-The Hidden Risks of Hash Functions: Length Extension -- Attacks and Server-Side Security Vulnerabilities - Exploring Risks of On-Chain Options Exchanges: Part 1,2 @EthSecurity1
Medium
The Hidden Risks of Hash Functions: Length Extension Attacks and Server-Side Security…
Introduction
🔥5
CharismaBtc hack post-mortem
183k $stx loss https://exvul.com/a-new-attack-on-bitcoin-defi/
@EthSecurity1
183k $stx loss https://exvul.com/a-new-attack-on-bitcoin-defi/
@EthSecurity1
EXVUL
A new attack on bitcoin defi protocol
(CharismaBTC hack incident analysis) 1.BACKGORUND This […]
Binance data leak https://twitter.com/PabloSabbatella/status/1838238994091413994
🔥2😱1
this is old but interesting, if users in berachain blockchain send msg.value less than the amount they set, the MultiSwap contract (the router) will use BERA tokens it holds, which are small and isolated from the pools’ assets. https://x.com/dvzhangtz/status/1815771395328225361 this was patched by a white hat @EthSecurity
X (formerly Twitter)
Frank-Zhang.eth (@dvzhangtz) on X
🚨 Urgent Security Alert for @Berachain 🚨
A critical security vulnerability in Berachain that could potentially drain all liquidity pools !!!
As a dedicated blockchain developer, I've come across a critical security vulnerability in Berachain that could…
A critical security vulnerability in Berachain that could potentially drain all liquidity pools !!!
As a dedicated blockchain developer, I've come across a critical security vulnerability in Berachain that could…
🔥2
unverified contract lost 140$ k https://nickfranklin.site/2024/09/25/unverified-contract0xff2481-hacked-by-reentrancy-attack/ @EthSecurity1
👍6
*critical* issue on Bedrock protocol.
The issue was exploited some hours later, but damage was contained.
Vulnerability was in minting uniBTC, a ~$75m asset (on Ethereum alone, plus much more on 8+ other chains).
Issue: Exploiter could mint 1unibtc with 1ether
BTC has 8 decimals, ETH has 18 decimals. If you send 1 ETH you get many times more than 1 BTC. There's not even price conversion involved, since in reality 1 BTC =~ 30 ETH.
@EthSecurity1
The issue was exploited some hours later, but damage was contained.
Vulnerability was in minting uniBTC, a ~$75m asset (on Ethereum alone, plus much more on 8+ other chains).
Issue: Exploiter could mint 1unibtc with 1ether
BTC has 8 decimals, ETH has 18 decimals. If you send 1 ETH you get many times more than 1 BTC. There's not even price conversion involved, since in reality 1 BTC =~ 30 ETH.
@EthSecurity1
👍4
Web3 Ping of Death: Finding and Fixing a Chain-Halting Vulnerability in NEAR In December of 2023, Zellic's found a bug in NEAR's blockchain node. @EthSecurity1
www.zellic.io
Web3 Ping of Death: Finding and Fixing a Chain-Halting Vulnerability in NEAR | Zellic — Research
A look into how Zellic identified and helped fix a vulnerability in NEAR Protocol
👍1
EthSecurity
*critical* issue on Bedrock protocol. The issue was exploited some hours later, but damage was contained. Vulnerability was in minting uniBTC, a ~$75m asset (on Ethereum alone, plus much more on 8+ other chains). Issue: Exploiter could mint 1unibtc with…
https://mirror.xyz/0xF3c0C25090ae1458FC152947Aab57253cB8E0F0F/7dqKrAfS20rr3m_zuCwN80lChYTB0Cniie5IrdiC9ZQ First, tokens must be registered to be included in the current total balance of native or wrapped BTC tokens. Second, if a token is not registered, the contract returns 0, meaning it cannot be found in the tokenHolders variable. The following figure shows that only FBTC, WBTC, and cbBTC have been registered, while NATIVE_BTC has NOT. On one hand, NATIVE_BTC should NOT be registered in this contract, as it is not intended to be supported. On the other hand, failing to register NATIVE_BTC results in the totalSupply always being ZERO, which contradicts the caps restriction mechanism.
Since the total supply at that time was ZERO instead of reflecting the msg.value received by the contract, the check the Vault contract passed, allowing the minting of uniBTC using native tokens on non-native BTC chains.
Therefore, on a non-native BTC chain, replacing the balance with the total supply is acceptable for wrapped BTC tokens but problematic for native tokens.
@EthSecurity1
Since the total supply at that time was ZERO instead of reflecting the msg.value received by the contract, the check the Vault contract passed, allowing the minting of uniBTC using native tokens on non-native BTC chains.
Therefore, on a non-native BTC chain, replacing the balance with the total supply is acceptable for wrapped BTC tokens but problematic for native tokens.
@EthSecurity1
👍2
- 20 Common Solidity Beginner Mistakes - Try Catch and all the ways Solidity can revert @EthSecurity1
rareskills.io
20 Common Solidity Beginner Mistakes | RareSkills
20 Common Solidity Beginner Mistakes Our intent is not to be patronizing towards developers early in their journey with this article. Having reviewed code from numerous Solidity developers, we’ve...
👍5
New phishing trick in Microsoft store https://x.com/LehmannLorenz/status/1841545179825942991
@EthSecurity1
@EthSecurity1
👍2
"We have developed Web3AuthChecker, a dynamic detection tool that interacts with Web3 authentication-related APIs to identify vulnerabilities.
Our evaluation of real-world Web3 applications shows that a staggering 75.8% (22/29) of Web3 authentication deployments are at risk of blind message attacks." https://arxiv.org/pdf/2406.00523 @EthSecurity1
Our evaluation of real-world Web3 applications shows that a staggering 75.8% (22/29) of Web3 authentication deployments are at risk of blind message attacks." https://arxiv.org/pdf/2406.00523 @EthSecurity1
👍1
eigenlayer : In an isolated incident this morning, an email thread involving one investor’s transfer of tokens into custody was compromised by a malicious attacker.
As a result, 1,673,645 EIGEN tokens were erroneously transferred to the attacker’s address. The attacker sold these stolen EIGEN tokens via a decentralized swap platform and transferred stablecoins to centralized exchanges. We are in contact with these platforms and law enforcement. A portion of the funds have already been frozen.
The compromise has not impacted the broader ecosystem. There is no known vulnerability in the protocol or token contracts and this compromise was not related to any onchain functionality.
We continue to investigate the situation and will be posting further information once we have it. @EthSecurity1
As a result, 1,673,645 EIGEN tokens were erroneously transferred to the attacker’s address. The attacker sold these stolen EIGEN tokens via a decentralized swap platform and transferred stablecoins to centralized exchanges. We are in contact with these platforms and law enforcement. A portion of the funds have already been frozen.
The compromise has not impacted the broader ecosystem. There is no known vulnerability in the protocol or token contracts and this compromise was not related to any onchain functionality.
We continue to investigate the situation and will be posting further information once we have it. @EthSecurity1
👍2
Unverified contract lost $280k due to sandwich attack.There's a function that can be used for swapping WBNB to EGA token in victim contract. This function has no access control, anyone can call this function with only 1 wei. This is vulnerable to
https://app.blocksec.com/explorer/tx/bsc/0xece4a4ac46660618ecee43826fc6f89fe4beaef87ca5e5786f763892b48bc999
https://app.blocksec.com/explorer/tx/bsc/0xece4a4ac46660618ecee43826fc6f89fe4beaef87ca5e5786f763892b48bc999
Blocksec
0xece4a4ac46660618ec | Phalcon Explorer
Security suite for Protocols, Developers, LPs, & Traders - safeguarding your blockchain journey
🔥3