Blockchain Security Roundup: January 2024 Edition

Blockchain Security Roundup: January 2024 Edition

·

2 min read

We've wrapped up 2023 and 2024 is in full swing. In the first edition of the year we'll be looking back at the biggest and most relevant security news of the past month.

Top Hacks

Orbit Bridge - $81.5M - On the eve of New Year's, December 31, 2023, Orbit Chain's Ethereum bridge, fell victim to a cyberattack most likely caused by the compromise of credentials or private keys.

Levana Protocol - $1.1M - The breach unfolded over a 13-day period from December 13 to December 26 and led to a loss of about 10% of the protocol's liquidity reserves.

NFT Trader - $3M - NFT Trader was exploited due to reentrancy vulnerabilities in its old smart contracts, leading to the theft of approximately $3 million in high-value NFTs.

Flooring Protocol - $1.6M - In December 2023, Flooring Protocol suffered an exploit of its peripheral/multi-call contract, resulting in attackers netting around $1.6 million.

INX - $1.6M - INX Digital Company reported a breach in December 2023, where attackers compromised a third-party provider’s servers, executing unauthorised transactions and stealing approximately $1.6 million.

Telcoin - $1.2M - Telcoin incurred losses of about $1.2 million in December 2023 due to an attack exploiting vulnerabilities in the wallet’s proxy contracts on the Polygon blockchain.

Thirdweb - $190K -Thirdweb disclosed a critical vulnerability in libraries implementing ERC2771 and Multicall that allowed one to impersonate msgSender which negates every access control implementation. Coinbase NFT, OpenSea and many other projects were vulnerable. It only took a few days for multiple attackers to exploit this attack vector and start targeting vulnerable projects starting with the $190K compromise of Time.

More Blockchain Security from Rivanorth

Secure Proxy Models: Understanding Beacon Proxies

Rug Pulls and How to Avoid Them

Real-time hack news and info: https://twitter.com/rivanorthSec


Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit rivanorth.com to find out more.

You build the future. We help you secure it.