomic says less than 1% of monthly active users are currently affected or reported. In an emergency, Atomic Wallet, according to SlowMist, took Cloudflare's download site and sha256sum verification site offline.
Due to this, there may be a security issue with the link for downloading the historical version.
NFDAO
Amount of Loss: ~ $88.3K
Analysis
The bulk liquidity of NFDAO (NFD) has been removed.
The deployer's associated wallet removed the liquidity and profited by approximately $88,300. 0xe1AFC0A3c9aA2537DEea233EF7dc0952ceEDfDA3 is the bsc address.
USEA
Amount of Loss: ~ $1.1M
Analysis
A Rug Pull occurred on the BNB Chain for the USEA token, resulting in a loss of approximately $1.1 million, and the deployer minted a total of 700 million USEAs via the mint function, then transferred them to EOA addresses and sold 1114468 BUSD via PancakeSwap V3.
MURATIAI
Amount of Loss: ~ $87.1K
Analysis
The MURATIAI on the BNB Chain had been compromised. A Smart Contracts Vulnerability caused the loss of $87117.
The Malicious Contract communicates with the #MuratiAI contract by calling the transferFrom function repeatedly within a loop, allowing the attacker to drain funds from the MuratiAI contract.
UN
Amount of Loss: ~ $26K
Analysis
A $26K UN token on BSC was hacked.
The attacker activates the send reward function by repeatedly transferring directly to the pair.
After sending $UN tokens to the pair address, the attacker uses skim to transfer the extra $UN tokens to the attack contract.
After being front-run, the original hacker sent 3 tx gain 3k profit, and his exploit contract address is 0x16cfc66e53525cab27637b6a704753a967fca608 exploiting an old school skim-lp vulnerability.
Explore the Depths of Knowledge: Research Papers & Blogs🔖
Beware of DeFi Honeypots: How to Spot Them and Stay Safe
The Web3 community suffered a major setback in 2022 when Ronin Bridge was hacked for $620 million, making it one of the largest DeFi hacks of the year. These types of hacks have a negative impact on the entire Web3 industry. Web3 risks are not limited to contract vulnerabilities; one of the most dangerous Web3 attacks today is the Honeypot Scam.
Decoding Jimbo’s Protocol $7.5M Exploit
On May 28, 2023, the Arbitrum chain's Jimbo's Protocol was hacked. The hackers were able to exploit a flaw in the protocol's slippage control mechanism, allowing them to steal approximately $7.5 million in ETH.