Smart Contract Security Overview 2023

Detailed Analysis of Projects & Blockchain Compromised

Analyzing Hacks Due to Smart Contract Vulnerabilities with Web3sec.News

Introduction

• Security is essential since blockchain is a distributed, decentralized system that depends on immutability and trust to function. More than $12.3 billion in financial losses have been caused by smart contract flaws so far in the Web3 industry.

What are smart contract vulnerabilities?

• Yearn Finance was hacked in April 2023 because of a bug in its smart contracts. The attacker altered the value of the yUSDT tokens by taking advantage of the improper placement of a Fulcrum USDC contract address in place of USDT, cheating the protocol out of about $10 million.

The Fulcrum iUSDC token was utilized instead of the Fulcrum iUSDT token

How to keep track of hacks & smart contract vulnerabilities?

• It is really difficult to keep track of all hacks and alerts in one place. you need to follow various news & Twitter researcher accounts to get the latest hacks and vulnerability updates on your timeline.
• To solve the above problem, I recently created an open-source platform that aggregates the tweets & resources shared on the latest hacks & vulnerabilities. It also promotes the Web3 Security Community by providing them with the recognition they deserve.

The ultimate source for the latest web3 hacks and trends.

• web3sec.news is a community aggregator platform that tracks the latest hacks, learning resources, audit reports, jobs, etc in one place for everyone to learn & excel in blockchain security.

Latest security audit reports to learn about Smart Contract Vulnerabilities

Review of Smart contract hacks and Vulnerabilities

Smart contracts offer immutability, which prevents changes after distribution, but they are difficult to patch for known faults or vulnerabilities.

• As a result, there have been more than 330 attacks so far this year, costing more than $600 million.

Number of hacks from 2022 to 2023

• According to further examination, 148+ projects on BNB networks, 75+ projects on the Ethereum chain, 18 hacks on the Polygon chain, and 80+ hacks on Abritrum, Solana, ZKSync, Algorand, etc. were all compromised.
• It is terrible to see how exit scams and social media account takeover operations have contributed significantly to more than 200 hacking cases. These hostile actions have hurt the reputation of countless projects and caused financial losses by taking advantage of security flaws and careless users.

Yearly Web3 Hack Analysis

• 64 vulnerabilities in smart contracts, 29 flash loan attacks, 15 price/oracle manipulations, and other vulnerabilities were exploited out of the remaining 130 projects that were compromised.
• While we comprehend the attacks and the blockchain that was compromised, it’s crucial to know that 140+ protocol tokens, 83 NFT protocols, 66+ DeFi protocols, 12 DEX, 7 DAO, and 11 bridges, wallets, CeFi, etc. protocols were also compromised.
• As a result, it draws attention to the necessity for more security precautions and user education to reduce these dangers in the cryptocurrency and blockchain ecosystem.

Thank you for reading ✌🏻

Take care, fellow hackers!

Happy Hunting :>

You can connect with me on LinkedIn, or Twitter for more such insights!

References

Web3Sec - Never miss any breach ever again

Web3sec.news | Chirag Agrawal | Substack

GitHub - Web3secNews/blog: Contribute, publish, and earn recognition! Share your web3 dev &…