The latest SlowMist Monthly Security Report highlights the alarming state of Web3 security. November witnessed total losses of $86.24 million across 21 major incidents. Smart contract vulnerabilities, phishing attacks, and account compromises drove these breaches. Despite the significant losses, recovery efforts brought back $25.5 million. These efforts offer a glimpse of hope amidst the ongoing battle against cyber threats.
Smart Contracts and Phishing Dominate the Threat Landscape
Smart contract vulnerabilities were the leading cause of losses in November, accounting for a $30 million loss across seven incidents. The attack on the Aptos-based DeFi project Thala was among the most notable cases. This DeFi project suffered $25.5 million in losses due to a poorly secured contract. Prompt action by the Thala team froze $11.5 million in assets and negotiated the recovery of the funds. This move by the Thala team allowed the attacker to retain $300K as a bounty.
Phishing also emerged as a significant threat, with 9,208 victims collectively losing $9.38 million. Scam Sniffer, a Web3 anti-phishing platform, was instrumental in tracking these incidents. This underscores the importance of vigilance among users.
Other high-profile incidents included the $4.75 million breach of DeltaPrime on Avalanche and Arbitrum. There, an inadequate input validation in its reward mechanism was exploited. MetaWin, a crypto gambling platform, lost over $4 million. This was done after attackers gained unauthorized access to hot wallets on both Ethereum and Solana. Additionally, the on-chain trading terminal DEXX suffered $21 million in losses. It was due to an ongoing attack targeting over 8,600 addresses on Solana.
Emerging Threats and Industry Response
Beyond traditional vulnerabilities, the SlowMist report brought attention to a new threat: AI poisoning attacks. These involve the use of compromised AI-generated code to infiltrate Web3 systems. It targets developers who rely heavily on automated tools. The report urges developers to adopt rigorous code reviews and extensive testing before implementation to counter this emerging risk.
Flash loan attacks also remained a persistent issue. The Fantom-based DeFi project Polter Finance experienced a $12 million attack that manipulated token pricing and reserves. Efforts to recover funds through on-chain negotiations and official channels have so far been unsuccessful.
Despite these challenges, November saw a reduction in the number and scale of incidents compared to previous months. It signals incremental progress in Web3 security. However, the sophistication of attacks highlights the urgent need for continued vigilance and proactive measures.
These measures include regular audits, better supply chain security, and user education. As Web3 adoption accelerates, the SlowMist report serves as a critical reminder. This report is an urgent wake-up call about the importance of prioritizing security in the blockchain space.
