As Amulet continues to BUIDL and develop, we wanted to provide a brief update on events within the crypto industry overall. Hacks aren’t going away soon and Amulet was launched to combat and provide an extra layer of protection to your digital assets.
Since launching on the MainNet in Q3 2022, we’ve sold almost 1k covers and demand is ever-increasing. As a result, we’re continuing to work hard to increase TVL and capacity within our platform enabling us to protect more DeFi users.
As well as creating opportunities for users to protect their assets, providing capacity also brings high APYs. Get started today: app.amulet.org
We all remember major crypto events such as the recent UST depegging event or the FTX bankruptcy but these activities occur more often than many may believe. We’ve picked out 5 crypto hacks that occurred in February 2023, the report, the cause and whether Amulet’s smart contract cover would’ve paid out had they been listed on our MainNet.
1. Orion protocol
On February 3rd 2023, a flaw within the Orion Protocol smart contract saw the protocol exposed to a re-entrancy attack. The root cause of this hack was due to incomplete re-entrancy protection allowing token transfers to re-enter other functions. This enabled manipulation to increase users’ balances without incurring an additional cost of funds.
The re-entrancy attack caused losses of $3m. (ref – PeckShield)
If listed on Amulet, would users have been able to claim? Yes, it would’ve been covered in our smart contract vulnerability cover terms
2. dForce
On February 10th 2023, dForce Network was attacked on the Arbitrum and Optimism chains through a re-entrancy vulnerability. The attacker took out a flash loan, deposited them into Curve’s wstETH/ETH and further deposited the LP tokens into dForce’s wstETHCRV-gauge vault. The hacker exploited the re-entrancy vulnerability by manipulating the price of the wstETHCRV-gauge tokens when removing liquidity. As a result, they were able to profit from the liquidation of other users.
This attack caused losses in excess of $3.65m. (ref-SlowMist)
If listed on Amulet, would users have been able to claim? Yes, it would’ve been covered in our smart contract vulnerability cover terms
3. Dexible
On February 17th 2023, Dexible reported a loss due to hacking. A flaw within the smart contract saw the logic of the selfSwap function invoke the fill function which, in turn, calls data defined by the hacker. The attacker created a “transfer from” function within the data enabling them to pass in their own attack address, as well as that of other users. This enabled the transfer of tokens approved for the contract to be moved on and out.
This attack on the smart contract saw a loss of approx $1.54m (ref-Beosin)
If listed on Amulet, would users have been able to claim? Yes, it would’ve been covered in our smart contract vulnerability cover terms
4. Edge Wallet
On February 23rd 2023, Edge Wallet faced a malicious attack resulting in 2000 private keys being stolen. One user reported an unauthorised transaction of bitcoins and it was deemed that this wallet’s private key had been compromised. Investigations have since determined a vulnerability that would leak private keys when a user performed certain actions. The root cause was a private key leakage.
It is unknown the approximate figure of loss in this event. (ref-OnlineNews)
If listed on Amulet, would users have been able to claim? No, this was not a smart contract-hacking event
5. DungeonSwap
On February 27th 2023, DungeonSwap reported an exploit of 6 figures. Running on the BNB chain, the DeFi project saw a vulnerability within its smart contract exploited. The hacker stole BUSD from DungeonSwap users that had approved the DND token contract and transferred all profits onto another hash. The root cause of this crypto event was a flaw within the smart contract.
This crypto hack saw approx $730k stolen from the protocol (ref-DSTwitter)
If listed on Amulet, would users have been able to claim? Yes, it would’ve been covered in our smart contract vulnerability cover terms
These were just 5 of the multiple crypto hack events that occurred within the short month of February. If you want to learn more about crypto and DeFi hacks and where Amulet fits in, our team is always available: discord.gg/AmuletProtocol