Curve Finance was compromised on August 9, 2022 for approximately ~$612K in total loss due to a cloned malicious site

#crypto #podcast #twitterspaces #avalanche #avax #certik We hare happy to announce the first guest for our Podcast SafeSpace #1 with CertiK about Blockchain Security: Platypus Finance - an asset liability management protocol 🤩🤩 Broadcasted August 09th, 2022

Avalanche offers developers and investors a winning combination of low fees, lightning speeds, reliability, and the kind of scalability that drives mass adoption. This blog post will introduce you to some of the innovations offered by Avalanche, and the importance of securing its ecosystem through tools such as our Avalanche smart-contract audit.

Blockchain technology is being used to make a diverse range of industries more scalable, efficient, and secure by introducing practices of decentralization. The mission to secure these new technologies has a lot to learn from the lessons of web3 security.

Tornado Cash is now a sanctioned entity by the United States Office of Foreign Assets Control (OFAC), meaning that no U.S. person can engage in trade, transactions, or other dealings with Tornado Cash. In light of the recent update, CertiK’s KYC on-chain investigation will now detect and analyze any wallet engagement with Tornado Cash, ensuring projects and investors are compliant with the OFAC sanctions.

Understanding private and public keys and how they interact is one of the foundational elements to understanding the web3 space. Getting a grip on how they work provides a useful way into understanding a wide range of the subsequent web3 technology, and their implications for web3 security.

#crypto #podcast #twitterspaces #everrise #certik Join both the #EverRise and #CertiK communities for a joint Twitter Spaces event focused around what we are all most passionate about: Security! Broadcasted August 05th, 2022

Web3 actors and enthusiasts must pay attention to the increase in law enforcement cases as these cases are the first of many to come involving wire fraud, money laundering, Ponzi schemes, and insider trading within Web3.

So far in 2022, five cross-chain bridge attacks have led to losses of $1,317,000,000, amounting to 57% of the total losses in Web3 in 2022. The security vulnerabilities inherent in cross-chain bridges coupled with the lack of expertise to defend against attacks are primary drivers for the amount of assets lost.

Nomad Bridge, a cross-chain bridge between Ethereum, Moonbeam, Avalanche, Evmos and Milkomeda was exploited for ~$190M.

The July Stats Graphic shows data from hacks, scams, and incidents in July 2022

TL;DR On February 02, 2022 at 5:58 PM +UTC, a malicious actor launched multiple attacks aiming to bypass the verification process of the Wormhole bridge on Solana. The attacker carried out the second-largest crypto theft from a DeFi protocol ever, which resulted in the loss of roughly 120,000 Wormhole Ethereum (WeETH) worth over $320M.

In June 2022, CertiK found evidence that CertiK KYC Badge client, Zoro Inu ($zoro), rug pulled. Here is how CertiK responded to the event and why the CertiK KYC makes it possible for malicious actors to be held accountable in the event of alleged criminal activity.

A flash loan exploit occurred on April 17, 2022 on Beanstalk Farms. Approximately $182 million was lost, with the attacker gaining $76 million as profit.

Watch and listen as Monier Jalal, the VP of marketing, CertiK discusses Web3 security trends and best practices.

Top 5 differences between a regular KYC and the CertiK KYC program

We have been logging Discord hacks as they occur, and can confirm that at least 30 phishing hacks are connected. This includes the BAYC Discord hack and the Beeple Twitter hack with profits over $1.3m

GeckoCon by Coin Gecko | The Decentralized Future - The Advent of Web3 14 & 15 July 2022 Join us to gain insights from thought leaders and innovators from across the blockchain sphere as we explore how Web3 will impact the future of the Creative Economy, Finance, Governance, Business and more!

In this article we will take a look back at the exploit that occurred on Rikkei Finance which took place on 15 April 2022. The hacker was able to change the oracle to a malicious smart contract due to a lack of control measures to access the SetOracleData causing a loss of $1.1m.

On 2022-07-15 09:50:19 EST, project TIGER was rugged for approximately $4.518M.

At 8:00 AM UTC, Premint announced on their Twitter page that their website was compromised. They advised all users to not sign any transactions requiring them to indicate “Set Approval For All” as a setting. In total, 6 exploited wallets have been identified thus far. The profits gained from the attack at this point are ~$375k, making it one of the largest NFT hacks this year.

In order to protect yourself from falling for the wrong crypto project, we have developed this simple safety check-list, which should help quickly screen out of your watch-list any projects exhibiting one of these 5 red flags

On 06 October 2021, MyFarmPet was hit by a malicious flashloan attack which profited ~31k BUSD and 100 BNB (~$22k) being deposited into Tornado Cash.

Bite Size Blockchain A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 5: What is Blockchain Analysis? Check it out to learn what blockchain analysis is. https://www.certik.com/resources