Exploits, Hacks & and How We Detect Them
When talking about security exploits, this past year has been one of the toughest the web3 and crypto communities have ever known.
Over 3B$ was stolen in 2022, with October taking the lead at over 700M$. Hypernative strives to create new ways to secure digital assets (crypto) and web3. Not only do we aim to protect participants like investors, traders and users, but also protocol developers.
It is no secret that all blockchain information is available to the public. The trick is to find a way to make good use of this information to secure assets and eventually save money.
With the help of the Hypernative system, we have been able to detect malicious behavior events at the precise time of their occurrence. This happened at different stages, which helped us discern whether the behavior was going to be an attack on a certain asset or not.
Our system ran some tests in order to detect exploits and hacks that took place over the last 3 years. It managed to detect some big events that we’re excited to share. New events are detected all the time, in real time, and often hours before they take place.
Let’s take a look at the facts
These are some of the historical exploits over the last 3 years that Hypernative's system managed to detect. Many were detected in real-time and some were detected minutes, even hours, before their occurrence:
- “Audius” Hack:
The hacker changed the voting system and approved a governance decision, sending his own wallet $6M worth of Audius tokens. It took the Audius team 25 minutes to detect the hack and 2.5 hours to fix it. Hypernative could alert 17 minutes before the actual attack took place!
- Wintermute - 160M$ Stolen:
This is an example of a huge market maker that was exploited. The attacker used Wintermute’s Admin credentials and instructed the Wintermute wallet contract to transfer funds to the attacker’s contract.
- OlympusDAO - 300,000$ Stolen:
Hypernative spotted suspicious activity in the OlympusDAO token, where someone managed to maliciously redeem 30,437 OHM (~$300K) from their planned bond issuance. We contacted OlympusDAO and they confirmed that it was a hack.
- Xave Finance:
An attacker attempted to steal ~6.5 ETH. Hypernative detected this and sent an alert hours before the actual ETH tokens were stolen.
- AirSwap DAO:
Erroneous trades were made by a big market maker, Hypernative detected and warned in real time to stop the lose of funds ($9M were saved)
- “Terra Luna” de-peg:
Significant UST withdrawals were made from Anchor with subsequent sell pressure that caused a loss of 100$M. Hypernative could help mitigate the loss of funds.
There were more attacks that our system was able to detect - some from October 2022, the month with the most hacks:
Signata DAO - Hack attempt
Lilnouns DAO - Buggy proposal
Team Finance - 15M$ stolen
It’s interesting to note that malicious activity, hacks and exploits are being detected by our system all the time. We believe that in order to keep your assets safe, you must be able to automatically detect potential attacks. In addition, it is vital to discern whether or not a certain alert is real, and what the severity of the attack is. This will help those involved to make mindful and educated decisions.
If you wish to explore a solution that could help you keep your crypto assets secured, get in touch by emailing email@example.com