<img src="https://secure.glue1lazy.com/215876.png" style="display:none;">

Hack Track: DeltaPrime Flow of Funds Analysis

On September 16th, 2024, the decentralized lending platform DeltaPrime fell victim to a devastating hack. The attackers exploited a vulnerability in the protocol's security, resulting in the theft of over $6 million. Surprisingly, this is the 2nd strike on DeltaPrime within 2 months, the first one being on July 23rd this year when $1 million was lost due to a misconfiguration that allowed an attacker to take over accounts, repay loans, and withdraw collateral.

Read More

Investigating the UwU Lend Hack and Flow of Funds

UwU Lend, a decentralized finance (DeFi) platform, suffered a security exploit on June 10th, resulting in a loss of more than $18.89 million on the Ethereum blockchain. UwU Lend is a platform for cryptocurrency users to earn and borrow digital assets. Unlike traditional banks, it doesn't hold onto your funds (non-custodial). Users can participate as depositors, borrowers, or LP stakers. Depositors provide liquidity to the market to earn a passive income, while borrowers can borrow in an overcollateralized fashion. LP stakers provide liquidity and receive a revenue share when staking their LP tokens.

Read More

Hack Track: Pike Finance Flow of Funds Analysis

Pike Finance, a platform designed to simplify borrowing and lending digital assets across different blockchains, fell victim to a series of attacks in April 2024. Pike Finance allowed users to interact with their crypto directly on their native blockchains, eliminating the need for a complex "wrapping" process. This innovative approach aimed to streamline DeFi experiences.

Read More

Hack Track: CurioDAO Flow of Funds Analysis

CurioDAO is a multichain platform focused on real-world asset tokenization, enhancing liquidity through various mechanisms such as stablecoins, a launchpad, and Automated Market Makers.

The platform is governed by the Curio Governance Token (CGT), allowing holders to participate in decision-making processes related to the Curio Creator Protocol.

On the 23rd of March 2024, a vulnerability in the voting power privilege access control was exploited, leading to a significant security breach. The attacker gained access to Curio Governance (CGT) tokens, allowing them to increase their voting power within the project's smart contract. With this elevated voting power, the attackers were able to execute the unauthorized minting of a large quantity of CGT tokens. 

Read More

LastPass Hack: Flow of Funds Analysis

On October 25th, 2023, LastPass, a widely used password manager, fell victim to a security breach. The breach had significant ramifications, affecting approximately 25 users whose assets were distributed across 80 wallets. This breach resulted in a staggering loss of approximately $4.4 million in various cryptocurrencies. Among the affected blockchain networks were Bitcoin, Ethereum, Binance Smart Chain, Polygon, Solana, Cardano, Litecoin, Arbitrum, and Avalanche. 

Read More