Security Team: The Discord server of the NFT project Saphire was attacked

[Security Team: The Discord server of the NFT project Saphire was attacked] Jinse Finance reported that, according to CertiK monitoring, the Discord server of the NFT project Saphire was attacked, the chat has been locked, and there are phishing links in the announcement, please do not click, Mint or approve any transaction.

Other news:

Security team: Rug pull occurred in the DeFi AI project, and the contract deployer made a profit of about 40 million U.S. dollars: Jinse Finance reported that according to the monitoring of the security risk monitoring, early warning and blocking platform of Beosin EagleEye, a blockchain security audit company Beosin, the DeFi AI project The Rug pull occurred, and the contract deployer made a profit of about 40 million US dollars. Beosin Trace is monitoring and tracing the stolen funds. [2022/11/14 13:02:16]

Security Team: Team Finance’s funds were damaged or due to poor contract implementation: Jinse Finance reported that according to the monitoring of Okey Cloud Chain, in addition to the contract loopholes in the attack in the Team Finance security incident, the implementation of the migration contract of Uniswap V3 was not rigorous or caused is one of the main causes of loss.

As previously reported, Team Finance claimed that $14.5 million in Token was stolen and the protocol was temporarily suspended. [2022/10/28 11:53:10]

Security team: The NFTStaking contract of the ownlyio project was attacked, and the loss amount was about 36,418 US dollars: According to news on May 11, according to the security public opinion monitoring data of Chengdu Lianan’s “Chain Bing-Blockchain Security Situational Awareness Platform”, NFTStaking of the ownlyio project The contract was attacked, with a total of 115 BNB stolen and a loss of about $36,418. According to the analysis of the technical team of Chengdu Chain Security, the reason for this attack is that the unstake function of the pledge contract of the ownlyio project did not check the user's claim status, so the attacker can use the unstake function to receive the ownly token in the contract infinitely, thereby extracting the pledge contract. All ownly tokens, and finally the attacker exchanged the acquired ownly tokens for 115 BNB through a pair transaction.

Attack transaction: 0x2cbe47edb040c710b7f139cbea7a4bced4d6a0d6c5aa4380f445880437ea072f

Attacker address: 0xba31058357ea2f474a2ed0d1b3f9183904ebd38a

Attacker contract: 0xa81ea095e0c3708e4236c71146748fa15b620386[2022/5/11 3:06:00]