In June, CertiK Skyfall team conducting whitehat research discovered a critical vulnerability in the Kraken platform. We notified the exchange to ensure this important vulnerability was fixed—which was a win for blockchain and Web3 security.
On June 30th, 2023, the liquidity migrator contract of Biswap, for migrating liquidity from v2 to v3, was exploited. The vulnerable code is located on the `MigratorV3` contract, which is not audited by Certik.
On June 14th, 2023, Hashflow experienced a loss of ~$605k across five chains. The vulnerable contract is unverified and the vulnerable `0x1ce5` function contains a `transferFrom` function the attacker could trigger to steal user funds when approved. The vulnerable function was absent from the audited codebase, it is out of the audit scope.
1/7/2024
Largest Blockchain Security Auditor
Ready to take the next step? Connect with our sales team to request your free quote and secure your project today!