The BlockSec Team, Zhejiang University, China

On May 8th, Peckshield reported a security incident about RariCapital. After careful investigation, we found that it’s a type of price manipulation attack (indirect one) that was described in our paper: DeFiRanger: Detecting Price Manipulation Attacks on DeFi Applications. In the paper, we focus on the detection of two types of new attacks on DeFi apps, including direct and indirect price manipulation attacks. The former one means that an attacker directly manipulates the token price in DEX by performing an unwanted trade in the same DEX by attacking the vulnerable DeFi app. The latter…

The BlockSec Team, Zhejiang University, China

On 30th Nov, our security incident monitoring system ThunderForecast discovered an attack on Loopring protocol (Blog in EN, CN) through scanning history transactions among the Ethereum. As a conclusion, the root cause of this attack is the lack of access control on the sellTokenForLRC function. The attacker took advantage of 80.97 ETH, which is equivalent to 48,849.2 USD based on the price at that time.

On 11th Dec 2020, our monitoring system ThunderForecast reported a series of transactions trading with an abnormal trade rate. Then, we used the EthScope system developed by our research…

By BlockSec Team, Zhejiang University, China

On January 2, 2021 (Beijing Time 07:25am), our monitoring system ThunderForecast reported a series of suspicious transactions towards the yCREDIT smart contract. Then, we used the EthScope system developed by our research team to analyze these transactions and confirmed that all reported transactions are malicious. Note that, the vulnerability was also disclosed in Twitter (Link1, Link2). In this blog, we illustrate the attack details.

Details

The attack is due to the number of tokens minted is inconsistent with the intended one. As such, the attacker can get more numbers of yCREDIT tokens with lower price…

The blog is published by BlockSec Team, Zhejiang University, China

On 16th Dec 2020, our monitoring system ThunderForecast reported a series of suspicious transactions. Then, we used the EthScope system developed by our research team to analyze these transactions and confirmed that all reported transactions are malicious. In this blog, we illustrate the attack with rich details to help understand the intention of each behaviour of the attacker.

What is Plouto Vault?

Plouto is an open decentralized asset management protocol. Plouto protocol comes up with a key idea called “Open Vault”. With this idea, except standard investing strategies, asset managers can also deploy their…

The blog is published by BlockSec Team, Zhejiang University, China

In November 2020, lots of DeFi platforms in Ethereum encounters a security incident, such as Pickle Finance, 88mph.

To detect the security incidents that happened in DeFi, we developed the ThunderForecast system. When analyzing recent transactions, it discovers a class of transactions that are extremely suspicious. First of all, there exists a pair of trades, which has a trade rate difference of more than a thousand times. Secondly, the caller(EOA) can always gain a few Ether at the end of each transaction. …

BlockSecTeam

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store