|
|
Hello from your favorite auditor community!
|
|
Hey there, welcome to the exciting October summary of the AuditOne Newsletter! Are you ready to dive in and discover some amazing insights? Let's get started!
What we’ll cover:
Aurora Audit Contest from November 8th. Partnerships. Audits Where you can find us at the European Blockchain Convention: Biggest Hacks in October. New Feature Alert: Auditors' Public Profile and Invoice Management Now Available in Our App. Our Blog Posts.
|
|
|
|
Aurora Audit Contest from November 8th Attention all security professionals in the Web3 space! AuditOne is excited to announce our upcoming Audit Contest for Aurora smart contracts. Beginning on November 8th, participants can compete for a prize pool of 50,000$. To enter, simply register on our platform and put your skills to the test. Take your chance to demonstrate your expertise and win big.
Stay updated on the competition by following us on Twitter.
|
|
|
|
|
|
|
|
Partnerships We are excited to announce a new partnership with @pitchtalk_com as their security partner. We were one of their first supporters and won the PitchTalk Demo Day. Our collaboration will ensure excellent protection for web3 projects as they launch campaigns and start fundraising.
|
|
|
|
|
|
Audits We are proud to announce that we have completed the audit for @ZarbanProtocol!
Two other audits are ongoing which we will soon reveal to you.
|
|
|
|
|
|
We attended the European Blockchain Convention and pitched at the Startup Battle! AuditOne was selected among 50 other innovative startups in web3 to pitch at the Startup Battle of the EBC. David, our Operation Manager, took on this task, and his pitch helped us connect with new potential clients and partners! Here's what David had to say in his own words: "I am thrilled to have participated in the EBC Startup Battle, presenting AuditOne GmbH amidst 50 other innovative startups. Kudos to the deserving winners!
Thank you to the EDC9 team for orchestrating such an insightful event.
Reconnecting with familiar faces and making new friends was the highlight. Also, engaging in dialogues with investors and forging partnerships to build trust in web3! And, of course, Barcelona's charm is unparalleled. I can't wait to return to this magnificent city. Until next time, Barcelona, I'm looking forward to EDC10."
|
|
|
|
|
|
Biggest Hacks in October Each attack serves as a reminder that a security-first approach is essential for Web3.
On October 11, 2022, Mango Makers was hacked, resulting in losses of $115 million. Attackers exploited the platform's system and borrowed a whopping $116 Million by manipulating the collateral value perception.
TempleDAO's STAX Finance experienced a hack on the same day, resulting in a loss of approximately $2.3 million. Hackers took advantage of a vulnerability in the migrateStake function's smart contract. They withdrew 321,155 xLP tokens by creating a deceptive contract that mimicked the old one and didn't transfer funds to the new one.
On October 12, 2023, an attacker exploited @Platypusdefi's AVAX account using a flash loan. They created a contract to interact with the project's contracts, obtaining 7,935.91 WAVAX and 49,648.81 sAVAX, worth ~$1M. The funds remain in the attacker's malicious contract.
On October 13, 2023, someone used a flash loan attack to steal around 113 $ETH (about $175K) from Beluga Protocol @Belugadex. Beluga Protocol is a multichain stable swap AMM on the Arbitrum chain. The attacker made 21 transactions, starting with only 0.1 $ETH from the OKX exchange. They manipulated the USDT-USDC.e balance to make a profit. After pocketing the stolen cash, the attacker transferred the funds to the MEXC crypto exchange.
|
|
|
|
New Feature Alert: Auditors' Public Profile and Invoice Management Now Available in Our App Exciting news! We have updated our app to provide auditors with even more capabilities. Auditors can now create and manage public profiles that showcase their expertise. Additionally, they can handle invoices within the app, streamlining the auditing process. This new feature is a game-changer as it boosts transparency, fosters trust, and simplifies the payment process for auditors. Clients will also benefit from this update as they can easily access auditors' profiles, enhancing their user experience.
|
|
|
|
|
|
|
|
Exploring Web3 Bug Bounty Programs Web3 bug bounties are treasure hunts where ethical hackers find and fix security flaws in Web3 technology. By reporting vulnerabilities, they can earn rewards, like the $1.8 million recently awarded to two individuals by the NEAR protocol.
|
|
|
|
What is on-chain monitoring? It is crucial to pay daily attention to security in Web3 infrastructure. A question that often arises is, what is the longest duration DeFi can go without a hack? In Q3 of 2023, hackers stole $700 million.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Decentralised audit pools & bug bounties.
|
|
.png)
