In brief—
Events Under the Spotlight 🔎
DaoSwap exploited for 581,257 USDT
Due to mining rewards greater than the costs required during the swap procedure and,
A lack of verification, DaoSwap lost 580,000 USDT on September 5th in an attack that allowed users to set the inviter's address as themselves.
Nereus Finance Exploited for $371,000 (USDC)
An avalanche-based lending protocol, Nereus Finance was attacked through a smart contract exploit.
GERA token security was compromised due to private key leakage
Hackers transferred ownership of the GERA token’s smart contract deployer to another address:
New Free DAO (NFD) Token Crashes by 99% After a Flash Loan Exploit
DeFi protocol New Free DAO was hacked on Thursday, which saw roughly $1.25m drained from the platform.
After the attacker borrowed 250 wrapped BNB, which was swapped for NFD.
A malicious contract was then deployed on the network, allowing the attacker to repeatedly claim airdrop rewards – which were converted back to BNB and sold.
The Sandbox Game Instagram was compromised
The Instagram account of the metaverse platform The Sandbox was compromised, and it was used to try to rent out Bored Ape Yacht Club nonfungible tokens (NFTs) from several individuals on the social networking site.
On Thursday, hackers gained access to the voxel-powered NFT platform's profile, using it to promote a fake raffle ticket event that advertised a season 4 LAND giveaway to gullible fans.
The company claimed that the fraudulent giveaway had been promoted by getting beyond its two-factor authentication and other security safeguards.
One user claimed to have lost NFTs after following the fraudulent link, and the profile's website address was changed.