Beosin Alert (@BeosinAlert) / X

Beosin Alert

1,398 posts

Beosin Alert

@BeosinAlert

🔔#Web3 real-time risk alerts including #Hacks, #Rugpulls, #Vulnerabilities. Smart contract audit service @Beosin_com

Joined February 2022

Beosin Alert
@BeosinAlert
Oct 31, 2023
🚨#Unibot exploited🚨 Hacker: etherscan.io/address/0x413e… The root cause is CAll injection, where an attacker can pass custom malicious calldata into the 0xb2bd16ab() method to transfer tokens approved to Unibot contracts. Users need to revoke approval for
32K
Beosin Alert
@BeosinAlert
Sep 27, 2024
A security exploit of @Bedrock_DeFi contract resulted in a loss of approximately $1.7 million. The root cause of the attack is that the mint function in the project will cast the staked ETH into the same number of uniBTC. The price difference is not taken into account.
10K
Beosin Alert
@BeosinAlert
Apr 3, 2023
Analysis: The hacker first targets a pool with low liquidity to see if the MEV bot will front-run the tx. For example, the hacker tempts the bot with 0.04 WETH. It is found that the pool is indeed monitored by the MEV bot, the bot will also use all of its funds for arbitrage.
Beosin Alert
@BeosinAlert
Apr 3, 2023
Stolen funds are held at 0x3c98d617db017f51c6a73a13e80e1fe14cd1d8eb ($19,923,735.49) 0x5B04db6Dd290F680Ae15D1107FCC06A4763905b6 ($2,334,519.51) 0x27bf8f099Ad1eBb2307DF1A7973026565f9C8f69 ($2,971,393.59)
52K
Beosin Alert
@BeosinAlert
May 18, 2023
🚨Beosin security researchers have recently discovered a critical vulnerability in the library of SnarkJS (version 0.6.11 and earlier). SnarkJS is an open source JavaScript library for building zero-knowledge proofs, widely used in the implementation and optimisation of
17K
Beosin Alert
@BeosinAlert
Jun 11, 2023
⚠️Atlantis Loans was under a governance attack for ~$1M. The attacker gained control over the contract and replaced with a contract containing backdoor function to transfer tokens approved by users. Attacker:
bscscan.com
Atlantis Loans Exploiter | Address: 0xEADe071F...da62CF45b | BscScan
Address (Authority) | Balance: $10,314.35 across 2 Chains | Transactions: 707 | As at Jun-14-2026 05:41:48 PM (UTC)
45K
Beosin Alert
@BeosinAlert
May 24, 2023
$CS token was exploited for $714K in tx bscscan.com/tx/0x906394b2e… The root cause is that the sellAmount in the _transfer function is not updated in time. Attack Flow: 1/ The attacker borrows BSC-USD via flashloan and swap into $CS.
7.5K
Beosin Alert
@BeosinAlert
May 26, 2023
SeaSwapSui rug pulled with 32,787 $SUI. Txs: suiscan.xyz/mainnet/tx/Fb4… suiscan.xyz/mainnet/tx/ADH… The sender is the owner of the modules’ presale ledger (PresaleStorage object). The owner can call emergency_withdrawal_token () to withdraw all the $SUI and $SEA obtained in the
9.5K
Beosin Alert
@BeosinAlert
Jan 17, 2024
Socket protocol @SocketDotTech was under a call injection attack with a loss of ~$3.3M. This attack was mainly due to an unsafe call in the performAction function. It did not consider the case where the caller transfers in 0 WETH, allowing the caller to specify other functions
Socket
@SOCKETProtocol
Jan 16, 2024
Urgent Socket has experienced a security incident which affected wallets with infinite approvals to Socket contracts. We have identified the issue & have paused the affected contracts. We’re working on the situation & will keep you informed with regular updates & next steps.
12K
Beosin Alert
@BeosinAlert
Jun 12, 2023
Sturdy Finance was exploited for $770K earlier today. etherscan.io/tx/0xeb87ebc0a… Attacker exploits the read-only reentrancy vulnerability in Balancer to manipulate the price of cB-stETH-STABLE, then requirement of 'validateSetUseReserveAsCollateral' can be passed to remove
6.6K
Beosin Alert
@BeosinAlert
Jun 30, 2023
H1 2023 Web3 Security Statistics 🚨Total losses from hacks, phishing scams, and rug pulls in Web3 reached $655.61 million in the first half of 2023. Among them, 108 attacks -> $471.43M Phishing scams -> $108M 110 rug pulls -> $75.87M
17K