#CertiKStatsAlert
🚨
We have updated our EOM May stats to reflect the DMM Bitcoin incident
May saw a total of $347.3M lost
Exit scams: ~$1.8m
Flash loans: ~$20.7m
Exploits: ~$324.7m
See more details below 👇
#CertiKSkynetAlert
🚨
Beware of a fake BabyDogeCoin Twitter account promoting a phishing URL
Do not interact with hxxps://babydogecoins.co/
URL connects to the same phishing contract we identified in a fake ChainLink site. Scammer has already stolen ~18 ETH
Stay vigilant!
#CertiKSkynetAlert
🚨
Earlier today
@Coredao_Org
Discord Server was compromised with a fake phishing link in their announcements.
We are currently working with them to secure their server and implement best practices to prevent future incidents.
#CertiKSkynetAlert
🚨
@Coredao_Org
Discord Server has been compromised with a fake phishing link that has been posted for a “free giveaway CORE airdrop”.
Do not click on any links until the team has confirmed they��ve regained control of the server.
#Hack
#Discord
Stay safe!
#CertiKSkynetAlert
🚨
@Coredao_Org
Discord Server has been compromised with a fake phishing link that has been posted for a “free giveaway CORE airdrop”.
Do not click on any links until the team has confirmed they’ve regained control of the server.
#Hack
#Discord
Stay safe!
#CertiKSkynetAlert
🚨
An upgrade on
@safemoon
contract introduced a burn vulnerability.
This upgrade was not within the scope of our audit.
Original attacker was front-run by EOA 0x286 who has reached out to the
@safemoon
deployer to return the ~$8m.
Stay vigilant!
#CommunityAlert
🚨
CertiK’s highly skilled KYC & Fraud Investigation team's have delisted the
#SAFUU
Protocol project due to high risk indicators, concerning the SAFUU owner/team affiliation with previous high risk projects.
We advise against interacting with this project
#CertiKSkynetAlert
🚨
We are seeing a price
#slippage
on Pi Network (PI), a probable copycat token.
Contract Avax: 0x7455D436D5dAc4cf08cE5FeFcd17F757c1ba846C
which has dropped 100%.
Token should not be confused with other projects of a similar name
#CertiKSkynetAlert
🚨
No surprises, the Fake Pi Network token that we saw on Polygon has dropped 100%
Poly: 0x476E85A1461ee597045806Cb8795CAC4b53d1e88
The
@PiCoreTeam
have confirmed that Pi hasn’t been authorized on any exchanges
Owner address removes liquidity for ~$61K and bridges funds to Polygon
Funds transferred to 0x765…da5fe which is the owner of a new copycat token called Pi Network
Poly: 0x476E85A1461ee597045806Cb8795CAC4b53d1e88
Stay vigilant!
#CommunityAlert
🚨
At 12:13:14 PM UTC, an attacker claimed a large amount of
#APECOIN
in the airdrop event by flashloan using $BYAC tokens to redeem for
#BAYC
NFTs.
The total profit of the attack is around ~ $820K (293
#ETH
)
We are seeing a possible exploit on
@BeanstalkFarms
- symbol $BEAN which has dropped 100%
#slippage
Address: 0xdc59ac4fefa32293a95889dc396682858d52e5db0x48f33863b1defc7b294717498c634ba9a5fb58a7
Be careful out there!
Given the centralization risks and the fact that the $SAFUU founder is associated with high-risk projects Clever DeFi & Tagz Exchange found in the KYC investigation process, CertiK decided to delist SAFUU, terminate engagement, refund fees, and inform the community.
#CertiKSkynetAlert
🚨
Beware of scammers impersonating
#CertiK
employees.
We are aware that malicious actors are targeting victims of scams with fake recovery services.
We found the $SAFUU contracts have serious centralization risks during the KYC and the initial auditing process.
The "autoLiquidityReceiver" is an Externally Owned Account (address 0x5562640B953b6c2f79a655E930aFa68b2a65C627) that can remove $2.53M worth of tokens at any time.
#CommunityAlert
🚨
We are seeing a
#slippage
of over 95% on Blockbusters - $BBTF.
The slip in price is due to an exploit where the attacker increased his balance and sold tokens for $310K (965 BNB).
BSC:0xe7057b10e2b59f46d151588d9c8694b4b8328f44
Stay vigilant!
1/ CertiK completed an investigation of Zoro Inu, $Zoro, & found evidence of a Zoro team exit scam; commonly known as rug pull.
We are working closely with law enforcement to share evidence of the alleged crimes and team details collected during the comprehensive KYC process.
#CertiKSkynetAlert
🚨
Beware that hidden links can now be entered into Discord text.
Be careful not to click on these links, as they will likely lead to wallet drainers.
Read more below👇
#CertiKSkynetAlert
🚨
We are seeing a possible exploit on project
@FEGtoken
($FEG). The project had announced a migration yesterday.
The estimated total loss is at 916 BNB or approximately $282,047 USD.
Stay vigilant!
#CommunityAlert
🚨
At 11:20:44 PM +UTC, around 379
#BNB
(~$150K) was rugpulled by the $Elona deployer.
The deployer removed the liquidity and transferred 540
#BNB
in total to Tornado Cash.
#CertiKSkynetAlert
🚨
Multiple
@FTX_Official
address, both US and international, have begun sending assets to 0x59ABf3837Fa962d6853b4Cc0a19513AA031fd32b.
Currently it holds approximately ~$218.9M in assets but is sending and receiving every minute.
#CommunityAlert
🚨
Update on
@FEGtoken
incident.
Attack Flow 👇
from this tx:
1. The attacker borrowed 915 WBNB and deposited 116 BNB to the fBNB.
2. The attacker created 10 addresses that will be used in the coming attack.
#CommunityAlert
🚨
We’ve been alerted to a ring of
#PonziScheme
projects:
Bird Staking
Lucy Staking
LucyStakingBTC
Moonlight Staking
USDT Robotic
BNB Yielding
Baked Beans Hot
Do not interact!
Details and contracts in thread 👇
#CertiKSkynetAlert
🚨
Be aware of a fake
@PawShibarium
Twitter account posting a phishing link.
Do not interact with hxxps://pawecosystem.io/
Stay vigilant!
#CertiKStatsAlert
🚨
~$1.76 Billion in
#web3
losses for 2022 YTD.
2022 has been a busy year for hackers & scammers w/ exit scams leading May for total losses at ~$21M (highest of the year).
Combined major incidents come in at ~$78M lost to exploits, hacks & scams in May ’22.
The so-called “Fire Pit Address” of SAFUU holds ~15.3% of the total tokens but is an EOA (Externally Owned Account) rather than a true burn address; instead, burn tokens should be sent to the 0x…0000 or 0x000..DEAD standard burn address
#CommunityAlert
🚨
The
#BAYC
Instagram has been hacked. The hacker posted a link to a phishing website in BAYC’s Instagram bio requiring holders to connect their
#Metamask
accounts. Hacker has stolen 91 NFTs in total.
Hacker address:
#CommunityAlert
🚨
We are seeing a
#rugpull
on
@Swello_finance
$SWLO has dropped 100%. Tokens appear to be held in wallet 0x70D4a… Initial analysis shows about ~210k was stolen.
Stay safe out there!
#CertiKSkynetAlert
🚨
1/ In the last 24 hours ~$94M of transactions occurred between FTX, Binance, Alameda, and other crypto firms. Binance announced its liquidation of $FTT after the release of Alameda’s Q2 balance sheet causing mass withdrawals of the token.
More in 🧵👇
#CertiKSkynetAlert
🚨
We are seeing community reports of an incident with
@BitKeepOS
It was reported by the BitKeep team that some APK package downloads have been hijacked and installed with code implanted by hackers.
So far, more than ∼$6M worth of assets have been stolen.
#CertiKSkynetAlert
🚨
We have seen probable replay attacks taking advantage of incorrect ChainID inputs to token bridges. The vulnerability does not lie within
@EthereumPoW
We can see that the exploiter 0x82FaE has transferred funds to an
@MEXC_Global
account.
Stay Vigilant!
#CommunityAlert
🚨
The
@AudiusProject
has been exploited for a total of ~$6M worth of AUDIO tokens, the tokens were sold for 705 ETH.
The attacker modified the Audius governance contract's configurations, then proposed and executed a malicious proposal draining 18.5M AUDIO.
#CertiKSkynetAlert
🚨
We are seeing reports that
#Twitter
core database was hacked and a data dump of 400 million accounts including passwords & phone numbers is up for sale on the dark web for $50,000.
Read more 👇
#CommunityAlert
🚨
We are seeing a movement of 3277.8 $BNB
~$992,353) to
@TornadoCash
from the Hacker that stole funds from
@FEGtoken
.
Don’t interact with wallet address: bsc-0x73b359d5da488EB2E97990619976F2f004e9fF7C
Stay safe out there!
#CertiKSkynetAlert
🚨
We are seeing reports that a phishing link has been posted in
the
@cilistiap2p
Discord server.
Do not click any links until the team has confirmed they have control of the server.
See more below 👇
Stay vigilant!
The SAFUU contract allows the Owner to sell SAFUU tokens in the contract address to BNB, and send those BNB to the "treasuryReceiver". Both the "treasuryReceiver" and the Owner is the same Externally Owned Account:
Owner address removes liquidity for ~$61K and bridges funds to Polygon
Funds transferred to 0x765…da5fe which is the owner of a new copycat token called Pi Network
Poly: 0x476E85A1461ee597045806Cb8795CAC4b53d1e88
Stay vigilant!
#CommunityAlert
🚨
We are seeing a price drop on project
@flagnetwork_NFT
.
$FLAG has dropped more than > 98.97%.
Address: 0xa5496935A247fA81B1462E553ad139d2FD0af795
They’ve stopped messaging in their Telegram group(s) and no official statement.
Stay Safe Out There!
#NFT
#CommunityAlert
🚨
We have detected a
#Ponzi
scheme on projects TacoTuesday and BakedBeans.
BakedBeans contract address: bsc - 0xE2D26507981A4dAaaA8040bae1846C14E0Fb56bF
TacoTuesday contract address: bsc - 0x9C2d2d490aB34e91796faa7f81037bbEe42277f5
Be careful before investing!
#CommunityAlert
🚨
@ProtocolRoyal
's $ROY token has dropped by more than 80%.
The account 0x94ab3a8d26104af75d5f3f9091472dc70a874ff4 removed a large amount of liquidity from the ROY-WBNB pool and swapped the $ROY for $WBNB.
Total profit is ~1,100
#BNB
or $412K
#CommunityAlert
🚨
We are seeing a massive price drop and suspicious behavior on "Blue Token."
Contract: 0xFd0fDc8A674E1EA88E2D83b04C7c8BE5cD1719c4
$BLUE has dropped more than > 94.52%
Be careful out there.
#CommunityAlert
🚨
The project
@shareupswap
$SHARE has CertiK listed on its website as a "partner", however no audit or any other business has been conducted.
Please be aware
#CommunityAlert
🚨
We are seeing abnormal behavior on project
@0xSocialDao
. $Social has dropped in price and the team’s twitter was closed.
CertiK’s Incident Response Team confirmed a message on the project website indicating one should NOT interact with the token or contract.
#CertiKSkynetAlert
🚨
Beware of a fake Layer Zero airdrop site being promoted on Twitter.
Do not interact with hxxps://layerzero.global/
Site connects to known wallet drainer
Stay vigilant!
#CommunityAlert
🚨
On May 16th, 2022 09:24 PM +UTC
@FEGtoken
related tokens experienced a flashloan attack w/ unverified contract on BNBChain with ~$1.3 Million in losses.
The tokens involved were: $FEG, $fBNB, and $R0X (FEGrox).
Exploiter Address:
We REPRODUCED one RCE attack to the latest TG Desktop on Windows (release version 4.16.6 x64).
All credits go to the original security researchers (github: el-garro) who reported the issue first.
#CertiKSkynetAlert
🚨
In 2022, we have recorded ~$523M in losses due to exploits, private key compromises and exit scams on the Solana blockchain.
We can see how this breaks down below by incident 👇
#CertiKSkynetAlert
🚨
A community member reached out to us over a possible fake audit claim.
We can confirm that we have no relationship with bitcoinminingvip[.]com
Go to to see the projects that we have audited.
#CommunityAlert
🚨
We are seeing 11,539 eth (~$34 million USD) apparently locked by a bug found in the
@AkuDreams
contract.
Errors like these could have been discovered with smart contract auditing.
Address eth:0xF42c318dbfBaab0EEE040279C6a2588Fa01a961d
Get Audited!
$Luna and $Terra and Bears, oh my!
Lots of explainers and hot takes right now.
Here’s why we think it’s important from a Web3 Security perspective.
It was on the tip of everyone’s tongue. We’re going to give it a name:
”Reguforcement”
i.e. regulation and enforcement
🧵👇
#CommunityAlert
🚨
#DOXXED
$DOX token has dropped by more than 70%.
Multiple selling addresses got tokens from the deployer 170 days ago which were just sold for 319
#BNB
($126,495.14).
The funds were transferred to this address:
#CertiKStatsAlert
🚨
On Oct 6, 2022 at 18:26 +UTC, an attacker fraudulently minted 1,000,000 BNB from the BSC Token Hub bridge.
Two hours later, they repeated this same transaction, minting another 1,000,000 BNB.
#CommunityAlert
🚨
We are seeing a flashloan attack against
@DeusDao
- $DEI netting the attacker $16,839,708.27 USD in profit.
#flashloan
Transaction: ftm:0x39825ff84b44d9c9983b4cff464d4746d1ae5432977b9a65a92ab47edac9c9b5
#CertiKSkynetAlert
🚨
We are currently investigating a compromise of our X account
@CertiK
Do not interact with any posts until we have confirmed the account is secure
CryptoSecNewsAlert🚨
NY Sen
@SenKevinThomas
submitted a bill to criminalize rug pulls and other cryptocurrency frauds. The bill is currently under review.
Legal frameworks like this help prosecute scammers.
We help combat rugs w/
#KYC
and smart contract audits.
Read more 👇
#CommunityAlert
🚨
We are seeing a
#rugpull
on DIAOS that has had a slippage of >96%. The owner minted 1 million $DIAOS tokens using the `onlyOwner` mint function and sent it to another address that has been selling the token for $BUSD.
Be careful out there!
An exploit targeted our Referral Controller Contract.
- 214k LVL tokens drained to exploiters address.
- Attacker swapped LVL to 3,345 BNB
- Exploit was isolated from other contracts.
- Fix to be deployed in 12 Hrs.
- LP's and DAO treasury UNAFFECTED.
More details to follow.
@CertiKAlert
We can't confirm that such a vulnerability exists. This video is likely a hoax.
Anyone can report potential vulnerabilities in our apps and get rewards:
#CertiKSkynetAlert
🚨
Scammer known as “Monkey” has announced that the Monkey Drainer will close permanently
Monkey took a ~30% commission of ALL stolen funds from scammers using the phishing kit.
Some estimates are that $13m has been stolen using Monkey Drainers.. 👀👇🧵
#CommunityAlert
🚨
We are seeing a price drop on project
@hydrameta_org
. $HDM has dropped more than 60%.
The teams Twitter and Telegram have gone offline and the team is currently not reachable.
Please use caution 👀
#CertiKSkynetAlert
🚨
KyberSwap faced a very sophisticated attack and we dug deeper into the vulnerability rationale behind this attack.
Learn more about this attack below.
here are the highlights 👇️
#CertiKSkynetAlert
🚨
We have seen suspicious activity on EOA: 0xFB4d3EB37bDe8FA4B52c60AAbE55B3Cd9908EC73
Address has previously targeted
@FEGtoken
holders through a fake migration site
Revoke permissions if you have approved this wallet to spend your tokens!
Stay vigilant
#CertiKSkynetAlert
🚨
We have seen an exit scam on
@OrdiZK_
Website and social media accounts have been deleted
The deployer holds ~$1m worth of ETH from dumping tokens, removing ETH from project contracts and taxes from sales
#CertiKStatsAlert
🚨
Combining all the incidents in June we’ve confirmed ~$134M lost to exploits, hacks and scams.
Exit scams were ~$7.4M
Flashloans were ~$2M
Exploits were ~$125M
See more details below 👇
#CertiKSkynetAlert
🚨
Be aware of a fake
@FEGtoken
Twitter account posting a phishing link.
Do not interact with hxxps://fegmigration.io/
Linked wallets are associated with phishing activity.
Stay vigilant
#CommunityAlert
🚨
Updates on
@Fortressloans
incident.
Fortress Protocol was the victim of oracle and DAO manipulation attacks leading to approx $3m USD taken by the attacker.
Attacker Address on BSC/ETH: 0xA6AF2872176320015f8ddB2ba013B38Cb35d22Ad
Attack flow 🧵👇
#CertiKSkynetAlert
🚨
The
@kucoincom
Twitter account is currently compromised.
Do not interact with any links or approve any transactions until the team has confirmed they have regained control of their account.
#hacked
#Twitter
Stay vigilant!
#CertiKSkynetAlert
🚨
We have detected a fake
@RealFlokiInu
Twitter account advertizing a wallet drainer
Do not interact with hxxps://floki.bz/
Drainer appears to be associated with Inferno Drainer.
Stay vigilant!
#CertiKSkynetAlert
🚨
Be aware of a fake
@triaslab
Twitter account posting a phishing link.
Do not interact with hxxps://event-trustpade.co/trias-token/
URL connects to EOA 0x03499474a491eF05127d8087A227089361BA7303
Stay vigilant!
#CommunityAlert
🚨
We are seeing a
#rugpull
on project Nut2Earn, symbol $NUT. Approximately ~$410,000 has been taken after an initial analysis. More details to come!
Stay safe out there!
🚨🚨🚨 RED ALERT 🚨🚨🚨:
Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps.
#CertiKSkynetAlert
🚨
Hotbit have announced that after 5 years of trading, they are ceasing centralised exchange operations from 04:00 UTC, 22 May 2023.
Users will have until 04:00 UTC June 21 to withdraw all their remaining assets.
Read more 👇
#CertiKStatsAlert
🚨
2022 has been a busy year for hackers & scammers w/ flashloans taking a lead in April for total losses at ~$301,496,742.
Exit scam losses were ~$6,319,850.
Combining all major incidents we come in at ~$376,736,790 lost to exploits, hacks & scams for April.
#CertiKStatsAlert
🚨
Combining all the incidents in December we’ve confirmed ~$62.2M lost to exploits, hacks and scams.
The lowest monthly figure this year.
Exit scams were ~$15.5M
Flashloans were ~$7.6M
See the details below 👇
#CommunityAlert
🚨
@DragonMainland
$DMS token dropped by over 80%.
Two selling addresses got tokens from the Team wallet today and sold them on the market.
Total profit: 210K $USDT and are in 2 addresses:
#CommunityAlert
🚨
We are seeing more movement of 900 $ETH (thus far) to
@TornadoCash
from the Hacker that stole funds from
@Ronin_Network
through the following address: 0xdf225C84A0eAEAaAC20E6C1d369e94EE13B9dF2A
Stay Vigilant!
#CertiKSkynetAlert
🚨
In total the
@ankr
exploiter 0xf3a465 address swapped 10 Trillion aBNB tokens to 5500 BNB and 5.34M USDC (approximately ~$7M in total).
The exploiter address still holds ~60T aBNB tokens and ~100 BNB.
Here is our CertiK SkyTrace with asset movements 👇
#CommunityAlert
🚨
Suspicious price drop on $KIBA. Price dropped > 90%
On 03/04/2022 3PM +UTC, the Kiba Inu contract deployer sold a large number of $KIBA for more than 1500 BNB (worthing $619K). The KIBA price dropped down by more than 90%.
#CertiKSkynetAlert
🚨
We are seeing a
#slippage
on project LuLu Token (LuLu)
Contract: BSC 0x93E6Dc506aBa6854bb2ccc2B376FC0669D9aE4ed
Which has dropped >93%
Multiple wallets have been selling LuLu, causing the slippage.
#CertiKSkynetAlert
🚨
Multiple
@FTX_Official
addresses, both US and international, are continuing to send assets to FTX Drainer Address 0x59A…
Currently, FTX Drainer Address 0x59A... holds approximately ~$62M in assets.
#CertiKSkynetAlert
🚨
We have detected a fake
@arbitrum
Twitter account posting a phishing link
Do not interact with hxxps://arbitrurn-labs.net/
Stay vigilant!
#CommunityAlert
🚨
Here’s an update on where things stand with
@feiprotocol
and
@RariCapital
A total of $79,348,385.61 was taken in the exploit
So far 5400 ETH (~$15,298,900) has been transferred to
@TornadoCash
22,672.97 ETH ($64,245,245.43) remains in the attacker’s wallet
#CertiKSkynetAlert
🚨
1/ Ice phishing is a considerable threat to the Web3 community
Instead of gaining accessing to your private key, scammers trick you into signing permissions to spend your assets.
We’ll outline below what to look out for, and how to protect yourself!
#SkyTraceAlert
🚨
Day 11, here’s the summary so far. Transactions from the wallet used to exploit
@Ronin_Network
$20.72 Million sent to exchanges
$89.94 Million sent to Tornado Cash
$459,891,672.02 Still in the Ronin Bridge exploit wallet
A total of 36,165 ETH
Stay vigilant!
#CommunityAlert
🚨
We are seeing a price drop on project
@Philcoin_com
. $PHL has dropped more than > 50%
An account sold 1,216,933 $PHL tokens for $168K worth of BSC-USD.
Transaction:
#CommunityAlert
🚨
@CopycatFinance
price has dropped 61% and could be a
#rugpull
Contract owner minted tokens and transferred them to the address: 0x9965D2d6D9a0d66f7A108339a00eD05076202ad1
Investigation is underway.
Use caution!
#CertiKStatsAlert
🚨
We found an old actor [ Hope money Exploiter (frontrun-bot) ] attacking again, still full of tricks, and the problem arose because the parameters of the proxy contract were not fully checked, leading to the possibility of arbitrary DELEGATECALL.
Loss
#CertiKSkynetAlert
🚨
We are seeing a price
#slippage
on projects Black Hole elves (BHE) and Black Hole Prince (BHP).
Both projects, deployed by the same deployer 0x72C…, have dropped more than >94%.
Stay vigilant!
#CommunityAlert
🚨
Today at 12:27PM +EST, over $150k was lost from the MIC-USDC pool. This caused the $MIC price to drop more than 85% and created a high suspicion for a rug-pull.
@Legendary_Retro
/ MIC contract address: 0xb5e8de65aa60a9855d0e5b872e63da02a93c28bf
Be cautious!
#CertiKStatsAlert
🚨
27 major attacks were recorded in February totalling a loss of ~$48 Million.
As always, make sure a project has an audit & KYC before investing!
Remember to always
#DYOR
and read the audit reports!
#CertiKSkynetAlert
🚨
Be aware of phishing site hxxps://fegtokens.in/ which is advertised by fake
@FEGtoken
Twitter accounts.
Do not interact with the site or approve any transactions.
Stay safe!
#CommunityAlert
🚨
We are seeing a price drop on project
@CryptogramTM
- $Cryptogram which has dropped >96%.
The drop is due to them pulling liquidity for a planned migration.
#slippage
Address: bsc - 0xdEBAA696f6Ed65c9D26d51F2Afb2F323f3c058E1
Stay alert out there!
#CertiKSkynetAlert
🚨
Earlier today, the full 116 page
@FTX_Official
creditor list was made public.
Customer names were redacted, however various companies including media outlets, airlines, hotels and more are listed.
The list is in docket
#574
below👇
#CertiKStatsAlert
🚨
Combining all the incidents in November we’ve confirmed ~$363M lost to exploits, hacks and scams
This makes November the most damaging month this year
Exit scams were ~$1.1M
Flash loans were ~$45.5M
Exploits were ~$316.4M
See more details below 👇