Chengdu Lianan 2021-04-30 22:31:10 阅读数:312
According to Chengdu chain an 【 Lian Bi an - Blockchain security situation awareness platform （Beosin-Eagle Eye）】 Security public opinion monitoring data shows ：2021 year 4 month , according to an uncompleted statistic , The typical security events of the whole blockchain ecology are more than 19 rise , The overall safety risk rating is 【 low 】. This month, , Although the safety risk index is low , However, typical security incidents have occurred in various sub areas , The whole is evenly distributed , Therefore, we should not take it lightly .
except 【 other aspects 】 There is 9 Except for a typical security incident , It's not hard to see. , On the side “ low ” Under the security situation of risk , The whole blockchain ecology is still 【DeFi aspect 】 and 【 Swindle and run / Encryption scams 】, It is easier to become a hotbed for hacker attacks and fraud crimes . thus , For daily work and life to ensure that DeFi Project safety audit and strengthening self fraud awareness , It's very important .
Here are the details of this month's safety monthly report .
On the exchange side , Co occurring 『 2 』 A typical security incident
4 month 21 Japan , Users are interested in the Turkish exchange Thodex Bring criminal proceedings , Said he stole hundreds of millions of dollars , The exchange CEO Left Turkey the day before the lawsuit was filed , And on the day the suit was filed , The Exchange suspended trading . At present, the Turkish government has launched an investigation into the exchange .
4 month 24 Japan 00:35,FTX Co founder of the exchange SBF Tweet that , Websites suffer from a small DDOS attack , At present, the website has been frozen , But user funds and core systems will not be affected , Will only affect API and GUI Throughput .
DeFi aspect , Co occurring 『 3 』 A typical security incident
DeFi Portal site DeFiBox.com call ,Heco On the chain CORN The project has a very high security risk . If the user withdraws from the pledge in the process of mining , It will be deducted 99% Principal . According to the white paper of the project , The money deducted 94% Will be donated to the community ,5% Our liquidity will continue to mine .
Easyfi.network Founder and CEO Ankitt Gaur Said on twitter ,4 month 19 Japan , Hackers will be a lot of EASY Token from EasyFi The official wallet was transferred to Ethereum and Polygon Unknown wallet on the Internet ; The computers that manage the tokens are offline for more than a week .
4 month 28 Japan , Coin an smart chain focuses on AMM On chain incentive agreement Uranium.Finance A tweet means , During the process of contract migration, there are loopholes and hackers attack and exploit them , Lead to 5000 Ten thousand dollars were stolen .
Beosin Comment on ：
Although this month 【DeFi aspect 】 There are few typical security incidents , But the economic losses caused by the incident are still serious . adopt Uranium.Finance Being hacked , Chengdu Lianan （Beosin）· The security team suggests that when users participate in DeFi Project time , Remember to avoid risks at all times , Choose reliable projects that have been audited by a third party security company .
Swindle and run / Encryption scams , Co occurring 『 3 』 A typical security incident
A name is “ Sunshine orchard ” Of APP“ racketeer ” All kinds of tree planting Software , Packaging fruits as virtual assets , Claim to be as high as 1600% The rate of return is very popular . But it's actually through MLM 、 Ponzi scam and other means combined with internet gimmicks “ Funds plate ”.
A fraudster swindled all over Spain 300 A number of encryption investors as high as 35.8 Billion dollars , Recently, this group of cheated investors filed a lawsuit to the Spanish court .
Counterfeiting again in Google App Store Uniswap Of App. The App Once on the shelves , At one time, it became the most popular paid app in the financial category of Google App mall . By the time the news came out , The app has been taken off the shelves , This fake App Lead to 1000 Many people have been cheated .
Blackmail Software / Mining Trojan horse , Co occurring 『 1 』 A typical security incident
Github We investigated a series of attacks that abuse infrastructure to exploit virtual assets illegally , Hackers execute their own malicious code , stay Github Mining on the basis of the infrastructure , Each attack could deploy hundreds of mining machines , This has a significant impact on the computing power of the infrastructure .
Dark net aspect , Co occurring 『 1 』 A typical security incident
4 month 26 Japan , Russian police said , Yes 4 A Russian counterfeiter will 10 Billion rubles （ About us 1220 Thousands of dollars ） Fake banknotes in the dark net shopping mall Hydra Sell on the market , And convert it into bitcoin ; It's time to 4 A criminal suspect is facing prosecution in the local court .
other aspects , Co occurring 『 9 』 A typical security incident
An Italian man tried to get through 1 Million euro bitcoin hired a killer and ordered him to kill his ex-wife . But before the crime goes on , Arrested by Europol and Italian police .
4 month 8 Japan ,Summa founder James Prestwich Tweet about BitClout, Say it uploads the user key to a public server , This will result in anyone having access to BitClout The staff of the server can steal all the funds on the platform .
Ethereum wallet Dharma Downtime , All the money is safe . The authorities have decided on a solution , It will recover soon .
Gyeongju, South Korea will be 10 Investigate a possible tax evasion case of virtual assets , The city government has been in touch with a number of virtual asset exchanges , To collect data on violations . At present, super 500 People investigate .
2016 The stolen bitcoin was transferred within this month , Will be divided into 63 Pen transfer , It's been transferred 10057 Bitcoin , Each stroke 50 To 1241.37 I can't wait , At present, the total price is close to 6.3 Billion . allegedly ,2016 year 8 month , Hackers have stolen 12 Ten thousand bitcoins .
at present , Yancheng Jianhu police found out EOS It's called “Biggame” There are up to 7.3 More than 10000 people are involved in gambling , involve 17 Countries and regions , The funds involved are as high as 80 One hundred million yuan , Illegal income exceeds 6000 Ten thousand yuan ; The police have arrested many people 25 Suspects , It's worth more than 2600 10000 yuan of virtual assets 130 More than ten thousand .
The etheric fang 2.0 client Prysm Development team Prysmatic Labs Disclosed the details of the client defect , This defect results in the use of Prysm The beacon node of has continued 18 An era （ About two hours ） Cannot generate blocks , But then it automatically recovered , And no human intervention .
This month, , Security researchers found that hackers created a forgery DirectX 12 The download site , The site looks like a normal site , But it will cause malware to scan the user's computer , If the user has a virtual asset wallet , Will also be right Ledger Live、Waves、Exchange、Coinomi、Electrum And so on , Finally, the stolen information is sent to the hacker .
According to open court documents ,FBI Agents arrested a Russian and Swedish citizen, Roman · Strinov （Roman Sterlingov）, The suspect is a bitcoin mixed currency service operator Bitcoin Fog Operating personnel of , He was in 10 During the year, the amount of bitcoin involved in the money laundering service of mixed currency was as high as 3.36 Billion dollars .
Beosin Comment on ：
This month, 【 other aspects 】 Typical security incidents occur frequently , Such as information leakage 、 Privacy protection 、 Private key theft 、 Buy fierce 、 Gambling and other related events seriously threaten the stable development of the whole blockchain ecology . therefore , While focusing on the security situation in hot areas , Also need to take into account from the blockchain industry 【 other aspects 】 Safety risks of .
In view of the current blockchain ecology Of Security posture , 『 Chengdu Lianan 』 In conclusion ：
In general ,4 The occurrence of typical security incidents in May is less than 3 There is an obvious downward trend in July , The total number of events dropped “20” Gateway , The overall number of incidents is at a low risk level . therefore , Chengdu Lianan （Beosin）· The security team rated this month's security risk as 【 low 】.
However , It should be noted that , The distribution of typical security incidents in this month is relatively uniform , Every segment is involved , Chengdu Lianan once again suggests that all major project parties must rely on the professional strength of the third-party security company , Introduce a complete set of security solutions covering the whole life cycle , In order to improve the safety protection mechanism .
in addition ,【 other aspects 】 Security incidents that happened , It tends to be something that's easy to ignore . This month, , There are many incidents in this field , Undoubtedly, it reminds all participants of the blockchain Ecology , Besides the safety protection in key areas , Remember to deal with all kinds of unexpected challenges more comprehensively .
版权声明：本文为[Chengdu Lianan]所创，转载请带上原文链接，感谢。 https://netfreeman.com/2021/04/20210430222804669H.html