Security Team: Nomad currently returns about $8.56 million in stolen funds

[Security Team: Nomad currently returns about $8.56 million in stolen funds] News on August 3, after the cross-chain communication protocol Nomad was attacked, today Nomad officially released instructions for returning stolen funds, asking white hat hackers to send funds to Ethereum The only official fund recovery wallet address on the Internet: 0x94A84433101A10aEda762968f6995c574D1bF154.

Since then, the official fund recovery wallet has successively received funds returned by white hat hackers. As of 14:35 Beijing time, Chengdu Lianan security team used the Lianbizhui platform to track and found that a total of 101.8 ETH, 200 WETH, and 3,757,163 USDC were received. 2,001,000 USDT, 1,050,279 FRAX, 15,754,691 CQT, 150,039 CARDS, 2,100,559 IAG, 4,554 SUSHI, 150,039 C3, 835,916 GERO, 450,119 HBOT, worth about $8,559,435 in total. At present, the white hat hackers are still continuing to return the stolen funds.

Other news:

Security team: profit of about 9 million US dollars, Moola protocol hacker attack brief analysis: October 19 news, according to Beosin EagleEye Web3 security early warning and monitoring platform monitoring, the Moola protocol on Celo was attacked, and the hacker made a profit of about 900 Ten thousand U.S. dollars. The Beosin security team analyzed the incident for the first time, and the results are as follows:

Step 1: The attacker made multiple transactions, using CELO to buy MOO, and the attacker's initial capital (182,000 CELO).

Step 2: The attacker lends CELO using MOO as collateral. According to the common logic of mortgage lending, the attacker mortgages MOO with value a, and can lend CELO with value b.

Step 3: The attacker buys MOO with the loaned CELO, thereby continuing to increase the price of MOO. After each exchange, the price of Moo corresponding to CELO becomes higher.

Step 4: Since the mortgage loan contract will use the real-time price in the transaction pair to judge when lending, the user's previous loan amount has not reached the value b, so the user can continue to lend CELO. By repeating this process, the attacker increases the price of MOO from 0.02 CELO to 0.73 CELO.

Step 5: The attacker has carried out a total of 4 times of mortgage MOO, 10 times of swap (CELO for MOO), and 28 times of borrowing to achieve a profit-making process.

The mortgage lending implementation contract that was attacked this time was not open-sourced. According to the characteristics of the attack, it can be guessed that the attack is a price manipulation attack. As of the time of writing, through Beosin Trace tracking, it was found that the attacker returned about 93.1% of the funds obtained to the Moola Market project party, and donated 500,000 CELO to the impact market. I left a total of 650,000 CELO as a bounty. [2022/10/19 17:32:31]

Security Team: After Babylon Finance announced the shutdown, its token price has dropped by 95%: Golden Finance News, according to PeckShield monitoring, after the asset management agreement Babylon Finance announced the suspension of operations, the current token BABL has dropped by 95% .

According to previous news, Ramon Recuero, founder of the asset management agreement Babylon Finance, said that Babylon Finance will cease operations on November 15, and treasury assets will be distributed to BABL and hBABL holders from September 6. [2022/9/1 13:02:03]

Security Team: More than 5,000 Solana wallet funds were stolen, and the vulnerability may affect ETH users: On August 3, the blockchain audit security team OtterSec posted on social media that there were more than 5,000 Solana wallet funds in the past few hours Stolen, OtterSec analysis revealed that the transactions were signed by the actual owners, indicating a leak of private keys. The vulnerability could also affect ETH users. [2022/8/3 2:55:23]