Overheating growth, disregarding security investment, neglecting and being careless… result in the attack of cryptocurrency, blockchain, NFT (non-replaceable digital assets) projects, and serious damage.
RELATED NEWS
Crime’s new target
In the latest development, decentralized finance (DeFi) protocol is Inverse Finance said that the amount of cryptocurrency valued USD 15.6 million has been hacked and appropriated. According to Inverse Finance, the attacker injected money to manipulate token price, then created the loans with the minimum collateral on the start-up’s system via a vulnerability.
Last week, an Ola Finance cyberattack took place. About USD 4.67 million was said by Ola Finance to be lost.
Previously, Wormhole Bridge was attacked and USD 320 million was lost.
“The 10 biggest attacks on blockchain and cryptocurrency projects by the end of December 2021 with a total loss of up to USD 2.8 billion. There were up to 6 attacks out of the 10 attacks taking place in 2021, accounting for 60% of the attacks and the damage accounted for over 50%, about more than USD 1.4 billion. From the beginning of 2022 to the present, a series of attacks have taken place, with an estimated loss of nearly USD 1 billion.
In December 2021, BadgerDAO exchange was hit by hackers and an amount of cryptocurrency equivalent to USD 120 million was stolen. A few days later, Bitmart cryptocurrency exchange also lost an amount of cryptocurrency valued USD 200 million due to the wallet’s private key was revealed or Poly Network platform’s token valued more than USD 600 million was stolen, but then it was returned…
In Vietnam, cryptocurrency projects were also attacked. The most recent time, Ronin network of Sky Mavis – a developer titled Axie Infinity game, founded by Nguyen Thanh Trung and 4 fellows, valued at more than USD 8 billion – was hacked. Hackers stole and withdrew a sum of 173,600 Ethereum and USD 25.5 million from Ronin. With a scale equivalent to USD 625 million, this is one of the most severe attacks in the history of cryptocurrency industry.
By the end of 2021, Onus Vietnamese cryptocurrency project, with millions of users, founded by Mr. Tran Quang Chien, was also attacked to steal user data. Accordingly, the hackers said they hit the server and stole such data as full name, email, phone number, username and eKYC information used to verify identity. Hackers announced that they were keeping information of all Onus platform users with more than 1.92 million accounts, of which 90% are Vietnamese.
Cyradar Security company said that for December 2021 alone, there were 8 attacks on the blockchain projects, including Grim Finance, BitMart, MonoX Finance, Vulcan Forged, AscendEX, Badger DAO, Bent Finance, Visor Finance, with total loss up to USD 604 million.
“As the recent blockchain project booms, the dramatic increase in the number of attacks on blockchain projects is understandable. Because of the fast growth, many blockchain projects have ignored the basic principles of safety and security in software development, resulting in hackers’ sucessful attack,” analyzed CyRadar expert.
Said Kaspersky, we will deal with a wave of large-scale attacks on cryptocurrency enterprises. NFTs will also be a target for cybercriminals. This thanks to the countries in Southeast Asia are leading in terms of NFT ownership percentage, in which Vietnam is ranked at 5th position out of 20 surveyed countries, with 17.4% of respondents saying that they own these cryptocurrencies.“Hackers exploit software and even play as the fake vendors to start the attacks directly on employees of cryptocurrency startups and exchanges through sophisticated social engineering to mass attacks through supply chain software or its components, It is seen that an increase in these types of attacks. In addition, many NFT asset theft cases will also take place in the coming years, “said Kaspersky expert.
Consequences of disregarding security investments
Mr. Nguyen Minh Duc, CEO of CyRadar recommended, blockchain projects are also the software projects related to the financial field. Many blockchain projects are, however, focusing on feature development, which somewhat neglects information security and safety. Prioritizing the development of the blockchain system, ignoring the operating process, testing the safety of software before putting the system into operation will put these projects at risk of information insecurity and resulting in being attacked.
“Recent attacks do not target at the blockchain protocol, but target at such applications as games, wallets or exchanges, bridges. These are the applications using blockchain, but in fact, they are still web and mobile applications and there are still such vulnerabilities as traditional software, ” emphasized Mr. Duc.
CyRadar said that it is time for blockchain project developers to pay special attention to information safety and security. Besides, the audit of blockchain projects must be paid more attention.
Tran Viet Dinh, Symper’s Chief Technology Officer (CTO) said that the investment rate in the security of blockchain projects in Vietnam is still restricted, resulting in several attacks.
“Overheating Blockchain, investors focus on finding the ways to earn money, but not invest in security. They want to do something to create immediate benefits for the products and the community, so there are not many human resources for security. After a big hack in Vietnam, the community will withdraw experiences, so everything will get better day by day. Many developers are looking back at their projects, checking to see where there are still shortcomings to upgrade,” said Mr. Dinh.
According to Mr. Tran Xuan Bac, a security expert at VBI, the security of blockchain projects has not been paid enough attention. Although it belongs to the cost group, security should be considered as a mandatory investment of a blockchain project, because it does not directly bring profits, but it helps to protect millions of US dollars, even it is the project survival.
Source : Baodautu