Fun

News Feed - 2023-11-16 04:11:22

Tom Blackstone4 hours ago46% of crypto lost from exploits is due to traditional Web2 flaws — ImmunefiThe security platform released a report categorizing Web3 exploits in 2022, concluding that nearly half came from “infrastructure” or centralized elements.1403 Total views9 Total sharesListen to article 0:00NewsJoin us on social networksA new report from blockchain security platform Immunefi suggests that nearly half of all crypto lost from Web3 exploits is due to Web2 security issues such as leaked private keys. The report, released on Nov. 15, looked back at the history of crypto exploits in 2022, categorizing them into different types of vulnerabilities. It concluded that a full 46.48% of the crypto lost from exploits in 2022 was not from smart contract flaws but rather from “infrastructure weaknesses” or issues with the developing firm’s computer systems.Categories of Web3 vulnerabilities. Source: Immunefi


When considering the number of incidents instead of the value of crypto lost, Web2 vulnerabilities were a smaller portion of the total at 26.56%, although they were still the second-largest category.


Immunefi’s report excluded exit scams or other frauds, as well as exploits that occurred solely because of market manipulations. It only considered attacks that occurred because of a security vulnerability. Of these, it found that attacks fall into three broad categories. First, some attacks occur because the smart contract contains a design flaw. Immunefi cited the BNB Chain bridge hack as an example of this type of vulnerability. Second, some attacks occur because, even though the smart contract is designed well, the code implementing the design is flawed. Immunefi cited the Qbit hack as an example of this category.


Finally, a third category of vulnerability is “infrastructure weaknesses,” which Immunefi defined as “the IT-infrastructure on which a smart contract operates—for example virtual machines, private keys, etc.” As an example of this type of vulnerability, Immunefi listed the Ronin bridge hack, which was caused by an attacker gaining control of five out of nine Ronin nodes validator signatures.


Related:Uniswap DAO debate shows devs still struggle to secure cross-chain bridges


Immunefi broke down these categories further into subcategories. When it comes to infrastructure weaknesses, these can be caused by an employee leaking a private key (for example, by transmitting it across an insecure channel), using a weak passphrase for a key vault, problems with tw-factor authentication, DNS hijacking, BGP hijacking, a hot wallet compromise, or using weak encryption methods and storing them in plaintext.


While these infrastructure vulnerabilities caused the greatest amount of losses compared to other categories, the second-largest cause of losses was “cryptographic issues” such as Merkle tree errors, signature replayability and predictable random number generation. Cryptographic issues resulted in 20.58% of the total value of losses in 2022.


Another common vulnerability was “weak/missing access control and/or input validation,” the report stated. This type of flaw resulted in only 4.62% of the losses in terms of value, but it was the largest contributor in terms of the number of incidents, as 30.47% of all incidents were caused by it.# Ethereum# Cybersecurity# DeFiAdd reactionAdd reactionRead moreWSJ debacle fueled US lawmakers’ ill-informed crusade against crypto3 things we might see from crypto as 2023 winds to an endVC Roundup: Private accounts, tokenization and healthcare infrastructure grab investor attention

News Feed

Crypto traders say Ethereum ‘undervalued,’ expect spot ETH ETF to fuel new highs
Nancy Lubale6 hours agoCrypto traders say Ethereum ‘undervalued,’ expect spot ETH ETF to fuel new highsEther’s price has a muted response to today’s spot ETH ETF launch, but traders still expect Ether to hit new
UP Alliance Members to Lock Mega-Utility Tokens for a Year
UP Alliance Members to Lock Mega-Utility Tokens for a Year Universal Protocol Token is a mega-utility token offering attractive interest rates when lending and borrowing, lower e
Brayden Lindrea8 hours agoRyder Ripps ordered to pay Yuga Labs $1.6M in copyright lawsuitThe NFT artists were also ordered to cover Yuga Labs’ legal fees after determining the trademark infringement constituted an “e
Latam Insights – Inflation Skyrockets in Argentina, El Salvador Processes Digital Assets Licenses, Venezuelan Crypto Corruption Probe Continues
Latam Insights - Inflation Skyrockets in Argentina, El Salvador Processes Digital Assets Licenses, Venezuelan Crypto Corruption Probe Continues Welcome to Latam Insights, a compend
Square Enix Exploring Blockchain Game Development as Part of Oasys Project Partnership
Square Enix Exploring Blockchain Game Development as Part of Oasys Project Partnership Square Enix, one of the biggest Japan-based gaming companies, has inked a partnership with Oa
Nvidia claims breakthrough on path to GPU-based quantum computing
Tristan Greene3 hours agoNvidia claims breakthrough on path to GPU-based quantum computingQuantum annealing systems could impact the finance and blockchain industries in a major way.2765 Total views6 Total sharesListen t
Web3 game Wilder World gets Epic Game Store listing during alpha testing
Tristan Greene7 hours agoWeb3 game Wilder World gets Epic Game Store listing during alpha testingThe makers of Wilder World claim that it will be the “ultimate game” by combining popular genres into a single experien
King Charles lays out Labour gov’t plan for UK, with crypto unmentioned
Turner Wright7 hours agoKing Charles lays out Labour gov’t plan for UK, with crypto unmentionedDuring the State Opening of Parliament in May 2022, the UK government, led by Conservatives, introduced two bills concernin
Bored Ape and Cryptopunk Values Wobble — During the Last Month, Blue-Chip NFT Floor Values Dropped Over 50%
Bored Ape and Cryptopunk Values Wobble — During the Last Month, Blue-Chip NFT Floor Values Dropped Over 50% While the crypto economy has dropped considerably in value during the
Iran to Increase Penalties for Unauthorized Cryptocurrency Mining
Iran to Increase Penalties for Unauthorized Cryptocurrency Mining Iran has drafted new rules to increase penalties for illegal cryptocurrency mining in the country, including addit
Nayib Bukele Attributes Tourism Recovery in El Salvador to Bitcoin, Surf, and Crime Reduction
Nayib Bukele Attributes Tourism Recovery in El Salvador to Bitcoin, Surf, and Crime Reduction Nayib Bukele, the president of El Salvador, declared that the speedy recovery of touri
How blockchain-based voting can restore trust in the electoral process
Zoltan Vardai11 hours agoHow blockchain-based voting can restore trust in the electoral processBrian Rose also aims to implement a new London cryptocurrency to promote financial education in the Greater London area.811 T