Cointime

Download App
iOS & Android

Certik

ALL From Certik

CertiK: Sei Network Project’s Discord Server Has Been Compromised

According to an official tweet from CertiK, the Sei Network project's Discord server has been compromised. Until the team confirms that they have regained control of the server, it is advised not to click on any links. 

CertiK: The EOA address related to the Steadefi vulnerability attack has transferred 100 ETH to Tornado Cash

According to a tweet from CertiK official account, the EOA address (0xe10d) has transferred 100 ETH (approximately $185,000) to Tornado Cash. This EOA address is related to the Steadefi vulnerability attack on August 7th and still holds 524 ETH (approximately $969,000).

Security Team: Transfer 200 ETH to Tornado Cash for the EOA Address Starting With 0xd50e

According to a tweet from the official CertiK Twitter account, the EOA address (0xd50e) transferred 200 ETH (approximately $370,000) to Tornado Cash. It is reported that the funds came from a Multichain executor address that was hacked, which transferred 955,000 USDT to a new EOA address on July 5th.

CertiK: Earning Farm Attacker Transfers 292.6 ETH to New EOA Address on Ethereum

CertiK announced on Twitter that the Earning Farm attacker transferred 292.6 ETH (approximately $54.2 thousand USD) to a new EOA address (0x21d986da6595369d628bF1F85D7b02fbBEbAe173) on the Ethereum network.

The Discord Server of Crypto Banter and Crypto School Project Has Been Hacked, Please Be Aware of the Risks

According to the official Twitter of CertiK, the Discord servers of Crypto Banter and Crypto School projects have been hacked. Please do not click on any links, mint or approve any transactions until the team confirms that they have regained control of the servers.

CertiK Uncovers Security Vulnerability in Worldcoin Protocol, Raising Concerns about Unauthorized Access for Orb Operators

CertiK, a blockchain security firm, has discovered a significant security vulnerability in the Worldcoin protocol that allowed malicious attackers to bypass strict verification criteria and become Orb operators without meeting necessary requirements. This raises concerns about Worldcoin's overall security and highlights the need for robust protection measures.

CertiK Alert: Suspicious Liquidity Removal Detected on Bitlord (BITLORD)

CertiK has identified a significant liquidity removal incident within the Bitlord (BITLORD) project.ETH Address: 0x781bd109834C534Dc0f799aFDF65e6eb5151b839,The deployer has withdrawn 309 WETH (equivalent to $567,000) from the liquidity pool.This token is suspected to be associated with a honeypot scam.Remain vigilant!

Certik : Identified six wallet addresses involved in Curve security incidents

On July 30th, vulnerabilities in the Vyper programming language were discovered, leaving many pools on Curve susceptible to a reentrancy attack. The attack resulted in $69.3 million being affected, with $16.7 million returned by white hats and approximately $52 million lost. CertiK found that versions 0.2.15, 0.2.16, and 0.3.0 of the Vyper compiler were vulnerable to malfunctioning reentrancy locks.
Certik : Identified six wallet addresses involved in Curve security incidents

Security Team: Beware of False Memecoin Airdrop Propaganda on Twitter

According to CertiK’s official twitter release, beware of false Memecoin airdrop promotions on Twitter, please do not interact with hxxps://web3-memecoin.com/, this website will connect to a known automatic stealing address.

Era Lend on zkSync Exploited for $3.4 Million in Read-Only Reentrancy Attack

Blockchain security firm CertiK has reported that lending app Era Lend on zkSync has been exploited for $3.4 million worth of crypto using a "read-only reentrancy attack". The attacker used a vulnerability in the "callback and _updateReserves function" to manipulate a contract into reporting old values that had not yet been updated. Other projects based on Syncswap may also be vulnerable to the exploit. The Era Lend team has acknowledged the attack and paused the protocol's zkSync contracts to prevent further exploits.