Security Roundup: June 2024 Edition

Security Roundup: June 2024 Edition


2 min read

Welcome to the latest edition of our monthly security roundup where you find the most relevant security news all in one place. Get key insights into what happened and stay ahead of the curve!

This month we had the opportunity to present at ETH Sydney about the most dangerous attack vectors in Web3 and what project can do to stay safe

Mentor many amazing projects at ETH Global Sydney

Our most recent research article on multi chain security got featured on arguably the most reputable security newsletter in the space, Blockchain Threat Intelligence.

May 2024 Hacks

Pike Finance - $1.9M - the exploit involved the modification of the initialized variable within the contract, which made the contract act as if it was uninitialised. This allowed the attackers to upgrade the contracts without admin permissions and steal the funds.

Sonne Finance - $20M - The attack exploited a known vulnerability common in Compound v2 forks. The exploit was similar to the one that hit Hundred Finance a year earlier.

Alex Lab - $4.3M - The attacker used phishing as attack vector to steal the project's private keys, which granted them administrative access to an ALEX liquidity pool vault.

Gala Games - $240M - The hacker gained access to a dormant admin address within Gala Games. This unauthorised access enabled the hacker to mint 5 billion GALA tokens.

More Blockchain Security

Top 3 Multi-Chain Security Issues

The Ultimate Guide to Securing Your X/Twitter Account

ERC-4626 Vulnerabilities and How to Avoid Them in Your Project

Secure Proxy Models: Understanding Beacon Proxies

Rug Pulls and How to Avoid Them

Real-time hack alerts:

Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit to find out more.

You build the future. We help you secure it.