news Featured How to stay up to date with BlocSec news? Being an auditor is not an easy job. There’s a lot of pressure on us to do our job perfectly. If we don’t, and we miss something, millions are on the line. It’s a bit different than standard web security, where there can be breaches and databases
tutorial Featured How to become smart contract auditor? I would like to tell you it's an easy route to become one, but it isn't and there isn't a single path you need to take to become one. But there are multiple things you should do to increase your chances. First thing would
security Security should be the number one priority Dust didn't settle after the ThorChain was hacked yesterday. It was an interesting hack, but the reason it was possible was due to business decisions. Following last week's hack, Thorchain said it had been audited by multiple blockchain security companies to locate bugs in a given
DeFi DeFi double-edge sword problem What DeFi does that traditional financial institution doesn't is democratizing the access to financial instruments for everybody with internet connection and become community-owned. Currently, the most prominent DeFi products are being built on Ethereum. They are utilizing its robust smart contracts system. Smart contracts are composable, which means
hacks What happens when you don’t test enough? Looking at the number of exploits I already covered, you can guess what I’m alluding too. You’re right. You get REKT! But sometimes you also get lucky…somewhat. Credit goes to @Mudit__Gupta [https://twitter.com/Mudit__Gupta] for reporting this on Twitter. Wild Credit was exploited for
hacks PancakeBunny exploit used for the 3rd time When I wrote about PancakeBunny exploit, [https://www.adrianhetman.com/pancakebunny-hacked-for-40m/] I didn’t think I would be reporting the same hack for the 3rd time. But that’s our reality when projects fork another project’s code without changing much. Without even trying to stop the protocol and fix
hacks AutoShark hacked for ~$745k Bunnies are reproducing quite fast, and as it turns out, not only in nature but also in the blockchain. Autoshark was nearly 1:1 fork of PancakeBunny, and apart from copying all the logic, they also copied the flawed logic responsible for the PancakeBunny hack. A hacker used 100K BNB
hacks Bogged Finance Hacked for $3.5M May-22-2021 02:47:06 PM +UTC, BoggedFinance was hacked for ~$3.5M. This was due to the bug in the deflationary logic of the token. Bog Token is designed to be deflationary. 5% is charged with each transaction, 1% burned, and 4% going to the staking profit. Issues were in
hacks PancakeBunny hacked for $40M+ It’s a nice feeling to finally go to sleep after a hard day and wake up to $40M+ gone from another Binance Smart Chain DeFi protocol…BSC DeFi doesn’t have an easy time right now. This hack’s a “nice” addition to the growing amount of already stolen
security $232M lost due to hacks in DeFi alone I didn’t want to write another post like this, but at 10:36:20 AM +UTC, May 16, 2021, Bearn.fi was exploited, and $11M of funds was stolen from the pool. As Peckshield reports: > The incident was due to a bug in its internal withdraw logic in
hacks Is anybody safe from hackers in DeFi? Another day, another hack. For some time, it was relatively calm. I mean somewhat as DeFi space had more than two days time span between hacks. On the 12th of May, XToken has been hacked for around $24M. Yup. Adding only hacks that have happened in May, ~$85M were stolen.
security State of security of new DeFi projects This will be a continuation of a rant on how clients should prepare for an audit. [https://www.adrianhetman.com/how-to-prepare-for-a-security-audit/] Opinions and views are my own if you haven’t catch that 😉 I’ve been auditing smart contracts for 8 months now. I’ve seen my fair share of
security Featured How to prepare for a Security Audit DeFi space is growing strong, TVL is growing even faster, and the stolen value from DeFi protocols. According to DeFi Pulse [https://defipulse.com], the Total Value Locked in DeFi projects is roughly $80.78B. $80.7B... That’s $15B more since I brought that number up in my article
blockchain Featured Why hackers can steal from DeFi? DeFi, at the time of writing of this article, has over $65 billion dollars in Total Locker Value (TLV) according to DeFi Pulse [https://defipulse.com]. More than $230M were lost to hackers and scams in 2020 alone. This year's number is only increasing, and we already saw
