Blockchain circle

One stop hot information platform

About us:

Blockchain circle provides the latest information about blockchain, digital currency, digital wallet, exchange, metauniverse, bitcoin, Ethereum, contract, financial management and so on, and always pays attention to the latest market...

A new hacker attack occurred in the blockchain industry, and the public chain Solana involved the theft of $5.8 billion of encrypted assets

Time : 08/09/2021 Author : plf0bu Click : + -
        According to the tracking of the slow fog security team, about $580million of encrypted assets, including exist, went to four attacker addresses. There is no final conclusion about this incident. Blockchain security analysts said that unlike previous hackers who usually used a security vulnerability with a large amount of assets to attack, Solana is most likely to be attacked in the supply chain this time; If so, all relevant users will face the risk of asset theft. In the early morning of August 3, the official account of magiceden, the public chain Solana ecological NFT platform, issued a warning on social media that there seemed to be a widespread sol vulnerability, which was depleting the wallet of the entire ecosystem, and reminded users to update settings to protect personal assets.
 
        According to the tracking of several security companies, the number of stolen Solana wallets continued to grow from 5000. As of 1 p.m. on August 3, about 7767 wallet assets were stolen, and various encrypted assets and NFTs were transferred. "This kind of hacker attack is rare. It should be the first time." People concerned in slow fog told blockchain daily that the loss of mainstream assets, including bitcoin and Ethereum, was within $4.5 million, and other counterfeit currencies (exist) exceeded $570million. At present, the specific reasons for hackers' attacks have not been fully identified. Yang Xia, founder and CEO of Chengdu chain security, told blockchain daily that there is no final conclusion at present, but one of the most likely reasons is the attack caused by supply chain security.
 
        Supply chain attack is a new attack technique. Attackers often intervene in the upstream or midstream to spread their malicious activities and their subsequent effects to more users downstream. Compared with isolated security vulnerabilities, once the supply chain attack is successful, the loss scale is larger and the impact is more far-reaching. Yang Xia further analyzed that before this, the security attack and defense were basically carried out against the project itself, generally using a security vulnerability of a project with large assets to attack the project; Such attacks often have a single target and only target the project. Even if the attack makes a lot of profits, the scope of impact is relatively small. In Yang Xia's view, if the Solana wallet security incident really takes advantage of the supply chain attack, then all users who use the problematic wallet have the risk of private key leakage, and the harm has been spread greatly.
 
        And in the blockchain world, whoever holds the private key can master the corresponding wallet assets, which makes it difficult to prevent transfer transactions on the chain even if the verifiers of Solana's whole chain work together. On August 3, blockchain security company slow fog released the blockchain security and anti money laundering report for the first half of 2022. According to the report, 187 security incidents occurred in the first half of 2022 (as of June 30), with losses of up to $1.976 billion. Among these security incidents, about 77% (144) were exploited by attackers due to vulnerabilities in the project itself, with a loss of about $1.84 billion, accounting for 93% of the total loss of security incidents.
 
        Blocksec co-founder Zhou Yajin told blockchain daily that blockchain security involves all parties of the ecosystem, including users, wallets, exchanges, chains and applications. The security weakness of each link will have a huge impact, especially the risks of the client and wallet have been ignored for a long time. In addition, due to the anonymity of blockchain, it is difficult to trace and investigate the loss once it is lost. In Yang Xia's view, blockchain security needs to achieve full ecological security. All links of contract, chain platform, wallet and DAPP need to achieve relatively safe protection, and this protection should be extensive and in-depth. "Many times, the security protection of the project product itself is in place, but in the case of supply chain attacks, this dimension reduction attack may lack some detection and protection capabilities.
 
        ”Yang Xia said. Yang Xia pointed out that for safe track practitioners, the most important thing is to race against hackers and try to eliminate security vulnerabilities before attacks occur. But with the expansion of the protective surface, this may become more and more difficult. At this time, it is necessary to refine the track. While guarding the whole ecological security, each security team selectively focuses on a certain segment of the track and makes it very in-depth. Facebook, Microsoft, Google, Samsung, ByteDance, Baidu, zhongqingbao, the world's best, blue cursor, Qitian, new national pulse, epicgames, Kunlun, wanwei, Jihong shares, Saturday, 2345, Shanshui, bide, fengyuzhu &hellip& hellip;。
 
        
Previous:Blockchain foam runs much faster than landing applications! Regulatory style will switch,Ranking of blockchain application companies
Next:No more

Related articles:

© 2005-2032 | Blockchain Circle & & All Rights Reserved    Sitemap1 Sitemap2 If there is infringement, please contact us at: