Recognize the QR code and follow Beosin
Inventory in September
According to the statistics of Beosin Eagle-Eye , the Beosin Chengdu chain security situational awareness platform , in the past month (September), various attacks and coin loss incidents occurred frequently, and a total of "9" typical security incidents occurred.
These include:
There were "3" security incidents on the EOS chain, and the hackers made a profit of more than 220,000 EOS, mainly including the transfer of 199,000 EOS from the craigspys211 account that had been frozen by arbitration, and gradually flowed to the exchange.
Bitcoin wallet Electrum users are facing phishing attacks. When the user updates the client with a backdoor, the private key will be stolen. So far, 1450 BTC has been stolen.
There have been "2" DApp attacks on the TRON chain this month, thousands of TRX were stolen, and the attack method is still transaction rollback.
The Ethereum fund project FAIRWIN contract was exposed to have serious security vulnerabilities. Any user can call the interface to forge betting data and then withdraw the balance. Although the vulnerability interface has been closed, 500 pieces of betting data, about 5093 ETH, have been inserted before closing.
A third-party JS service used by the digital currency exchange has the risk of being implanted with malicious code, which directly threatens the security of the exchange's funds and causes users to lose coins.
The Fusion wallet was hacked resulting in the theft of 10 million native FSN and 3.5 million ERC20 FSN tokens, worth approximately $5.57 million.
Within the scope of statistics, the loss of security incidents in September exceeded 130 million yuan. Although compared with the previous month, the number of security incidents this month has decreased slightly, but the amount of loss is more. The occurrence of exchange and wallet security incidents is still on the rise, and the main attack method of hackers is "vulnerability exploitation" , which shows that transactions All safety awareness still needs to be strengthened.
In view of the current new situation of blockchain security, Beosin Chengdu Lianan hereby reminds project parties to pay attention to security risks , especially exchanges.
Because exchange security incidents often involve a huge amount of money, it is even more necessary to enhance security awareness and do a good job in project security review.
It is recommended that blockchain projects strengthen their technical capabilities, consciously enhance the security of the system architecture during system design and development, and establish a complete security architecture system and emergency response mechanism.
If necessary, you can cooperate with a security company to reduce vulnerabilities through third-party technical support, security testing, and security reinforcement to avoid unnecessary losses.
When the project is running, the security situation awareness system can be used to monitor in real time and give early warning and alarm.
Effectively defend against security attacks with the help of firewalls. In case of asset loss, security companies can be used to trace the source of assets on the chain.
more information
Beosin Media Matrix
|
official website https://www.lianantech.com |
|
GitHub https://github.com/Lianantech/VCA |
|
https://www.facebook.com/ BeosinChengdu/ |
|
https://twitter.com/Beosin_com |
|
Telegram https://t.me/LiananTech_cn (Chinese) https://t.me/LiananTech_en (English) |
|
https://weibo.com/u/6566884467 |
|
CSDN blog https://blog.csdn.net/CDLianan |
|
official phone number 028-83262585 |
|
Official email |
|
official address Chengdu HQ : Room 504, Block D7, Tianfu Software Park, No. 599 Century City South Road, Chengdu Beijing Base : Room 305, Dream Plus Space, No. 36 Guangshun North Street, Chaoyang District, Beijing Shenzhen Base : 16D, Building 3, Xunmei Technology Plaza, Nanshan District, Shenzhen |