This week, unfortunate events occurred in the crypto industry, and several protocols and companies were affected by attacks by cybercriminals, causing large losses. Users are also affected by these events, so appropriate precautions must be taken. What were these attacks and what actions should be taken? Let's explore.
The week began with an attack on the Li-fi protocol, which is used for #tokens exchanges and bridges between the #Ethereum Virtual Machine (EVM) and #Solana (SOL) . #hackers had taken advantage of the lack of security and management review of a specific contract.
Cybersecurity company #Web3 , Cyvers, had given the first alert indicating that approximately $10 million in cryptocurrency had been drained.
According to a post on protocol x, the most affected users were those who authorized infinite token approvals.
So far, Lifi released a statement saying that it will compensate users who have lost their funds due to this fact.
On July 18, another unfortunate event occurred and that is that once again Cyvers had detected "multiple suspicious transactions" from the "safe" multi-signature wallet of the Indian exchange Wasirx.
Giving more details in this regard, it was learned that approximately $235 million of the exhcange multi-signature wallet fund was moved to a new address.
Because it is an exchange wallet, it contained several types of tokens, among which we have SHIB, ETH, MATIC, PEPE, USDT, GALA, FTM, among others.
In a statement about this event, the exchange had already reported this fact to the relevant authorities, and they are following the chain trail of the hacker.
Finally, on July 19, it was reported that liquidity protocol Rho Markets had suffered an exploit worth $7.6 million in digital assets.
According to research, this exploit would have occurred because a hacker had access to the protocol's blockchain oracle.
Due to this fact, operations in the protocol were paused. Once again it was asked to revoke infinite contracts in the wallet.
In the last few hours the incident was resolved, since the hacker (in a white hat) contacted the platform, and indicated that he would return all the funds, so the funds were not lost.
What actions could we take if an event happens that affects us?
In the case of the exchange, if it is an isolated event, given that if all our funds are there, we would have to wait for withdrawals to normalize (generally when events of this magnitude happen, they pause withdrawals).
In the case of protocols like Lifi and Rhomarkets, the first thing we should do is revoke all contracts that involve infinite token approvals. We can do this through our own Rabby wallet (section -> approvals) or else go to revokecash and review the affected contracts (and then revoke them).
These types of events generate distrust in the DeFi sector, resulting in other users not wanting to interact with the Dapps in the ecosystem. Personally, I recommend always being alert to any event of this type and always verifying what we sign in our wallets.
👉Do you want to continue learning about the crypto world?
Share and follow me for more 👈😎