BlockThreat - Week 5, 2022
Wormhole | KLAYswap | Meter.io | Compound | Mars Stealer
Things are not looking good in DeFi land this week! Two cross chain bridges got hit. KLAYswap suffered from a surgical BGP hijacking of its 3rd party dependency to replace the smart contract address on the front-end Dapp and steal crypto from site’s visitors. Justin Sun may be at it again with a governance attack on Compound Protocol to force a TUSD vote. Insider threats, careless access controls, reentrancy, and other bugs netted attackers $333M in a single week, that’s more than all of the losses combined in 2020. Let’s learn from these mistakes and make the blockchain security ecosystem stronger.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.