CertiK
329,711 megtekintés
91 Bejegyzések
Népszerű
Legfrissebb
Blockchain security firm #CertiK has raised #ShibaInu 's security score back to AAA.
Shiba Inu, which had a decrease in #CertiK safety score a while ago, regained the AAA level top safety score.
The fact that meme tokens took such strong steps in the crypto money industry was greeted with enthusiasm by their fans. Rising to the AAA level again, #SHIBAINU was appreciated with the points it earned.
👉Base Health: 92.32
👉Operational Flexibility: 92.52
👉Governance Power: 97.08
👉Market Stability: 96.60
👉Social Trust: 92.41
👉Code Security: 91.02
Shiba Inu, which had a decrease in #CertiK safety score a while ago, regained the AAA level top safety score.
The fact that meme tokens took such strong steps in the crypto money industry was greeted with enthusiasm by their fans. Rising to the AAA level again, #SHIBAINU was appreciated with the points it earned.
👉Base Health: 92.32
👉Operational Flexibility: 92.52
👉Governance Power: 97.08
👉Market Stability: 96.60
👉Social Trust: 92.41
👉Code Security: 91.02
ANOTHER ONE - FANTOM FOUNDATION HACKED FOR ROUGHLY $6.7M
The Fantom Foundation, the organization behind the Fantom network, is reported to have been hacked for an estimated $6.7 million in cryptocurrency. The hack was disclosed by on-chain investigator Spreek and later confirmed by security platform #CertiK , although CertiK estimated the loss at a much lower $657,000. The stolen assets include Convex tokens, Dai, USDC, and Fantom tokens, sent to accounts with "Fake_Phishing" labels. It's important to note that the #fantom network itself wasn't compromised; the attack was against the foundation's wallets. As of now, the foundation has not officially confirmed the incident
Share with your friends
The Fantom Foundation, the organization behind the Fantom network, is reported to have been hacked for an estimated $6.7 million in cryptocurrency. The hack was disclosed by on-chain investigator Spreek and later confirmed by security platform #CertiK , although CertiK estimated the loss at a much lower $657,000. The stolen assets include Convex tokens, Dai, USDC, and Fantom tokens, sent to accounts with "Fake_Phishing" labels. It's important to note that the #fantom network itself wasn't compromised; the attack was against the foundation's wallets. As of now, the foundation has not officially confirmed the incident
Share with your friends
📌 #Worldcoin ’s Orb had serious security vulnerability in operator onboarding : #CertiK - Biggest Blockchain Audit Company
#Aicrypto #googleai #altmaneyes
$WLD $HIGH $BTC
#Aicrypto #googleai #altmaneyes
$WLD $HIGH $BTC
CertiK Uncovers High-Risk Vulnerability in Telegram Desktop App
CertiK, a blockchain security company, recently revealed a significant security flaw within the #Telegram messaging app that puts users at risk of cyber-attacks. The announcement was made on April 9 via the social media site X, where CertiK Alert highlighted a dangerous vulnerability that could enable attackers to carry out remote code execution (RCE) attacks by exploiting Telegram’s media processing capabilities.
The vulnerability, identified in the media processing functions of the Telegram Desktop application, can be triggered by attackers using maliciously crafted media files, including images and videos. CertiK's investigation pinpointed a specific RCE attack vector within these processes, signaling a direct threat to users.
A #CertiK spokesperson, in conversation with Cointelegraph, clarified that this vulnerability is unique to the desktop version of Telegram. The mobile version is safer in this regard since it doesn't execute executable files directly, a process that typically requires digital signatures for additional security. This information was shared in response to concerns raised within the security community.
For those using Telegram on desktop devices, CertiK advises reviewing and adjusting the application’s settings to mitigate the risk. Specifically, users should disable the auto-download feature to prevent the automatic processing of potentially dangerous files. This precaution can be taken by accessing the “Settings” menu, followed by the “Advanced” options, where the auto-download functionality can be turned off.
CertiK, a blockchain security company, recently revealed a significant security flaw within the #Telegram messaging app that puts users at risk of cyber-attacks. The announcement was made on April 9 via the social media site X, where CertiK Alert highlighted a dangerous vulnerability that could enable attackers to carry out remote code execution (RCE) attacks by exploiting Telegram’s media processing capabilities.
The vulnerability, identified in the media processing functions of the Telegram Desktop application, can be triggered by attackers using maliciously crafted media files, including images and videos. CertiK's investigation pinpointed a specific RCE attack vector within these processes, signaling a direct threat to users.
A #CertiK spokesperson, in conversation with Cointelegraph, clarified that this vulnerability is unique to the desktop version of Telegram. The mobile version is safer in this regard since it doesn't execute executable files directly, a process that typically requires digital signatures for additional security. This information was shared in response to concerns raised within the security community.
For those using Telegram on desktop devices, CertiK advises reviewing and adjusting the application’s settings to mitigate the risk. Specifically, users should disable the auto-download feature to prevent the automatic processing of potentially dangerous files. This precaution can be taken by accessing the “Settings” menu, followed by the “Advanced” options, where the auto-download functionality can be turned off.
Breaking: CertiK’s $3m Kraken spat: Hacker used the same bug to exploit other exchanges week before
There's a new twist in the CertiK white-hat hacking saga.Onchain records show that at an earlier date someone tried to exploit the same bug the auditor discovered in Kraken.
The bug that #Kraken said it patched had been used to exploit other centralised exchanges as early as last month, according to multiple crypto security experts.
That’s the latest development in the saga of two major crypto players, US-based exchange Kraken and auditor #CertiK .
On Wednesday, Kraken said it patched a “critical” bug that allowed millions of dollars in crypto to be erroneously withdrawn from the US-based exchange.
CertiK came under fire after it admitted to being behind the exploit of that bug. The firm withdrew $3 million from Kraken over several days in early June.
After a public back-and-forth, CertiK returned all the funds it took and called its actions a white-hat operation, meaning they ostensibly acted as ethical hackers with the intention of identifying and fixing security vulnerabilities rather than exploiting them for malicious purposes.
Onchain records first identified by security platform Hexagate, and confirmed to DL News by multiple other security researchers, show a hacker attempted to exploit other crypto exchanges — using the same bug as early as May 17.
Those attempts came three weeks before CertiK said it found the bug on Kraken on June 5.
“We have no evidence these exchanges have been impacted,” Hexagate posted on X. “We only traced onchain evidence for similar activity.”
Centralised crypto exchanges hold a gargantuan amount of crypto on their customers’ behalf. The top five crypto exchanges that have publicly disclosed their wallet addresses hold a combined $172 billion worth of crypto, per DefiLlama data.
CertiK didn’t immediately respond to DL News’ request for comment.
Attempted exploits
The records highlighted by Hexagate show a hacker attempted to use a so-called “revert” attack to trick centralised exchanges into letting them withdraw funds.
To do that, the hacker created a smart contract that contains a transaction to deposit funds to a centralised exchange. The contract is engineered so that the main transaction succeeds but the deposit reverts.
This tricks the exchange into thinking a user has deposited funds when they haven’t. The hacker then requests a withdrawal from the exchange, debiting the fake deposit amount.
nchain records show multiple attempts to use such a contract when depositing funds to Binance took place on BNB Chain on May 17.
Between May 29 and June 5, the same address, as well as another that was funded by it, made similar attempts on OKX, BingX and Gate.io on BNB Chain, Arbitrum, and Optimism.
Is CertiK involved?
Although CertiK first disclosed the revert attack publicly, there’s no proof it was involved in those earlier attacks.
Smart contracts functions each have a so-called signature hash they can be identified by.
In the case of the revert attack contract, the signature hash isn’t available, meaning the name of the function isn’t publicly known, a security researcher who wished to remain anonymous told DL News.
This means the function name for the revert attack is known onto CertiK or someone else has used exactly the same name as well, the researcher said.
The bug that #Kraken said it patched had been used to exploit other centralised exchanges as early as last month, according to multiple crypto security experts.
That’s the latest development in the saga of two major crypto players, US-based exchange Kraken and auditor #CertiK .
On Wednesday, Kraken said it patched a “critical” bug that allowed millions of dollars in crypto to be erroneously withdrawn from the US-based exchange.
CertiK came under fire after it admitted to being behind the exploit of that bug. The firm withdrew $3 million from Kraken over several days in early June.
After a public back-and-forth, CertiK returned all the funds it took and called its actions a white-hat operation, meaning they ostensibly acted as ethical hackers with the intention of identifying and fixing security vulnerabilities rather than exploiting them for malicious purposes.
Onchain records first identified by security platform Hexagate, and confirmed to DL News by multiple other security researchers, show a hacker attempted to exploit other crypto exchanges — using the same bug as early as May 17.
Those attempts came three weeks before CertiK said it found the bug on Kraken on June 5.
“We have no evidence these exchanges have been impacted,” Hexagate posted on X. “We only traced onchain evidence for similar activity.”
Centralised crypto exchanges hold a gargantuan amount of crypto on their customers’ behalf. The top five crypto exchanges that have publicly disclosed their wallet addresses hold a combined $172 billion worth of crypto, per DefiLlama data.
CertiK didn’t immediately respond to DL News’ request for comment.
Attempted exploits
The records highlighted by Hexagate show a hacker attempted to use a so-called “revert” attack to trick centralised exchanges into letting them withdraw funds.
To do that, the hacker created a smart contract that contains a transaction to deposit funds to a centralised exchange. The contract is engineered so that the main transaction succeeds but the deposit reverts.
This tricks the exchange into thinking a user has deposited funds when they haven’t. The hacker then requests a withdrawal from the exchange, debiting the fake deposit amount.
nchain records show multiple attempts to use such a contract when depositing funds to Binance took place on BNB Chain on May 17.
Between May 29 and June 5, the same address, as well as another that was funded by it, made similar attempts on OKX, BingX and Gate.io on BNB Chain, Arbitrum, and Optimism.
Is CertiK involved?
Although CertiK first disclosed the revert attack publicly, there’s no proof it was involved in those earlier attacks.
Smart contracts functions each have a so-called signature hash they can be identified by.
In the case of the revert attack contract, the signature hash isn’t available, meaning the name of the function isn’t publicly known, a security researcher who wished to remain anonymous told DL News.
This means the function name for the revert attack is known onto CertiK or someone else has used exactly the same name as well, the researcher said.
🔒💰 Blockchain security firm CertiK reveals that exploits and hacking damages amounted to $303M in July this year, with exploit damages making up $285M and flash loans $8.7M, reports CoinDesk 📉⚠️
#CertiK #BlockchainSecurity #CryptoNews 🌐🚨
#CertiK #BlockchainSecurity #CryptoNews 🌐🚨
🔒🕵️♂️ CertiK, the blockchain security expert, has unveiled insights from their investigation into the $1 million cryptocurrency-stealing operation named 'Faint'. 🚨🔍 Operating since 2022, the culprits remain unidentified. CertiK found Ethereum Name Service (ENS) domains linked to Faint, such as 'faintxbt.eth' and 'hzontop.eth'. Stay vigilant and protect your assets! 💻💰 #CertiK #CryptocurrencySecurity #FaintInvestigation #StaySafe
🚀 CertiK, a blockchain security company, has undergone restructuring and laid off 15% of its employees as part of a strategy to realign its team structure and respond to market conditions. Other blockchain companies have also seen staff reductions recently. #CertiK #Blockchain #Restructuring
Crypto Security Firm CertiK Reports $103.7M Loss Due to Exploits, Hacks, and Scams in April Alone
Crypto Security Firm CertiK Reports $103.7M Loss Due to Exploits, Hacks, and Scams in April Alone
In the month of April, the crypto industry witnessed a significant amount of money lost due to vulnerabilities, frauds, and hacks. According to a report by CertiK, a crypto security and auditing company, the total loss amounted to $103.7 million, bringing the year's overall loss to $429.7 million. With the increasing number of crypto-related scams, hacks, and rug pulls, it is crucial for users and investors to exercise caution and conduct extensive research before investing in any cryptocurrency project.
The Rise of Crypto Exploits, Hacks, and Scams The month of April saw several significant hacks, including the Bitrue exchange hot wallet exploit, which resulted in a loss of $22 million, and the South Korean GDAC exchange hack, which cost investors $13 million. Additionally, the exploitation of several MEV trading bots on April 3 led to a loss of $25.4 million. The overall losses incurred due to crypto and DeFi exploits during the month amounted to $74.5 million, which is almost half of the total amount lost in the first four months of the year.
Exit scams were another contributing factor to the large amount of money lost in April, with losses totaling $9.4 million. Merlin DEX was responsible for the most successful exit scam, resulting in a loss of $2.7 million. This was particularly alarming since the protocol had been audited by CertiK, which had previously warned about centralization problems. In response, CertiK implemented a compensation plan, demanding that the malicious developer return 80% of the stolen funds and offering a white hat bounty of 20% of the total amount.
Flash loan attacks were also prevalent in April, resulting in losses of around $20 million. Yearn Finance was the primary victim of these attacks, with a hacker exploiting an outdated smart contract on April 13. The Rekt Database maintained by De.Fi documented over fifty crypto-related scams, hacks, and rug pulls, with Memecoin rug pulls accounting for a significant chunk of the total. The flash loan assault against the Polygon-based Ovix protocol, which resulted in a loss of $2 million, was the most recent incident documented in the database.
The Need for Stronger Security Measures With the increasing number of crypto-related exploits, hacks, and scams, it is vital for users and investors to exercise caution and conduct due diligence before investing in any cryptocurrency project. Auditing companies such as CertiK play a critical role in determining the nature of any possible security threats and elevating the level of industry-wide security.
Takeaways:
The crypto industry witnessed a loss of $103.7 million due to exploits, hacks, and scams in April alone.
Crypto and DeFi exploits accounted for losses of $74.5 million, with flash loan attacks resulting in losses of around $20 million.
Exit scams were responsible for losses totaling $9.4 million, with Merlin DEX responsible for the most successful exit scam.
Users and investors must conduct extensive research and due diligence before investing in any cryptocurrency project.
Auditing companies like CertiK are crucial in identifying possible security threats and enhancing industry-wide security.
Conclusion:
The increasing number of crypto-related exploits, hacks, and scams is a cause for concern in the crypto industry. While auditing companies like CertiK play a crucial role in identifying possible security threats, it is the responsibility of users and investors to exercise caution and conduct due diligence before investing in any cryptocurrency project. By taking appropriate security measures, the industry can protect itself against future exploits, hacks, and scams, thereby increasing the confidence of users
Hey, it's CryptoPatel here!
I'm passionate about providing you with the latest insights and analysis on the world of cryptocurrencies.
If you enjoy my content and want to show your support, please like, share, and follow me for more high-quality updates.
Thank you for your support, and let's continue to stay connected for more exciting content!
LIKE ❤️
Share ⏩
Follow 🤝
#eth2.0 #Binance #Airdrop #CertiK #CryptoPatel
In the month of April, the crypto industry witnessed a significant amount of money lost due to vulnerabilities, frauds, and hacks. According to a report by CertiK, a crypto security and auditing company, the total loss amounted to $103.7 million, bringing the year's overall loss to $429.7 million. With the increasing number of crypto-related scams, hacks, and rug pulls, it is crucial for users and investors to exercise caution and conduct extensive research before investing in any cryptocurrency project.
The Rise of Crypto Exploits, Hacks, and Scams The month of April saw several significant hacks, including the Bitrue exchange hot wallet exploit, which resulted in a loss of $22 million, and the South Korean GDAC exchange hack, which cost investors $13 million. Additionally, the exploitation of several MEV trading bots on April 3 led to a loss of $25.4 million. The overall losses incurred due to crypto and DeFi exploits during the month amounted to $74.5 million, which is almost half of the total amount lost in the first four months of the year.
Exit scams were another contributing factor to the large amount of money lost in April, with losses totaling $9.4 million. Merlin DEX was responsible for the most successful exit scam, resulting in a loss of $2.7 million. This was particularly alarming since the protocol had been audited by CertiK, which had previously warned about centralization problems. In response, CertiK implemented a compensation plan, demanding that the malicious developer return 80% of the stolen funds and offering a white hat bounty of 20% of the total amount.
Flash loan attacks were also prevalent in April, resulting in losses of around $20 million. Yearn Finance was the primary victim of these attacks, with a hacker exploiting an outdated smart contract on April 13. The Rekt Database maintained by De.Fi documented over fifty crypto-related scams, hacks, and rug pulls, with Memecoin rug pulls accounting for a significant chunk of the total. The flash loan assault against the Polygon-based Ovix protocol, which resulted in a loss of $2 million, was the most recent incident documented in the database.
The Need for Stronger Security Measures With the increasing number of crypto-related exploits, hacks, and scams, it is vital for users and investors to exercise caution and conduct due diligence before investing in any cryptocurrency project. Auditing companies such as CertiK play a critical role in determining the nature of any possible security threats and elevating the level of industry-wide security.
Takeaways:
The crypto industry witnessed a loss of $103.7 million due to exploits, hacks, and scams in April alone.
Crypto and DeFi exploits accounted for losses of $74.5 million, with flash loan attacks resulting in losses of around $20 million.
Exit scams were responsible for losses totaling $9.4 million, with Merlin DEX responsible for the most successful exit scam.
Users and investors must conduct extensive research and due diligence before investing in any cryptocurrency project.
Auditing companies like CertiK are crucial in identifying possible security threats and enhancing industry-wide security.
Conclusion:
The increasing number of crypto-related exploits, hacks, and scams is a cause for concern in the crypto industry. While auditing companies like CertiK play a crucial role in identifying possible security threats, it is the responsibility of users and investors to exercise caution and conduct due diligence before investing in any cryptocurrency project. By taking appropriate security measures, the industry can protect itself against future exploits, hacks, and scams, thereby increasing the confidence of users
Hey, it's CryptoPatel here!
I'm passionate about providing you with the latest insights and analysis on the world of cryptocurrencies.
If you enjoy my content and want to show your support, please like, share, and follow me for more high-quality updates.
Thank you for your support, and let's continue to stay connected for more exciting content!
LIKE ❤️
Share ⏩
Follow 🤝
#eth2.0 #Binance #Airdrop #CertiK #CryptoPatel
📢 @cronos_chain has partnered with @CertiK
#Cronos - The first blockchain that interoperates with both Ethereum and Cosmos ecosystems.
#CertiK provides a formal verification platform for smart contracts and blockchain ecosystems.
#Crypto #CryptoNews
#Cronos - The first blockchain that interoperates with both Ethereum and Cosmos ecosystems.
#CertiK provides a formal verification platform for smart contracts and blockchain ecosystems.
#Crypto #CryptoNews
Hey #CertiK did you know you can throw that $3m into Kim and take home a fat stack of rewards with some of the highest APRs in crypto rn?
Oh, and don’t forget to stake your $xKIM to boost it up.
Oh, and don’t forget to stake your $xKIM to boost it up.
