in a recent cyber heist: a hacker got away with over 1 million dollars from the levana protocol, underscoring the security hurdles in the cryptocurrency world. further details are shown below.
summary
- Addressing security challenges in crypto protocols
- The Levana protocol breach Catalyx exchange also impacted by security breach
-
investigation initiated Brief overview of the blockchain security report for 2023
Security challenges within cryptocurrency protocols: The Levana protocol breach
Levana, a decentralized finance startup, faced a significant security breach resulting in the theft of approximately 10% of its liquidity reserves, amounting to a loss of $1.14 million. The attack, orchestrated by a single malicious actor controlling seven wallets, began 14 days prior and targeted liquidity providers. The exploit exploited vulnerabilities in Tendermint and Cosmo SDK. While the Pyth oracle was involved, it was not found to have vulnerabilities. Additionally, a congestion attack on the Osmosis chain hindered Levana users from accessing markets temporarily. The incident, termed an “oracle attack,” has been resolved, ensuring the safety of traders’ positions and profits, with position closures proceeding normally. Founded in 2021, Levana protocol facilitates decentralized perpetual trading with leveraged positions for cryptocurrencies.
Catalyx exchange also experiences a security breach, prompting an ongoing investigation.
The Canadian cryptocurrency exchange Catalyx recently halted all trading, deposits, and withdrawals due to a security breach. This incident has jeopardized an undisclosed sum of customer funds, prompting CatalX CTX Ltd., the exchange’s parent organization, to launch an internal investigation. The aim is to assess the breach’s scope and identify potential culprits, including the possibility of involvement by an employee. Regulatory authorities in Canada have intervened, with the Alberta Securities Commission imposing a 15-day freeze on Catalyx, restricting cryptographic contract trading. This freeze, effective until January 5th, has been acknowledged by Catalyx CEO Jae Ho Lee, who has pledged to comply with regulatory measures following the security breach.A concise overview of the 2023 blockchain security report.
In 2023, multiple protocols, including Mixin Network, Euler Finance, and Multichain, experienced asset losses totaling hundreds of millions of dollars, as reported by Immunefi in December. The total losses from hacker attacks and web scams amounted to $3 billion, with 17% attributed to the Lazarus Group, linked to North Korea. The most significant attack targeted Mixin Network, resulting in over $200 million in losses. Euler Finance and Multichain followed with exploits totaling $197 million and $126 million, respectively. Despite a 52% decrease from the previous year, overall losses still reached $1.8 billion. Most losses were due to hacker attacks, with only $103 million attributed to identifiable fraud schemes. Decentralized protocols accounted for the majority of losses at $1.3 billion, while centralized finance protocols saw $409 million in losses.
