In the past two days, two major security incidents occurred in the Web3 space, which shocked the entire market. The two security incidents involved a sum of approximately $130 million, causing widespread concern.

Justin Sun is targeted by hackers again

On November 22, according to Beosin EagleEye security risk monitoring, warning and blocking platform, HECO Chain Bridge was attacked by hackers and a large amount of ETH and various tokens were stolen.

At present, the attacker has converted all 7 stolen tokens into ETH, including the directly stolen ETH and the total stolen value exceeds 41,000 ETH. The attacker deposited all ETH into the following 11 addresses and has not moved them yet. Beosin Trace will continue to track stolen funds.

Fund storage address:

0x153D99836E197f92a8385bA80AfBB57b69de2cC1

0x493BB5E2a551aE8FA22EfF0F964820712Ed77Dcb

0x640e567A5041c7108033dADB0b47A3F7aEdD661b

0x945647F6225a44E35a0Ea50F9FE2b4321794aA29

0xe47e6dA16Bb83EB0FD26b3F29b15CE8Fab089B9e

0x6A40dfe3008Bc3f99907e6DFf4d041F933493411

0x7aBd8ddA6CcA1785Af2f812b171B98D6924ff5D2

0xB6baC5CAe1cD4b7e8137bFe5254dFB1CF1F36d0e

0x8DC70E0305c0f19d926AC8F07b61C5C2cfb9Ab75

0x7bEfDBB89C21863E910310A36Da5058704552935

0xEdBdCb1b763Ef7920978c700007Ab1F05b18b8f6

After the attack, Justin Sun tweeted that HTX and Heco cross-chain bridge were hacked. HTX will fully compensate for the loss of HTX hot wallet. Deposits and withdrawals are suspended. All HTX funds are safe and the community is assured. They are investigating the hacker attack. Once they complete their investigation and identify the cause, they will restart service.

Kyber Network was exploited

In the early morning of November 23, according to Beosin’s EagleEye security risk monitoring, warning and blocking platform, KyberSwap was attacked by hackers.

As you can see from the EagleEye dashboard, this incident resulted in the theft of approximately $48 million in various crypto assets, mainly including 16,217 ETH, 3,987,332 ARB, 591,441 OP and 1,111,926 DAI.

Immediately, Kyber Network issued a statement saying that KyberSwap Elastic experienced a security incident. As a precautionary measure, it is strongly recommended that all users withdraw funds immediately. The team is carefully investigating the situation and promises to regularly report the latest situation.

The Beosin security team analyzed that the reason was that manipulating the tick interval boundaries allowed attackers to double increase liquidity, leading to the project being attacked.

Finally, the hacker showed off and left a message on the chain, saying, "After I have a good rest, we will negotiate in a few hours."

The Kyber team is still trying to communicate with hackers. At the same time, the KyberSwap security incident has once again triggered widespread concern in the crypto market about DEX security. This incident once again reminds users to be careful when choosing a DEX platform and take necessary security measures to protect your funds.

These security incidents once again highlight the vulnerabilities and challenges in Web3 security. Although blockchain technology has the characteristics of decentralization and security, there are still risks of vulnerabilities and attacks and security audits are very necessary.

Contact

If you need any blockchain security services, welcome to contact us:

Official Website Beosin EagleEye Twitter Telegram LinkedIn