Greetings!

Nearly $3.5M was stolen this week across a record 11 incidents. Most of these exploits targeted low-value projects on the BSC chain, with typical attack vectors such as price oracle manipulation and reward exploitation. It appears as though someone deployed a security scanner to mass-hack a range of abandoned or low-TVL projects.

The premium section of this newsletter provides indicators and root cause analyses of this widespread hacking event, covering projects like DCF, Matez, BSCGem, Sweepr, and BTB. It also includes a detailed investigation into the CoinPoker hot wallet hack.

To gain access to comprehensive vulnerability write-ups, post-mortems, exploit proof of concepts (PoCs), attacker addresses, and additional data regarding this week’s compromises, please subscribe to the premium plan below.

In other news, Gary Gensler has announced his departure early next year, coinciding with the SEC’s report about record-breaking $8B in enforcement action collections. While his tenure caused significant harm to the industry, it also underscored crucial lessons about the need for decentralization, privacy, and resilience against overreaching regulatory bodies. With renewed interest in cryptocurrencies and DeFi, we now have an opportunity to create a trusted ecosystem to serve billions of users.

Let’s dive into the news!