TWO crypto protocols Flash Loaned in just TWO days⚡⚡

In brief —

Events Under the Spotlight 🔎

DaoSwap exploited for 581,257 USDT

  • Due to mining rewards greater than the costs required during the swap procedure and,
  • A lack of verification, DaoSwap lost 580,000 USDT on September 5th in an attack that allowed users to set the inviter’s address as themselves.

Nereus Finance Exploited for $371,000 (USDC)

  • An avalanche-based lending protocol, Nereus Finance was attacked through a smart contract exploit.

GERA token security was compromised due to private key leakage

  • Hackers transferred ownership of the GERA token’s smart contract deployer to another address:

New Free DAO (NFD) Token Crashes by 99% After a Flash Loan Exploit

  • DeFi protocol New Free DAO was hacked on Thursday, which saw roughly $1.25m drained from the platform.
  • After the attacker borrowed 250 wrapped BNB, which was swapped for NFD.
  • A malicious contract was then deployed on the network, allowing the attacker to repeatedly claim airdrop rewards — which were converted back to BNB and sold.

The Sandbox Game Instagram was compromised

  • The Instagram account of the metaverse platform The Sandbox was compromised, and it was used to try to rent out Bored Ape Yacht Club nonfungible tokens (NFTs) from several individuals on the social networking site.
  • On Thursday, hackers gained access to the voxel-powered NFT platform’s profile, using it to promote a fake raffle ticket event that advertised a season 4 LAND giveaway to gullible fans.
  • The company claimed that the fraudulent giveaway had been promoted by getting beyond its two-factor authentication and other security safeguards.
  • One user claimed to have lost NFTs after following the fraudulent link, and the profile’s website address was changed.

Trending Blog of the Week📈

Read Here

Want more Such Security Blogs & Reports?

Connect with QuillAudits on :

Linkedin | Twitter | Website | Newsletter | Discord | Telegram

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
QuillAudits Team

QuillAudits Team

Smart Contract Auditing Experts , Making web3 a safer place . audits@quillhash.com