Vulnerability

According to reports, the digital asset security platform Fireblocks has discovered a serious vulnerability in the Threshold Signature Scheme (TSS) wallet of BitGo, a cryptocurrency hosting company, which exposes its users’ private keys to the risk of being attacked by potential hackers. It is reported that BitGo immediately suspended the affected wallet service in December 2022 after learning of the vulnerability, which is known as the “BitGo Zero Proof Vulnerability”. The company subsequently released a patch in February 2023 to address the labeling issue and notified customers to update their systems by March 17. （The block） Fireblocks reported a vulnerability in the BitGo TSS wallet, which has been fixed Analysis based on this information:Fireblocks, a digital asset security platform, has reported a serious vulnerability in BitGo’s Threshold Signature Scheme (TSS) wallet. TSS is a popular multi-signature technology that allows a group of users to control a single account. The vulnerability, known as the “BitGo Zero Proof Vulnerability”, exposes the private…

On March 15th, Arcade.xyz, the decentralized NFT lending market, tweeted that after a security alert from BlockSec, a vulnerability involving the approval of remaining tokens was found in the old contract, which is currently not being used in the agreement. The team has contacted 10 affected users and recommended that they revoke their permissions. Arcade.xyz in the NFT lending market has discovered a security vulnerability in old contracts and has reminded affected users to revoke their permissions Analysis based on this information:Arcade.xyz, a decentralized NFT lending market, recently encountered a security alert from BlockSec regarding a vulnerability in the approval of remaining tokens in their old contract. The team has assured the public that they are currently not using this agreement, but ten affected users have been contacted and recommended to revoke their permissions. The BlockSec security alert highlights the grave importance of having comprehensive security measures in place in modern-day digital markets. It also shows how even a seemingly…

It is reported that the official Twitter of Euler Finance, the loan agreement, said that the solution currently proposed is that users affected by the vulnerability will be able to apply for refunds and will use the remaining funds in the treasury to process refunds. Euler Finance: will use the remaining funds in the treasury to process the refund Analysis based on this information:Euler Finance, a decentralized finance (DeFi) protocol, has recently reported a vulnerability in its platform. According to the official Twitter account of Euler Finance, there is a solution proposed to mitigate and handle the impacts of the vulnerability. Euler Finance stated that users who have been affected by the issue can apply for a refund, and the remaining funds in the treasury will be used to process such refunds. This initiative taken by Euler Finance shows its commitment to the security and welfare of its users. By proposing a refund solution instead of sweeping the matter under…

On March 13, Aztec said on social media that the vulnerability of Euler Finance would affect Aztec Connect users who tried to withdraw funds, and currently the affected users could not withdraw funds. Aztec cannot control the integration with Euler, and Aztec Connect functions normally. Aztec: Affected Aztec Connect users will not be able to withdraw money from Euler Analysis based on this information:Recently, Aztec announced on their social media platform that users of Aztec Connect would be affected by the vulnerability of Euler Finance. Euler Finance is a third-party integration used by Aztec Connect, and the vulnerability in its system has caused a disruption in the process of fund withdrawal for users of Aztec Connect. As a result, affected users cannot withdraw funds from their Aztec Connect account. However, it should be noted that Aztec Connect, as a platform, is unaffected by the Euler Finance vulnerability and all other functions are working normally. Upon closer examination, the message from…

On March 13, according to the monitoring of 0xScope Protocol, some projects and the address of whales were affected in the Euler Finance attack, including: 0xScope: Millions of dollars of assets of several agreements are stranded in Euler agreement Analysis based on this information:On March 13, the DeFi industry was hit by yet another attack that targeted Euler Finance. According to the monitoring of 0xScope Protocol, several projects and the wallet addresses of prominent investors, aka whales, were affected by the breach. This incident highlights the vulnerability of DeFi projects and the risk posed to market participants, particularly those with a significant stake or influence. DeFi, which stands for decentralized finance, has seen significant growth in recent years as investors flock to the space in search of greater returns and more control over their financial assets. However, as the Euler Finance attack shows, the sector is not immune to security vulnerabilities and risks. In this particular case, hackers exploited the…

On March 12, the security company Imperva revealed a vulnerability in OpenSea, which allows users to de-anymize the identity of NFT traders on the platform. Th…

On March 11, Hedera Status tweeted that the main network had been upgraded to fix the vulnerability and was now running normally.

Hedera main network h…

On March 10, the DeFi project SaucerSwap on Hedera tweeted that a persistent vulnerability had attacked the Hedera network. The target of the vulnerability was…

It is reported that Safeheron, a developer of multi-party computing (MPC) wallets, said that some multi-signature wallets could be attacked by Web3 application…

According to reports, Max, a member of the blockchain security team, said on social media that the contract of the NFT project CryptoNinja World (contract addr…