CertiK Logo
Products
Company
Cancel
CertiK Resources
Blogs, Latest News, Announcements, and more
CertiK audited a total of over 3700 projects to date and reported on many incidents. In this report you will learn about: The most lucrative hacks in Q2 2022...
7/6/2022
Avalanche Hacks FE Seoul 2022 | How to Secure the Web3 World | CertiK
Videos
Watch and Listen as Connie Lam, Head of Shield at CertiK discusses How to Secure the Web3 World. Avalanche Hacks | FE Seoul is an in-person community event, Friday, August 12, in Seoul, right before the Avalanche Andretti Formula E race weekend. ‍Avalanche Hacks is an event series for Web3 creators working on decentralized solutions digitizing all the world's assets. At Avalanche Hacks, meet fellow Avalanche creators, learn from industry experts, and turn your ideas into reality. Avalanche is the fastest smart contracts platform in the blockchain industry, as measured by time-to-finality. Avalanche is blazingly fast, low cost, and eco-friendly. Any smart contract-enabled application can outperform its competition by deploying on Avalanche. Don’t believe it? Try an app on Avalanche today.
8/12/2022
Curve Finance Hack Incident Analysis
Analysis Reports
Curve Finance was compromised on August 9, 2022 for approximately ~$612K in total loss due to a cloned malicious site
8/10/2022
AVAX Daily & CertiK | How Safe are DeFi Protocols | Listen & Learn -  Twitter Spaces
Podcasts
We hare happy to announce the first guest for our Podcast SafeSpace #1 with CertiK about Blockchain Security: Platypus Finance - an asset liability management protocol 🤩🤩 Broadcasted August 09th, 2022
8/9/2022
What is the Avalanche Network?
Blogs
Avalanche offers developers and investors a winning combination of low fees, lightning speeds, reliability, and the kind of scalability that drives mass adoption. This blog post will introduce you to some of the innovations offered by Avalanche, and the importance of securing its ecosystem through tools such as our Avalanche smart-contract audit.
8/9/2022
Securing Blockchain Beyond Web3
Blogs
Blockchain technology is being used to make a diverse range of industries more scalable, efficient, and secure by introducing practices of decentralization. The mission to secure these new technologies has a lot to learn from the lessons of web3 security.
8/8/2022
CertiK KYC Now Screens for Tornado Cash Wallets in Response to OFAC Blacklist
Blogs
Tornado Cash is now a sanctioned entity by the United States Office of Foreign Assets Control (OFAC), meaning that no U.S. person can engage in trade, transactions, or other dealings with Tornado Cash. In light of the recent update, CertiK’s KYC on-chain investigation will now detect and analyze any wallet engagement with Tornado Cash, ensuring projects and investors are compliant with the OFAC sanctions.
8/8/2022
What are Public and Private Keys?
Blogs
Understanding private and public keys and how they interact is one of the foundational elements to understanding the web3 space. Getting a grip on how they work provides a useful way into understanding a wide range of the subsequent web3 technology, and their implications for web3 security.
8/7/2022
EverRise & CertiK | Listen & Learn - Twitter Spaces
Podcasts
Videos
Join both the #EverRise and #CertiK communities for a joint Twitter Spaces event focused around what we are all most passionate about: Security! Broadcasted August 05th, 2022
8/5/2022
Whale Coin Talk & CertiK | Securing Blockchains and the Future of Web3 | Twitter Spaces
Podcasts
Listen as Whale Coin Talk & CertiK discuss Securing Blockchains and the Future of Web3. Broadcasted August 04th, 2022
8/4/2022
Staying Ahead of Regulatory and Law Enforcement Developments in Web3
Blogs
Web3 actors and enthusiasts must pay attention to the increase in law enforcement cases as these cases are the first of many to come involving wire fraud, money laundering, Ponzi schemes, and insider trading within Web3.
8/4/2022
CertiK x Floki AMA | Security, Audits, FlokiFi Locker & More | Twitter Spaces
Podcasts
Listen as Floki and CertiK discuss Security, Audits, FlokiFi Locker and more. Broadcasted August 03th, 2022
8/3/2022
Cross-Chain Vulnerabilities & Bridge Exploits in 2022
Analysis Reports
So far in 2022, five cross-chain bridge attacks have led to losses of $1,317,000,000, amounting to 57% of the total losses in Web3 in 2022. The security vulnerabilities inherent in cross-chain bridges coupled with the lack of expertise to defend against attacks are primary drivers for the amount of assets lost.
8/1/2022
Nomad Bridge Exploit Incident Analysis
Analysis Reports
Nomad Bridge, a cross-chain bridge between Ethereum, Moonbeam, Avalanche, Evmos and Milkomeda was exploited for ~$190M.
8/1/2022
July Stats Graphic
Infographics
The July Stats Graphic shows data from hacks, scams, and incidents in July 2022
8/1/2022
Wormhole Bridge Exploit Incident Analysis
Analysis Reports
TL;DR On February 02, 2022 at 5:58 PM +UTC, a malicious actor launched multiple attacks aiming to bypass the verification process of the Wormhole bridge on Solana. The attacker carried out the second-largest crypto theft from a DeFi protocol ever, which resulted in the loss of roughly 120,000 Wormhole Ethereum (WeETH) worth over $320M.
8/1/2022
CertiK's Response to KYC Rug - Zoro Inu
Analysis Reports
In June 2022, CertiK found evidence that CertiK KYC Badge client, Zoro Inu ($zoro), rug pulled. Here is how CertiK responded to the event and why the CertiK KYC makes it possible for malicious actors to be held accountable in the event of alleged criminal activity.
8/1/2022
Revisiting Beanstalk Farms Exploit
Analysis Reports
A flash loan exploit occurred on April 17, 2022 on Beanstalk Farms. Approximately $182 million was lost, with the attacker gaining $76 million as profit.
7/28/2022
Web3 Security Trends and Best Pratices - DeFi Summit 2022 | Monier Jalal, VP of Marketing, CertiK
Videos
Watch and listen as Monier Jalal, the VP of marketing, CertiK discusses Web3 security trends and best practices.
7/27/2022
What is the Difference Between a Regular KYC and CertiK’s KYC?
Blogs
Top 5 differences between a regular KYC and the CertiK KYC program
7/27/2022
BAYC Discord Hack Connections
Analysis Reports
We have been logging Discord hacks as they occur, and can confirm that at least 30 phishing hacks are connected. This includes the BAYC Discord hack and the Beeple Twitter hack with profits over $1.3m
7/26/2022
GeckoCon | The Decentralized Future with Ronghui Gu, Co-Founder & CEO of CertiK
Videos
GeckoCon by Coin Gecko | The Decentralized Future - The Advent of Web3 14 & 15 July 2022 Join us to gain insights from thought leaders and innovators from across the blockchain sphere as we explore how Web3 will impact the future of the Creative Economy, Finance, Governance, Business and more!
7/26/2022
Revisiting Rikkei Finance Exploit
Analysis Reports
In this article we will take a look back at the exploit that occurred on Rikkei Finance which took place on 15 April 2022. The hacker was able to change the oracle to a malicious smart contract due to a lack of control measures to access the SetOracleData causing a loss of $1.1m.
7/25/2022
Tiger Incident Analysis
Analysis Reports
On 2022-07-15 09:50:19 EST, project TIGER was rugged for approximately $4.518M.
7/19/2022
PREMINT NFT Incident Analysis
Analysis Reports
At 8:00 AM UTC, Premint announced on their Twitter page that their website was compromised. They advised all users to not sign any transactions requiring them to indicate “Set Approval For All” as a setting. In total, 6 exploited wallets have been identified thus far. The profits gained from the attack at this point are ~$375k, making it one of the largest NFT hacks this year.
7/17/2022
5 Definitive Red Flags in Crypto-Investment
Blogs
In order to protect yourself from falling for the wrong crypto project, we have developed this simple safety check-list, which should help quickly screen out of your watch-list any projects exhibiting one of these 5 red flags
7/15/2022
Revisiting The My Farm Pet Flashloan
Analysis Reports
On 06 October 2021, MyFarmPet was hit by a malicious flashloan attack which profited ~31k BUSD and 100 BNB (~$22k) being deposited into Tornado Cash.
7/13/2022
What is Blockchain Analysis? | Bite Size Blockchain
Videos
Bite Size Blockchain A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 5: What is Blockchain Analysis? Check it out to learn what blockchain analysis is. https://www.certik.com/resources
7/13/2022
What is a Security Audit? | Bite Size Blockchain
Videos
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 3: What is a Security Audit? Check it out to learn what a security audit is, how to find them, and tips on what to look for https://www.certik.com/resources
7/13/2022
What is a the Metaverse? | Bite Size Blockchain
Videos
Bite Size Blockchain A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 4: What is the Metaverse? Check it out to learn what the #metaverse is, where it came from, what you can use it for, and more all under 2 min! https://www.certik.com/resources
7/13/2022
Uniswap Phishing Incident Analysis
Analysis Reports
On 11 July 2022, an attack that impersonated Uniswap occurred, resulting in the exploiter gaining 3,278 ETH (~$3.6M) and 240 WBTC (~$4.7M) from Positions NFTs in a phishing campaign.
7/12/2022