{"id":1769,"date":"2021-12-16T08:27:28","date_gmt":"2021-12-16T08:27:28","guid":{"rendered":"https:\/\/tradersofcrypto.com\/news\/?p=1769"},"modified":"2021-12-16T08:27:29","modified_gmt":"2021-12-16T08:27:29","slug":"hacks-still-top-threat-for-exchanges-defi","status":"publish","type":"post","link":"https:\/\/tradersofcrypto.com\/news\/hacks-still-top-threat-for-exchanges-defi\/","title":{"rendered":"Hacks Still Top Threat for Exchanges, DeFi"},"content":{"rendered":"\n<p>The abundance of cryptocurrency exchanges and decentralized protocols once again raises the issues of hacks, after last week\u2019s high-profile losses.&nbsp;<\/p>\n\n\n\n<p>At the top of the list, the $100M Bitmart hack lined up among the biggest exchange attacks. Mostly <a href=\"https:\/\/tradersofcrypto.com\/coins\/ethereum\/\">Ethereum-based assets<\/a> were transferred out of the exchange, affecting user wallets and balances directly.\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Estimate loss of <a href=\"https:\/\/twitter.com\/BitMartExchange?ref_src=twsrc%5Etfw\">@BitMartExchange<\/a>: ~$100M. Here is the list of the transferred-out assets and their amounts <a href=\"https:\/\/t.co\/mUKYsuTxYZ\">pic.twitter.com\/mUKYsuTxYZ<\/a><\/p>&mdash; PeckShield Inc. (@peckshield) <a href=\"https:\/\/twitter.com\/peckshield\/status\/1467302620000043013?ref_src=twsrc%5Etfw\">December 5, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>Bitmart claims it has recovered its functionality and has continued business as usual with other asset trading. However, the exchange is relatively risky and a venue for more volatile altcoins.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Safemoon Survives Hack Sell-Off<\/strong><\/h3>\n\n\n\n<p>The Safemoon (SAFEMOON) token, a sub-penny asset, also saw a trading anomaly at the time of the Bitmart hack.&nbsp;<\/p>\n\n\n\n<p>SAFEMOON crashed after apparently a whale dumped coins on the market. Despite the low price of $0.000001517, SAFEMOON recovered its previous positions from the deep losses. The asset is extremely volatile, especially on the slim volume exchange.&nbsp;<\/p>\n\n\n\n<p>However, Bitmart was an important trading venue that also invited the Safemoon community to buy the dip and recover prices.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/SafeMoonArmyStrong?src=hash&amp;ref_src=twsrc%5Etfw\">#SafeMoonArmyStrong<\/a> <br>BitMart hack dip devoured by some very intelligent people. This is awesome! You Guys and Gals ROCK!! \ud83e\udd18\ud83e\udd18\ud83e\udd18\ud83d\ude0e\ud83d\udcaf<a href=\"https:\/\/twitter.com\/hashtag\/SAFEMOON?src=hash&amp;ref_src=twsrc%5Etfw\">#SAFEMOON<\/a><a href=\"https:\/\/twitter.com\/hashtag\/SAFEMOONFAMILY?src=hash&amp;ref_src=twsrc%5Etfw\">#SAFEMOONFAMILY<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/SAFEMOONARMY?src=hash&amp;ref_src=twsrc%5Etfw\">#SAFEMOONARMY<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/SAFEMOONV2?src=hash&amp;ref_src=twsrc%5Etfw\">#SAFEMOONV2<\/a> <a href=\"https:\/\/t.co\/eDI7RuvkBz\">pic.twitter.com\/eDI7RuvkBz<\/a><\/p>&mdash; Safemoon Necromancer (@JoshNsafemoon) <a href=\"https:\/\/twitter.com\/JoshNsafemoon\/status\/1468149256733310977?ref_src=twsrc%5Etfw\">December 7, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>The Safemoon project has not been directly affected, but underlines the danger of holding less liquid coins.&nbsp;<\/p>\n\n\n\n<p>SAFEMOON will also evolve after migrating to a V2 network, with a potential upside to price action. The asset has not been listed on major exchanges and the community is still building up acceptance.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Price Anomaly Puts Billions in Balances<\/strong><\/h3>\n\n\n\n<p>Another recent anomaly involved CoinMarketCap, the leading source of information went through a glitch that displayed exorbitant prices for all digital coins and tokens.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Coinmarketcap hack today <a href=\"https:\/\/twitter.com\/CoinMarketCap?ref_src=twsrc%5Etfw\">@CoinMarketCap<\/a> <a href=\"https:\/\/t.co\/2kRMA0et0z\">pic.twitter.com\/2kRMA0et0z<\/a><\/p>&mdash; I m Thakur (@iammayankthkur) <a href=\"https:\/\/twitter.com\/iammayankthkur\/status\/1471121072955138050?ref_src=twsrc%5Etfw\">December 15, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>So far, no problems with price information have been detected, with the exception of Coinbase wallet holders.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Decentralized Protocols Also in Danger<\/strong><\/h3>\n\n\n\n<p>One of the recent hacks affected AscendEX, a newly created exchange with the potential to serve global traders. The exchange saw an attack against its hot wallets, affecting three widely used blockchain.&nbsp;<\/p>\n\n\n\n<p>Peckshield data estimate the losses at close to $80M.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Estimated loss <a href=\"https:\/\/twitter.com\/AscendEX_Global?ref_src=twsrc%5Etfw\">@AscendEX_Global<\/a>: $77.7M in total ($60M on <a href=\"https:\/\/twitter.com\/ethereum?ref_src=twsrc%5Etfw\">@ethereum<\/a> $9.2M <a href=\"https:\/\/twitter.com\/BinanceChain?ref_src=twsrc%5Etfw\">@BinanceChain<\/a> $8.5M <a href=\"https:\/\/twitter.com\/0xPolygon?ref_src=twsrc%5Etfw\">@0xPolygon<\/a>). Here is the list of the transferred-out assets and their amounts on <a href=\"https:\/\/twitter.com\/ethereum?ref_src=twsrc%5Etfw\">@ethereum<\/a> <a href=\"https:\/\/t.co\/VC4DKOwu4f\">pic.twitter.com\/VC4DKOwu4f<\/a><\/p>&mdash; PeckShield Inc. (@peckshield) <a href=\"https:\/\/twitter.com\/peckshield\/status\/1469915194004766722?ref_src=twsrc%5Etfw\">December 12, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>Because Ethereum, Polygon and <a href=\"https:\/\/tradersofcrypto.com\/coins\/ethereum\/\">Binance Smart Chain<\/a> also carry multiple tokens, the hack turned out to be more complex, with smaller assets affected.\u00a0<\/p>\n\n\n\n<p>One of the assets was the BOND token, for which the exchange promised to reimburse holders.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">1\/2  <br><br>In regards to the <a href=\"https:\/\/twitter.com\/AscendEX_Global?ref_src=twsrc%5Etfw\">@AscendEX_Global<\/a> hack, they have confirmed that the total <a href=\"https:\/\/twitter.com\/search?q=%24BOND&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$BOND<\/a> taken from the exchange is 14793293.<br><br>As per the exchange&#39;s communications, every user that lost tokens will be made whole.<\/p>&mdash; Bonded (@Bondedfinance) <a href=\"https:\/\/twitter.com\/Bondedfinance\/status\/1470290622192009219?ref_src=twsrc%5Etfw\">December 13, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>Orion Protocol (ORN) tokens were also affected.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">\ud83d\udea8 Update: AscendEX compromise\ud83d\udea8<br><br>294,219 <a href=\"https:\/\/twitter.com\/search?q=%24ORN&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$ORN<\/a> was compromised in the hack, and we are working closely with <a href=\"https:\/\/twitter.com\/AscendEX_Global?ref_src=twsrc%5Etfw\">@AscendEX_Global<\/a>  to resolve this.<br><br>Any losses incurred by users will be completely covered by <a href=\"https:\/\/twitter.com\/hashtag\/AscendEX?src=hash&amp;ref_src=twsrc%5Etfw\">#AscendEX<\/a>.<\/p>&mdash; Orion Protocol (@orion_protocol) <a href=\"https:\/\/twitter.com\/orion_protocol\/status\/1470049361220485125?ref_src=twsrc%5Etfw\">December 12, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>While the losses are small against the overall size of the digital asset market, they underline the risk of supporting smaller projects or attempting to trade more obscure altcoins. For some of the coins, an exploit can freeze trading temporarily and stop price discovery.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>NFT Mints May Lead to Losses<\/strong><\/h3>\n\n\n\n<p>The newest fundraising and marketing tool for new cryptocurrency projects is an <a href=\"https:\/\/tradersofcrypto.com\/news\/tezos-xtz-rises-on-ubisoft-nft-launch\/\">NFT mint<\/a>p. Based on the previous success of collections like CryptoPunks and Bored Apes, mints entice with the opportunity of early access to potentially valuable digital items.\u00a0<\/p>\n\n\n\n<p>In addition to collections, new projects also promise items for upcoming games. But just like in past token sales, multiple projects turn out to be scams or rug pulls, where the team liquidates the assets and disappears.&nbsp;<\/p>\n\n\n\n<p>Joining new projects may have its upsides, but it is the riskiest part of the cryptocurrency market. Trading new NFTs may be illiquid and the promised games may never materialize.&nbsp;<\/p>\n\n\n\n<p>At the same time, play to earn tokens are starting to become a significant group of assets, with Axie Infinity (AXS) remaining highly liquid, with prices close to $100.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Vulcan Forged Produces Tainted Wallets<\/strong><\/h3>\n\n\n\n<p>One of the most recent hacks of a live project involved Vulcan Forged, a working decentralized app. The project offered a wallet creating function, but ended up exposing user private keys to a hacker.&nbsp;<\/p>\n\n\n\n<p>All affected wallets were drained of all assets. Vulcan Forged has advised its players to build new wallets and reimbursed the balance from its treasury.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">The <a href=\"https:\/\/twitter.com\/VulcanForged?ref_src=twsrc%5Etfw\">@VulcanForged<\/a> gaming dapp ecosystem suffered an exploit through its My Forge functionality last night.<br><br>Despite the slowdown in the past 24h, <a href=\"https:\/\/twitter.com\/hashtag\/dapps?src=hash&amp;ref_src=twsrc%5Etfw\">#dapps<\/a> on <a href=\"https:\/\/twitter.com\/hashtag\/VulcanForged?src=hash&amp;ref_src=twsrc%5Etfw\">#VulcanForged<\/a> are gradually getting back on track.<a href=\"https:\/\/t.co\/ye7RW1rzy4\">https:\/\/t.co\/ye7RW1rzy4<\/a><\/p>&mdash; DappRadar (@DappRadar) <a href=\"https:\/\/twitter.com\/DappRadar\/status\/1471163141534875655?ref_src=twsrc%5Etfw\">December 15, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>The Vulcan Forge hack is estimated at $140M from 96 wallets. The theft affected 4.5M PYR tokens, the native reward token of the Vulcan Forged ecosystem. However, despite the attack, there are expectations PYR can recover and grow. The news of the hack caused a fast crash of 30% for PYR, which now trades around $23, after a 50% loss in the past two weeks caused by the prevailing market mood.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">If any Crypto project wants a lesson in Crisis management, spend some time reading the <a href=\"https:\/\/twitter.com\/VulcanForged?ref_src=twsrc%5Etfw\">@VulcanForged<\/a> feed following the hack of over $100m of PYR.<br><br>Genuinely first class. Exceeded my already high expectations of the team. <br><br>Yes, we bought the dip. <a href=\"https:\/\/t.co\/nZqBVMJc05\">https:\/\/t.co\/nZqBVMJc05<\/a><\/p>&mdash; Terranaut \ud83c\udf16 (@terranaut3) <a href=\"https:\/\/twitter.com\/terranaut3\/status\/1471090570605039617?ref_src=twsrc%5Etfw\">December 15, 2021<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<p>This time, the team was involved directly in solving the exploit, also intervening to make the stolen funds worthless. Vulcan Forged is built on <a href=\"https:\/\/tradersofcrypto.com\/news\/polygon-matic-signals-potential-for-new-record\/\">Polygon\u2019s network<\/a>, and allows for more centralized control of the assets. This also allowed for the creation of a wallet-as-a-service product, which in turn compromised the private keys for brand-new wallets.<\/p>\n\n\n\n<p>NFTs have also been the object of thefts with attacks happening through automated wallet connection and signing. The best approach is to avoid connecting browser wallets to dubious apps, while also disabling the automated connect function. Stolen NFT collectibles can also be blacklisted and removed from future auctions.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Private key theft, rug pulls and exploits revealed the vulnerabilities of crypto projects. Markets managed to recover, while projects and traders absorbed losses.<\/p>\n","protected":false},"author":3,"featured_media":1770,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[460,303,20,459],"class_list":["post-1769","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorised","tag-bitmart","tag-hack","tag-nft","tag-vulcan-forged","entry"],"_links":{"self":[{"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/posts\/1769","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/comments?post=1769"}],"version-history":[{"count":0,"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/posts\/1769\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/media\/1770"}],"wp:attachment":[{"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/media?parent=1769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/categories?post=1769"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tradersofcrypto.com\/news\/wp-json\/wp\/v2\/tags?post=1769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}