Maika Isogawa
Maika Isogawa
CETUS+2.78%
SUI+5.73%
🚨 BLOCKCHAIN HACKS: WEEKLY RECAP 🚨 Over $12M was drained this week. Again. Same bugs, same failures, same headlines. Here are the Top 10 recurring attack vectors we still haven’t learned from, and what made @Corkprotocol the hack-of-the-week. 🧵
1/ The @Corkprotocol exploit wasn’t fancy. Just a classic kill chain featuring: 🛑 Insufficient function access control 🎯 Price oracle manipulation 💰 Reward manipulation That’s 3 textbook bugs, and $12M gone.
These aren’t zero-days. These are known, avoidable, and documented. We still think “smart contract audit” = security. Spoiler: it doesn’t.
Let’s talk about Reward Manipulation. It’s when an attacker extracts fees/yield/emissions without risk or real value. Your protocol gets farmed. You lose. 🔥 See: Abracadabra ($13M) @picklefinance ($19.7M) @eulerfinance ($197M)
Then there’s the Price Oracle Manipulation playbook. Still works in 2025. Still wrecking DeFi. If your oracle relies on thin liquidity, you’ve already lost. @chainlink isn’t immune either (see deUSD’s $500K liquidation this week)
Access Control Failures One of the most boring, basic, and frequent failures. Missing onlyOwner, unchecked function calls, role mismanagement. and welcome back, Integer Overflow. Yes, the bug we thought we left in 2018 is back thanks to @CetusProtocol on @SuiNetwork. $260M, gone. Because someone didn’t check their math.
New entry on the leaderboard: Supply Chain Attacks Think Web2 vibes: - Infected NPM packages - compromised build tools - CI/CD pipeline exploits DevSecOps isn’t optional anymore. Audit your whole stack or enjoy the rug.
Security isn’t just on-chain. It’s your endpoint. It’s your infra. It’s your key management. Stolen private keys still lead the charts. And no audit can save you from sloppy ops.
Blockchains aren’t broken. We are. Every week, the same bugs. The same losses. The same post-mortems. Rug season ends when the space grows up.
🧠 Want more threads on DeFi exploits, smart contract risk, and blockchain security trends? 👉 Follow @maikaisogawa for more
Maika Isogawa
Maika Isogawa
🚨 BLOCKCHAIN HACKS: WEEKLY RECAP 🚨 Over $12M was drained this week. Again. Same bugs, same failures, same headlines. Here are the Top 10 recurring attack vectors we still haven’t learned from, and what made @Corkprotocol the hack-of-the-week. 🧵
The content on this page is provided by third parties. Unless otherwise stated, OKX TR is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX TR. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX TR is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.