🚀BlockSec and OKX Explorer @OKXExplorer have launched a comprehensive partnership focusing on blockchain data interoperability, product integration, and API enhancements.
Enhanced security measures attract more users, increase TVL, and drive ecosystem prosperity, promoting wider adoption. YESSS! Security is CRUCIAL for the growth of L2!
As a security company, BlockSec offers an effective solution for L2 networks with the Sequencer Threat Overwatch Program (S.T.O.P). Leveraging BlockSec Phalcon's @Phalcon_xyz excellent threat detection capabilities, S.T.O.P brings innovative security solutions to L2.
We have released our dataset on Web3 phishing website detection, containing 26,333 phishing URLs. Feel free to use the dataset for further research and development of better anti-phishing solutions.
.@OnyxDAO was attacked, resulting in a loss of nearly $4M. The root cause was unverified user input during the liquidation process. Specifically, key parameters of the liquidateWithSingleRepay function in the NFTLiquidation contract were controllable by the attacker, allowing manipulation of the extraRepayAmount variable through the repayAmount parameter. By exploiting this, the attacker was able to liquidate all collateral with just one token.
The key attack steps are summarized as follows: 1. The attacker first deposited oETH and borrowed various assets to reach the liquidation threshold. Simultaneously, they created a new contract that, through a donation attack and precision loss (inherent from the Compound V2 fork), reduced the oETH exchange rate, making the attacker's position eligible for liquidation. 2. The attacker then performed the liquidation. Due to insufficient parameter validation, the attacker manipulated the extraRepayAmount variable, which was added to the calculation of how many tokens needed to be liquidated. This allowed the attacker to obtain more oETH through liquidation, leading to a profit.
Address poisoning is on BTC now. The following is one concrete case. The phishing address (address 1) is disguising address 2 to send a small amount of BTC to address 3. Since addresses 2 and 3 have historic transactions, the attacker hopes to trick the owner into copying the wrong address.
A phishing transaction profited more than 54M Dai! The attacker lures the victim into signing a TX to change the vault owner and then executes a TX to drain the vault!
In our latest talk at @BlackHatEvents, Prof. Yajin Zhou @yajinzhou shares how to reuse opcode trace to prevent smart contract exploits, a technique that has already rescued over $20 million and been productized into our Phalcon @Phalcon_xyz.
The #BlockSec team is excited to attend Black Hat @BlackHatEvents and thrilled to join top security experts in LAS VEGAS, sharing groundbreaking security research and tech innovations. Our CEO, Prof. Yajin Zhou @yajinzhou, will share blockchain security insights.
🎙️ "Use Your Spell Against You: Threat Prevention of Smart Contract Exploit By Reusing Opcode Trace" 🗓️ August 8, 2024, 14:30-15:00 📍 Mandalay Bay H, Level 2 🔗https://t.co/U5gB1vWNEI
The core technical capabilities mentioned have saved over $20 million in losses through more than 20 white hat rescues by BlockSec. This technology has been productized into a standard SaaS platform, Phalcon @Phalcon_xyz.
The #BlockSec team is excited to attend the Science of Blockchain Conference 2024 (#SBC24) co-hosted by @initc3org, @CBRStanford, and @BerkeleyRDI at Columbia University @Columbia 📚🌐
This is where the BRIGHTEST minds in the field come together. Meet us at this premier event, and let's dive deep into the latest technical innovations in the blockchain ecosystem.
A warm welcome! 🤝 Info Here🔗 https://t.co/LXCmfPx61f
🚀 We're thrilled to announce that BlockSec has completed the security audit for Neo X, an EVM-compatible and MEV-resistant sidechain of @Neo_Blockchain!
https://t.co/dFZfkxTiOj
Our thorough audit establishes a strong first line of defense for the Neo X ecosystem. Learn more in the full article 👇🏻
Thrilled to announce that Phalcon now supports Mantle Network @0xMantle, providing unbreakable post-launch security for Mantle Ecosystem. Say goodbye to hacks! 🚀🚀🚀 https://t.co/gJRrFNc9jH
Protocols and LPs on Mantle Network, discover how the collab will secure your contracts and funds 👇 #BlockchainSecurity #MantleNetwork #Phalcon
We're thrilled to announce that BlockSec will be showcasing at the world's largest Bitcoin event, #Bitcoin2024 Nashville, from July 25 to 27. Join us at Booth 625 with @exSatNetwork for great conversations, networking opportunities, and exclusive swag gifts!
We're thrilled to announce that BlockSec will be showcasing at the world's largest Bitcoin event, #Bitcoin2024 Nashville, from July 25 to 27. Join us at Booth 625 with @exSatNetwork for great conversations, networking opportunities, and exclusive swag gifts!
Let's power the future of #Bitcoin, together! #Bitcoin2024 #BlockSec #web3 #trump #bitcoin #BlockSec
GM, even at the weekend cannot stop learning Web3 security right? We have a dashboard for every security incident, including tx hash, loss, PoC, and other related information.