EUR/USD 1.15863
-0.330%
Gold 4508.96
-0.763%
Oil 100.509
2.285%
USD/JPY 159.170
0.157%
GBP/USD 1.34039
-0.230%
GBP/JPY 213.355
-0.070%
Browse More
  • English
  • 简体中文
  • 繁體中文
  • Tiếng Việt
  • ไทย
  • Indonesia
Subscribe
Real-time News
French Prime Minister Le Corny: The conflict with Iran is destined to continue.Iranian Foreign Minister Araqchi: As tensions with the United States continue to escalate, Tehran is prepared to negotiate and fight simultaneously, if necessary.1. Four sources say the seven major OPEC+ oil-producing countries are likely to agree to a slight increase in their July production targets when they meet on June 7, despite supply disruptions in several countries due to the war with Iran. The sources say the monthly production targets set by these seven core OPEC+ members are expected to be increased by approximately 188,000 barrels per day. 2. EIA Natural Gas Report: As of the week ending May 15, total U.S. natural gas inventories stood at 2.391 trillion cubic feet, an increase of 101 billion cubic feet from the previous week and 33 billion cubic feet from the same period last year, a year-on-year increase of 1.4%, while being 149 billion cubic feet higher than the 5-year average, an increase of 6.6%. 3. According to Al Jazeera, a senior Iranian official denied reports that Supreme Leader Mojtaba Khamenei had issued a new order requiring enriched uranium to remain within Iran, calling it "propaganda by the enemies of the agreement." The official added, "No new orders have been issued, and Tehrans position remains consistent—Iran will dilute these materials itself, which will also be the topic of the next phase of negotiations." 4. This week, Mysteels Coal and Coke Division surveyed the profit per ton of coke at 30 independent coking plants nationwide. The national average profit per ton of coke was 72 yuan/ton; the average profit for first-grade coke in Shanxi was 106 yuan/ton, in Shandong it was 111 yuan/ton, in Inner Mongolia it was 58 yuan/ton, and in Hebei it was 124 yuan/ton. 5. According to a survey by the Silicon Industry Association, the overall operating rate of the industry this week did not change significantly from last week. The operating rates of two leading companies were 42% and 44% respectively, the operating rate of integrated companies was between 50% and 60%, and the operating rate of other companies was between 50% and 68%. 6. The latest monthly report from the International Grains Council (IGC) shows that global soybean production in 2026/27 is projected to increase by 1 million tons to 442 million tons compared to the previous year, trade volume is expected to decrease by 1 million tons to 190 million tons, and consumption is expected to increase by 1 million tons to 445 million tons; carryover stocks are projected to increase by 1 million tons to 76 million tons. 7. The Party Leadership Group of the Ministry of Agriculture and Rural Affairs held a meeting, chaired by Zhang Zhu, Secretary of the Party Leadership Group and Minister. The meeting emphasized the need to strengthen responsibilities and missions, take initiative, and focus on key tasks related to agriculture, rural areas, and farmers. It stressed the importance of ensuring a successful summer harvest, continuously strengthening comprehensive regulation of hog production capacity, and stabilizing prices of hogs and other major agricultural products. 8. According to the U.S. Department of Agriculture: As of the week ending May 14, U.S. net export sales of soybeans for the 2025/2026 marketing year totaled 351,400 tons, compared to 102,100 tons the previous week. U.S. soybean oil net export sales for 2025/2026 were 0.1 million tons, compared to -0.06 million tons the previous week. U.S. corn net export sales for 2025/2026 were 2,125,300 tons, compared to 684,800 tons the previous week. 9. Iranian Ambassador to France, Mohammad Amin-Nejad, recently stated: “Iran is discussing with Oman how to establish some kind of permanent toll system to formalize its control over maritime traffic in the Strait of Hormuz. Iran and Oman must mobilize all resources to provide security services and manage navigation in the most appropriate way. This will incur costs, so those countries that hope to benefit from this navigation must also bear their share of the responsibility (i.e., reopening the strait requires paying a fee).The Kansas City Fed Manufacturing Composite Index for May was 8, below the expected 9 and the previous reading of 10.The Atlanta Feds GDPNow model projects U.S. GDP growth of 4.3% in the second quarter, down from its previous forecast of 4.0%.

CertiK Crypto Report Counts $2.9B in Assets Stolen in 2022

Cory Russell

Oct 10, 2022 11:57

微信截图_20221010101057.png


Cryptocurrency security company CertiK wants you to be aware that it is not secure. The most recent analysis from the organization explores the murky underbelly of the world of digital assets in 2022.


Sadly, the dark underbelly of the industry is more powerful than crypto enthusiasts would want to accept. In only the first three quarters of the year, cyber thieves have seized over $2.9 billion. Additionally, CertiK claims that the methods used by these crooks are only improving.


According to CertiK's mid-year study released at the end of June, cryptocurrency thieves were on pace to siphon off about $1 billion in assets per quarter. As of today, when they released their third-quarter report, it is proving to be true. But the study contains a wealth of information beyond the startling figures on the front. In the previous three months, the firm has recorded 171 escapades. Decentralized finance (DeFi) flash loan assaults and rug-pull scams are only two examples of the vulnerabilities that may be used to steal from projects from inside. The analysis also finds that while being rare, multi-chain attacks have easily caused investors the greatest harm. Only six vulnerabilities were used in Q3 across different chains, yet they are responsible for more than $440 million of the $504 million in theft.


The rise in rug-pull or "exit" frauds in Q3 is one particular finding in this study that merits special attention. 89 scams were reported to have stolen $37 million in the company's Q2 report; in the Q3 report, 98 of these scams took a total of $57 million, a 54% increase. Hugh Brooks, Director of Security Operations at CertiK, explains to InvestorPlace that despite being simple to carry out, these frauds are not going out of style in the middle of a market slump. As Brooks warns investors, "A project being unaudited should raise a significant red alert." "A project could provide a novel approach to a problem or fill a market need, but if it puts your money at risk, it usually isn't a very smart investment."

As report case studies demonstrate, audits are not a panacea.

An exit fraud is one difficulty, but as CertiK notes, they only make up a small portion of 2022's losses.


Projects get a seal of approval from audits, which also provide confirmation that the smart contracts for the project are not in jeopardy. They are not, however, a failsafe method of project security.


The Slope wallet, Wintermute market maker, and Nomad bridge's respective adventures are three of the biggest ones from the quarter, according to CertiK's research. The $8 million in damages suffered by Slope were caused by a flaw in the way the seed words for users' wallets were kept. Once these words were discovered, hackers were able to steal money from victims' wallets one at a time. The creators of Wintermute made the decision to build its market maker on a wallet address that reduces transaction gas costs, which led to the game's vulnerability. Transactions required less CPU resources to settle when addresses had a lot of zeros in them. However, this choice of address allowed a hacker to quickly open the wallet. The losses suffered by Nomad are the result of hackers taking advantage of a weakness in the process of moving assets from one chain to another.


According to Brooks, "[The projects'] losses were not brought on by flaws in the audited smart contract code." In fact, the smart contracts for Wintermute and Nomad have both been reviewed and fixed. They yet fell prey to two of the greatest hacks of the year.

Projects to Secure Web 3.0: Next Steps

These three instances show that audits are insufficient to address an issue that is just becoming worse as time passes. Auditing is a crucial first step, according to Brooks. But a genuine commitment to security also calls for continuing testing, hardening, and monitoring techniques after implementation.


The issue of exit frauds is real. They keep stealing money from investors. However, as Brooks notes, they don't pose the same threat as the more profitable code attacks. The overall market slump has decreased asset prices and reduced the influx of novice investors, who are more prone than average to become victims of an exit scam.


While rug-pullers continue to use the same old techniques, hackers are growing more sophisticated. Rug-pullers rely on a steady supply of less experienced investors to approach them. On the other side, hackers are targeting large projects with many wallets and high liquidity, which makes them a larger danger to the whole crypto ecosystem.


As a result, according to Brooks, initiatives must do more than just get a smart contract audit. "The sector is developing at an incredible rate. To safeguard users and encourage the creativity that makes this sector so unique, we must enhance the degree of security across the whole Web3 ecosystem if we want this pace to continue. Additionally, CertiK notes in its report that it is striving to compile a group of tools and resources for projects that go beyond the straightforward tasks of auditing and into the world of real-time monitoring and bug hunting.

Suggestion