In brief ⚡
Arbitrum Exploit: Concentric Protocol Compromised in $1.8M Social Engineering Attack
Unauthorized Access on Polygon Network Leads to $7 Million Loss in Gaming Token Breach
Cyberattack on Citadel.one Highlights Persistent Security Threats in Blockchain Sector
List of Tokens in involved in Exit Scam
John Lennon Coin ~ $54.9k
Hacks and Scams⚠️
Socket Protocol
Amount of Loss: ~ $1.6M
Analysis
An attacker compromised the private key of Concentric protocol's deployer account through a social engineering attack on Arbitrum.
The compromised key was used to upgrade vaults, mint new LP tokens, and drain assets from the vaults, resulting in a loss of over $1.8 million, as reported by CertiK.
Concentric urged users to revoke approvals from all vault addresses listed in the protocol's documents to mitigate further losses.
The attacker exploited a vulnerability by repeatedly calling the adminMint function on a Concentric contract to mint CONE-1 tokens, which were then redeemed for funds from the AlgebraPool.
The Concentric team initiated an investigation and committed to issuing a post-mortem report with a plan to address the vulnerability, emphasizing their dedication to restoring the protocol's integrity.
GAME Token
Amount of Loss: ~ $7M
Analysis
- Unauthorized transactions on the Polygon network resulted in a $7 million loss, primarily affecting the $GMEE token.
- The breach, traced back to a compromised $GMEE deployer address, occurred around 6:31 PM UTC on January 22nd, with attackers stealing 600 million $GMEE tokens.
- Attackers swiftly converted stolen tokens into $MATIC and transferred some funds to the Ethereum blockchain, potentially laundering them through interactions with the WhiteBit exchange.
- This breach compounds existing challenges for gaming tokens, already affected by Bitcoin's decline, and contributes to a surge in security breaches this week, with another notable incident involving Concentric on the Arbitrum network, costing $1.8 million.
- Initial investigations suggest a lapse in access control, possibly facilitated by unauthorized access to GitLab, emphasizing the importance of robust security measures in the cryptocurrency sector.
GAME Token
Amount of Loss: ~ $93k
Analysis
- Citadel.one, a prominent portfolio management tool, experienced a cyberattack on the Arbitrum network, resulting in a loss estimated at $93,000.
- BlockSec, a leading cybersecurity firm, detected the breach using its Phalcon system, emphasizing the critical role of vigilant monitoring in safeguarding against cyber threats.
- While specific details of the attack remain under investigation, the incident highlights the persistent security challenges faced by platforms within the blockchain sector.
- The attack on Citadel.one underscores the network-agnostic nature of cyber threats, where vulnerabilities can be exploited across various blockchain technologies.
- This event underscores the importance of continuous security enhancements, advanced threat detection systems, and robust protocols to protect digital assets in the cryptocurrency community.
Explore the Depths of Knowledge: Research Papers, Blogs and Tweets🔖
Tweets
GitHub Repos
Articles
Web3 Community Spotlight🔦
Thanks for reading HashingBits! Share a summary of our newsletter on your social media platforms, tag us, and use the #AwareToEarn hashtag, and you could win 10 USDT as a reward! Help us build a safer Web3 ecosystem and have a chance to earn rewards and support our work.