In the period from the beginning of May back, the number of Exploit cases increased significantly. Have you ever tried to synthesize them and see if they have any characteristics? If not, then this article may be of help to you. Let’s start with the article.

What is Exploit?

Exploit is a concept to refer to attacks on a computer system. That is, intruders will take advantage of a specific system bug or vulnerability that they discover to break into that system.

Summary of Exploit . events

First, I will summarize all Exploit events from the beginning of May to the present.

What do you see from the characteristics of Exploit cases in recent times?

The criteria for this table is to summarize Exploit events by date, project name, amount lost, Exploit method (hacked or system error, operating model), related to Flash Loans, and Finally, which blockchain project was hacked.

From the table above, we have 16 exploits and can recognize some of the following keywords:

  • Mostly hacked (13/16).
  • Most are related to Flash Loans (9/16).
  • Most of it is in Binance Smart Chain (BSC) (11/16).

What to draw from that?

To answer the above question, let’s take a look at some figures of Ethereum, BSC and Polygon from about April to now to see what is interesting.

Data analysis

Total Value Locked (TVL)

The figure below depicts the daily TVL change of the 3 ecosystems.

What do you see from the characteristics of Exploit cases in recent times?

It can be seen that, from early January to mid-May is BSC’s heyday, when TVL’s hit a high of nearly $30B. This can be explained by the fact that Ethereum’s gas fee was too high before, forcing users to find an alternative, which is Binance Smart Chain.

What do you see from the characteristics of Exploit cases in recent times?

Although the gas fee around the beginning of May may have cooled down, due to the pre-existing momentum, TVL BSC continued to grow until mid-May, when it started showing signs of recession.

Daily Revenue

Profit per day also follows the same pattern as TVL, which further reinforces the fact that there are more users using BSC.

What do you see from the characteristics of Exploit cases in recent times?

Active Daily Address

Once again, the active wallet metrics prove that the number of users really grew on BSC, not only early April to early May, but even now.

What do you see from the characteristics of Exploit cases in recent times?

Back to the main question, what can be drawn from the above data?

Why does BSC have so many Exploit events?

With that said, BSC emerged as the only solution for the high gas fee coming from Ethereum from around February 2021, as shown by the BNB price starting to grow strongly as shown below. It is highly likely that the sharp increase in gas fees is due to the competition of bots in putting transactions into the block, called MEV (Miner Extractable Value).

What do you see from the characteristics of Exploit cases in recent times?

Based on the data analysis, in just 90 days, BSC’s TVL increased to about $23B, along with the number of active wallets increasing by almost 4 times during this time, showing that BSC is really hype. Plus the previous meme coin trends (Doge, Safemoon,…) have led to one thing: More and more projects are springing up on BSC, but most of the projects are meme-oriented, or fork out. from big projects to keep up with the trend.

The result of that “instant eating” has been shown in the series of Exploit cases mentioned above, when more than 60% of the incidents were in BSC. The reason is that these projects code quickly to follow the trend, without understanding the essence of what the project needs to do to prevent hacking.

Back to Daily Revenue, despite the growth, but because the fee is so cheap, the profit amount of the project on BSC is not too much. The most obvious sign is that the peak of BSC has not yet reached the low of Ethereum ($3.23M).

Personally, I don’t rule out the possibility that the projects themselves create these Exploited cases to bring profits to the dev team themselves. “Users can farm with assets, devs can farm with projects” (note: this is just personal opinion).

As a result, user confidence began to decline, leading to a significant decrease in the TVL of BSC. Partly, of course, is also because Polygon is starting to grow, sucking up a portion of the TVL of both Ethereum and BSC.

And if teams keep dev in this way, it is inevitable that BSC will be hacked in the future.

Will the next victim be Polygon?

Based on the chart, it is easy to see that Polygon (MATIC) also has a very strong growth between February and May, just like BNB. The reason for this is because the structure of BSC and Polygon is similar to Ethereum, it is very easy to build a project on it, but the fees are much cheaper, so Polygon also becomes an alternative to Ethereum like BSC .

What do you see from the characteristics of Exploit cases in recent times?

If you notice, Polygon looks like a 2nd Binance Smart Chain, when the indicators all support that Polygon is in a strong state of development.

So when “smells easy to earn” on a new platform (Polygon), there will be many speculators developing projects quickly to make profits by rug pool, exploitation, …

And as a matter of course, the problem began to appear on Polygon gradually with 2 unfortunate events that happened in 6 months: Iron Finance and SafeDollar. Although both are not due to hack, but both have problems in the design of the model is not thorough. In the future, I predict that the frequency of Polygon hacks will start to increase gradually if nothing improves.

Learn more about Polygon’s ecosystem with this article: Overview of Polygon Ecosystem – Make Ethereum Great Again

Why are most hacks related to Flash Loans?

According to the above statistics, up to 56.25% of Exploit cases are bad guys using Flash Loans as a hacking tool. Many of you will wonder if the fault lies in Flash Loans or not? Then the answer in my opinion is no.

For those of you who do not know, Flash Loans can be said to be a great initiative of Crypto, allowing users to make profits quickly. You can learn more about Flash Loans here.

In addition to making profits, the fact that users trade arbitrage (Arbitrage) also helps exchanges to rebalance the token price, making the market stable in price.

In the previous article about the benefits and interesting views about Flash Loans that I have done, Flash Loans has a profound benefit that very few people think about that is filtering out weak projects.

Flash Loans being used to hack projects has been around for a long time. After hacking, not all projects die, but there are projects that develop very strongly, including the hack of Origin (OUSD). Learn more about how Origin is working to get back into the community after being hacked here.

For the reasons mentioned above, it can be said that Flash Loans is not guilty.

However, Flash Loans is like a double-edged sword, depending on what the user does, it will produce results in that direction:

  • Users who want to make a profit, will execute Flash Loans in a profitable way;
  • If you want to hack, just find the vulnerability, then just use Flash Loans as a loan tool.

So is there any way to prevent this? In my opinion, it is still there.

Some ways to limit Exploit and damage

More detailed code

Most projects are hacked due to forking from large projects, which may not fully understand the nature of the project, or the characteristics of the sector. The devs can fork Uniswap to create a new AMM project, but actually do not understand anything about the nature of AMM, and also the factors affecting how harmful AMM is.

So what needs to be done is that in addition to knowing the code, projects need to add knowledge related to their sector. Besides, if some projects are not hacked, due to the illogical mechanism, leading to errors, it is necessary to learn from previous projects.

Buy insurance

The project may have code very well, but that is not without problems. Therefore, buying insurance can be considered as a support plan for compensation. Some names can be mentioned such as Nexus Mutual, InsurACE, …

However, this method only applies to a few projects that are covered by insurance, and most of these projects are already known projects.

So how will insurance in the Crypto market be different from the traditional market? Who are the participants? What risks should be covered? Watch now: Crypto Insurance Market Overview

What do you see from the characteristics of Exploit cases in recent times?

Tokenomic design

In new projects that are not supported by insurance, they can design a tokenomic to divide the revenue from the project into many amounts, a part of which will be used to compensate users for damage if there is a risk. out.

If luckily there is no problem for a long time, this money can be farmed at Yield Aggregators like Yearn to generate more revenue.

summary

The development of blockchains in addition to giving users investment opportunities, there are other dangers, that is, not only more scam projects are born, but also users also face being hacked, leading to losses. property damage.

Talking about Flash Loans, this will probably still be a retained and developed feature because of the benefits it brings. Therefore, it is essential to prevent being hacked by Flash Loans that the dev team invest time and knowledge to create a quality project.

What do you guys think about the recent Exploit incidents? Will there be more hacks in the future? You can comment your opinions below.

TECH NEWS RELATED

iOS 16: How to Add Widgets to Your iPhone Lock Screen

With iOS 16, Apple introduced a complete overhaul of the iOS Lock Screen, making it more customizable than ever and able to display information-rich widgets. This article shows you how to add select widgets your iPhone’s Lock Screen in ‌‌iOS 16‌‌, which is currently still in beta. Lock Screen Widgets ...

View more: iOS 16: How to Add Widgets to Your iPhone Lock Screen

iOS 16: How to Change the Lock Screen Clock to Arabic Numerals

In iOS 16, currently in beta, Apple has introduced a variety of customization options for the iPhone Lock Screen, including the ability to add widgets and style the look of the digital clock. Among the new changes you can make to the digital clock readout on the Lock Screen, Apple ...

View more: iOS 16: How to Change the Lock Screen Clock to Arabic Numerals

Bitcoin ‘Optimist’ Alex Adelman Calls NFTs ‘Perfect Intersection of Culture and Technology’

The Lolli CEO told Decrypt that Bitcoin “should have captured” the NFT uprising—but there’s still time.

View more: Bitcoin ‘Optimist’ Alex Adelman Calls NFTs ‘Perfect Intersection of Culture and Technology’

iOS 16: How to Change the Lock Screen Clock to Devanagari

In iOS 16, currently in beta, Apple has introduced a variety of customization options for the iPhone Lock Screen, including the ability to add widgets and style the look of the digital clock. Among the new changes you can make to the digital clock readout on the Lock Screen, Apple ...

View more: iOS 16: How to Change the Lock Screen Clock to Devanagari

Apple Watch Notifications or Control Center Not Working? How to Fix

Every watch face on Apple Watch is supposed to include a swipe up interaction to reveal the Control Center and its menu of buttons, and a swipe down interaction to reveal notifications. The only problem is, due to an undisclosed and intermittent bug, sometimes these interactions simply won’t work when ...

View more: Apple Watch Notifications or Control Center Not Working? How to Fix

Every fish Pokémon in the series, ranked from worst to best

Image via The Pokémon Company Pokémon designs draw from all sorts of real-life animals, be the foxes, frogs, or in this case, fish. After all, our world is mostly water, so it’s only fair that so many Pokémon are styled after sea creatures. Below you’ll find our list of ...

View more: Every fish Pokémon in the series, ranked from worst to best

SaskTel donates funds and services for Ukrainians settling in Saskatchewan

The company will provide Ukrainians settling in the province free prepaid wireless services

View more: SaskTel donates funds and services for Ukrainians settling in Saskatchewan

Apple iPad to maintain Home hub support with iPadOS 16, but there’s a trade off

Apple intends to introduce a new architecture to the updated Home app with iPadOS16, and that the iPad would not be supported as a home hub in that specific architecture

View more: Apple iPad to maintain Home hub support with iPadOS 16, but there’s a trade off

Nothing confirms upcoming Phone (1) sports ‘custom-tuned’ mid-range chip

Apple Releases Safari Technology Preview 148 With Bug Fixes and Performance Improvements

Odd Inputs And Peculiar Peripherals: Miniature Steel Drums Become Rotary Mouse Controllers

How to use Photo mode and take photos in F1 22

7 Best Discord Chrome Extensions to Supercharge Your Experience

Apple Offering Apple Card Owners 4% Daily Cash Back at Select Stores in July

All Crown Clash challenges in Fall Guys and how to complete them

Diablo 2 Resurrected patch makes Horadric cubes more convenient

How to get the Fall Guys Bean-117 backpack in Halo: The Master Chief Collection

Genshin Impact 3.0 leak: Dori’s splash art and Talent

How to play split-screen multiplayer in F1 22

How to down Survivors with your chainsaw as The Cannibal in Dead by Daylight

OTHER TECH NEWS

Top Car News Car News