Overview
According to the SlowMist Blockchain Hacked Archive (https://hacked.slowmist.io), in May 2024, there were 31 security incidents with a total loss of approximately US$124 million. The reasons involved contract loopholes, address pollution attacks, running away, and account theft.
Main Events
Whale
On May 3, 2024, a whale was phished by a phishing attack with the same address, and 1,155 WBTC were phished away, worth about $70 million. For details, see Spend a little money to catch a big fish | Revealing the 1,155 WBTC phishing incident. On May 10, according to the monitoring of the SlowMist security team, the hacker returned the victim's funds.
https://x.com/SlowMist_Team/status/1788847044632920238
Sonne Finance
On May 14, 2024, Sonne Finance, the native lending protocol of Optimism based on Compound, was attacked by a flash loan, resulting in a loss of more than $20 million. After the incident, Seal contributors saved about $6.5 million by adding about $100 worth of VELO to the market. The attack took advantage of a vulnerability in the newly added market. Within two days of the market's creation, the attacker used multi-signature wallets and time lock functions to execute key transactions and successfully manipulated the market's collateral factors (c-factors).
https://x.com/tonyke_bot/status/1790547461611860182
pump.fun
On May 16, 2024, the Solana-based meme coin generator pump.fun was attacked and lost 12,300 SOL (worth about $1.9 million), and the attacker then began to airdrop funds to some random wallets. pump.fun tweeted that the attack was caused by a former employee who used his privileges in the company to illegally obtain withdrawal permissions and carried out a flash loan attack with the help of the lending protocol.
https://x.com/pumpdotfun/status/1791235050643636303
Gala Games
On May 20, 2024, the Web3 gaming platform Gala Games was attacked, resulting in a loss of approximately $21.8 million. The attacker minted 5 billion GALA tokens, worth more than $200 million, and then quickly sold 592 million GALA tokens for 5,952 ETH. On May 22, according to on-chain records and Gala Games' statement on Discord, the hacker returned 5,913.2 ETH.
https://x.com/Benefactor0101/status/1792698768166715776 Summary
Among the 31 security incidents this month, 14 were caused by contract vulnerability exploitation, accounting for 42% of the total number of incidents. The SlowMist security team recommends that project owners always remain vigilant and conduct security audits regularly to track and resolve new security threats and vulnerabilities to protect project and asset security to the greatest extent possible.
The biggest loss this month was caused by 1 phishing incident with the same first and last number address, followed by 2 private key leakage security incidents, resulting in a loss of about 26 million US dollars. The SlowMist security team recommends that project owners carry out internal security training and authority management, improve employees' security awareness and avoid internal malicious activities;
This month, there were 4 security incidents that recovered a total of approximately 92.58 million USD, of which 3 incidents recovered almost all the funds. An appropriate incident response mechanism can help mitigate losses and increase the chances of recovering funds. Therefore, the SlowMist security team recommends that project owners not only take preventive measures, but also establish a sound emergency plan.
Finally, more blockchain security incidents can be viewed in the SlowMist Blockchain Hack Archive (https://hacked.slowmist.io/).
