Safeheron Weekly Dispatch | AUG 12 '22

Security Incidents

EGD Finance Project on BSC Attacked by Hackers

The attacking resulted in the unexpected withdrawal of funds from its pool. This incident was because the price-feeding mechanism for calculating rewards when EGD Finance's contracts obtained rewards was too simple, resulting in the token price being manipulated by flash loans for profit.

Curve Finance Frontend Attacked

The Curve Finance frontend was attacked, prompting users to grant token approvals to malicious smart contracts. The attackers moved the stolen funds to FixedFloat and Tornado Cash, with at least 362 ETH (~$620,000) stolen.

Klaviyo Was Under Phishing Attack Led to 44 Klaviyo Accounts Leakage

A Klaviyo employee’s login credentials had been compromised, as a result of suspicious activity from our internal logging and a user report. The hacker searched for primarily crypto related accounts and viewed list and segment information for 44 Klaviyo accounts and also viewed and downloaded two of Klaviyo’s internal lists used for product and marketing updates.

Industry Updates

Zero-Knowledge Proof Startup RISC Zero Raises $12M

The startup plans to build a scalable blockchain using zero-knowledge proof technology and its virtual machine. In March of this year, RISC Zero launched a zero-knowledge proof virtual machine, its first open-source product leveraging the authentication approach.

Checkout.com Eyes New Crypto Payments Products

Checkout.com is exploring a new product that would facilitate pay-outs in crypto — allowing workers receive remuneration in the form of crypto, directly to a digital wallet — and another that would give online merchants a way to accept crypto as a form of payment.

Gitcoin Introduces Web3 Decentralized Identifier Gitcoin Passport

Users collect “stamps” from different authenticators around Web2 and Web3. Stamps are verifiable credentials – by aggregating several of them in one place, Passport distributes trust across multiple entities. After integrating with Passport, instead of relying on a middleman to verify someone’s identity, applications can verify it themselves with a customizable algorithm that weights different stamps according to their preferences.

Gnosis Chain Launches a Block Explorer GnosisScan

The new GnosisScan will support ERC20, ERC721, and ERC1155 allowing users to search for transaction details related to fungible, non-fungible, and other configurations of token types and can track gas, smart contract difference and API. Developers can also use the available Truffle plugin and Hardhat plugin, which allows developers to automatically verify their smart contracts' source code on GnosisScan directly from the command line.

NewsFlash

• SEON, a rapidly growing startup that fights against fraud and cybercrime, raised $94 million in Series B funding.

• B2B infrastructure firm Fortress Blockchain Technologies raised Seed funding of $22.5M.

Market Regulation

North America

• Canadian regulators is probing crypto lender Celsius Network alongside US.

• Crypto.com received registration and regulatory approval as a VASP from the Cayman Islands Monetary Authority.

Europe

• Russia plans to roll out digital ruble across all banks in 2024.

Asia

• Thai central bank to get more powers in crypto law overhaul.

• S. Korea’s 5 major crypto exchanges to test out common guidelines that will include rules on listing and delisting coins, as well as assessing projects starting August.

• South Korea’s top financial regulator is to accelerate new crypto legislation.

• ED (Enforcement Directorate, India) is probing crypto exchanges for alleged laundering of over $130 million.

• Philippines is to stop permits for New Virtual Asset Service Firms beginning September.

Oceania

• Australia’s central bank launches digital currency pilot.

South America

• Buenos Aires to deploy Ethereum validator nodes in 2023.

Industry Briefing

For recent crypto criminal and suspicion, different countries are collaborating to enhance the crypto regulations. In a long term, forward regulations can shape a better future for the crypto industry.

And, security is renewed as a focus recently as the future of crypto depends on the security.

Alex Zinder, global head of hardware wallet maker Ledger Enterprises said that the crypto ecosystem’s rapid growth has increased the threat of hacks and exploits, creating safety issues “that are very difficult to manage". The challenge is, as you build additional complexity into the ecosystem you have more intermediaries and different players.

Security is really the precursor to mass adoption and scalability, essentially, assuring users, communities and brands won't in danger.

In this week, security incidents happened on and on. We see, all the connections between different platforms leads to one affects another, along with rug pull ,scamming, phishing and all other risks, how to let the security be the safeguard of assets and businesses is a forever topic.