Blockchain Incident loss arising $3M in October 2023

Here is a summary of blockchain incidents for October 2023.

  1. Galxe Frontend UI under attack
    On October 6, 2023 9:44 PM (UTC+7) Galxe made an announcement about the website being down for preparing fix the issue and alert to user don’t connect wallet/sign any transaction on frontend UI, this situation is the same on the balancer frontend attack. this incident has placed malicious contract code on the frontend and attacked users when they interact their web3 wallet to drain funds, this incident is affecting around ~$150k loss arising
  2. Stars Arena Exploit
    On October 7, 2023 1:19 PM (UTC+7) Stars Areana alerted a community about a major security breach with a smart contract, approximately 266,104 AVAX drained and then on October 12, 2023 2:43 PM exploiter has returned 239,493 AVAX back to Stars Arena, this incident is affecting around ~$315k (Exploiter return funds back and get 10% bounty fee)
  3. Fantom Foundation wallet drained
    On October 18, 2023 12:49 PM (UTC+7) Fantom Foundation announced that Fantom Foundation wallet was compromised, CertiK reported 2 wallets has loss arising around ~$470k on FTM, ~$187 k on ETH ( this incident is affecting around ~$657k loss arising
  4. HopeLend Protocol Exploit
    On October 19, 2023 12:20 AM (UTC+7) announced that HopeLend Protocol fell victim to a hacker attack this attack resulted in a loss of approximately 528 ETH
    this incident is affecting around ~$1M loss arising
  5. Astrid Restaking Pool Exploit
    On October 28, 2023 8:13 PM (UTC+7) Astrid Restaking Protocol announced that smart contract was exploited, Astrid have sent a message on tx to discuss a bounty, they offering 20% for a bounty of any funds stolen
    After that AstridFinance Exploiter returned funds back to Astrid Deployer 102 ETH on tx
    this incident is affecting around ~$244k (Exploiter return funds back and get 20% bounty fee)
  6. Unibot Exploit
    On October 31, 2023 12:18 PM (UTC+7) Scopescan Alert that Unibot seems exploited around ~$560k
    Unitbot announced:
    this incident is affecting around ~$560k loss arising

SCRL, formerly known as SECURI LAB, aims to enhance Web3 project security through the expertise of security researchers. We provide robust security solutions and employ industry-standard technology, including internal tools and KYC solutions, to assess the security of smart contracts. SCRL primary mission is to tackle security challenges in Web3 projects with a focus on concise security audits. We created Python tools, namely WAS for internal purposes and aspire to foster the growth of Thailand’s crypto industry by promoting security protection technology.

Follow SCRL On: