News Heat Trend
Project Overview
BlockSec delivers a full-suite Web3 security and compliance solution, spanning smart contract auditing, a real-time monitoring and threat-blocking platform, as well as crypto AML and forensic investigation platforms. Through Phalcon Compliance, customers can screen wallets and transactions for compliance risks, monitor suspicious activities in real time, and automate risk controls to meet regulatory and internal policy requirements. MetaSleuth enables fund-flow analysis to trace illicit proceeds and support investigations. Our 500+ customers include crypto exchanges, wallets, OTC desks, and financial institutions, along with regulators and law enforcement across 50+ jurisdictions.
Aztec Network Attacked, Losses Exceed $2.15 Million; Root Cause is a Mismatch Between ZK Proof and L1 Settlement Boundaries
According to analysis by BlockSec Phalcon (@Phalcon_xyz), Aztec Network's RollupProcessorV3 contract was attacked, resulting in losses exceeding $2.15 million. The root cause is that `numRealTxs` was not effectively bound to the transaction set enforced by the ZK proof, causing a deviation between the proof verification path and the L1 settlement logic's interpretation of the transaction list.The attacker exploited this vulnerability to move real deposits to slots not processed by the settlement logic, bypassing the `decreasePendingDepositBalance()` function. By creating unbacked private balances out of thin air, they were able to withdraw funds through the normal settlement process. A total of seven assets were involved.
$TOP Token Suffers Governance Attack, Sustaining ~$1.59M in Losses
According to BlockSec Phalcon (@Phalcon_xyz), the $TOP token suffered a governance attack, resulting in losses of approximately $1.59 million. The attacker exploited the token’s low market capitalization to acquire over 50% of voting power at minimal cost. Subsequently, they passed a malicious governance proposal to mint a large quantity of $TOP tokens for themselves, then swapped these tokens for WETH via the Balancer liquidity pool—depleting the pool’s liquidity. BlockSec Phalcon advises projects using governance mechanisms similar to those of Lido or Aragon to promptly review governance security measures, including voting power distribution, quorum and approval thresholds, and minting permissions.
Hyperbridge Contract Hit by MMR Proof Replay Vulnerability, Suffering ~$242,000 in Losses
According to BlockSec Phalcon, the HandlerV1 contract managed by Hyperbridge on the Ethereum network was found to contain a Merkle Mountain Range (MMR) proof replay vulnerability, resulting in approximately $242,000 in losses. The vulnerability stems from the lack of binding between proofs and requests, enabling attackers to replay historical valid proofs alongside newly forged requests to perform malicious actions—such as altering administrator privileges. In the specific incident, the attacker changed the Polkadot (DOT) token administrator and then exploited those privileges to mint additional DOT tokens for profit. Observed attack transactions include: changing the DOT token administrator and minting new tokens (losses of ~$237,400), changing the ARGN token administrator and minting new tokens (losses of ~$3,800), and host withdrawal operations. The vulnerability was discovered by PhalconSecurity and analyzed via PhalconExplorer. Previously, the Hyperbridge gateway contract was attacked, leading to the unauthorized minting and subsequent dumping of 1 billion DOT tokens on Ethereum.
Related news
Aztec Network Attacked, Losses Exceed $2.15 Million; Root Cause is a Mismatch Between ZK Proof and L1 Settlement Boundaries
According to analysis by BlockSec Phalcon (@Phalcon_xyz), Aztec Network's RollupProcessorV3 contract was attacked, resulting in losses exceeding $2.15 million. The root cause is that `numRealTxs` was not effectively bound to the transaction set enforced by the ZK proof, causing a deviation between the proof verification path and the L1 settlement logic's interpretation of the transaction list.The attacker exploited this vulnerability to move real deposits to slots not processed by the settlement logic, bypassing the `decreasePendingDepositBalance()` function. By creating unbacked private balances out of thin air, they were able to withdraw funds through the normal settlement process. A total of seven assets were involved.
$TOP Token Suffers Governance Attack, Sustaining ~$1.59M in Losses
According to BlockSec Phalcon (@Phalcon_xyz), the $TOP token suffered a governance attack, resulting in losses of approximately $1.59 million. The attacker exploited the token’s low market capitalization to acquire over 50% of voting power at minimal cost. Subsequently, they passed a malicious governance proposal to mint a large quantity of $TOP tokens for themselves, then swapped these tokens for WETH via the Balancer liquidity pool—depleting the pool’s liquidity. BlockSec Phalcon advises projects using governance mechanisms similar to those of Lido or Aragon to promptly review governance security measures, including voting power distribution, quorum and approval thresholds, and minting permissions.
Hyperbridge Contract Hit by MMR Proof Replay Vulnerability, Suffering ~$242,000 in Losses
According to BlockSec Phalcon, the HandlerV1 contract managed by Hyperbridge on the Ethereum network was found to contain a Merkle Mountain Range (MMR) proof replay vulnerability, resulting in approximately $242,000 in losses. The vulnerability stems from the lack of binding between proofs and requests, enabling attackers to replay historical valid proofs alongside newly forged requests to perform malicious actions—such as altering administrator privileges. In the specific incident, the attacker changed the Polkadot (DOT) token administrator and then exploited those privileges to mint additional DOT tokens for profit. Observed attack transactions include: changing the DOT token administrator and minting new tokens (losses of ~$237,400), changing the ARGN token administrator and minting new tokens (losses of ~$3,800), and host withdrawal operations. The vulnerability was discovered by PhalconSecurity and analyzed via PhalconExplorer. Previously, the Hyperbridge gateway contract was attacked, leading to the unauthorized minting and subsequent dumping of 1 billion DOT tokens on Ethereum.