Hack3d reports are the most detailed and authoritative security reports in the industry, providing the Web3 community with the most comprehensive statistics on onchain hacks, scams, and exploits.

In Q2 2024, $688 million was lost across 184 onchain security incidents, a 37% increase in value lost compared to Q1 2024. Phishing accounted for $433 million of these losses, with private key compromises coming in second at $170 million. Ethereum was hit hardest, with 83 incidents causing $170 million in losses. Despite these breaches, $99 million was ultimately recovered, adjusting total losses to $589 million for the quarter.

Total losses in the first half of 2024 reached $1.19 billion across 408 incidents. Despite these losses, regulatory advancements such as the passage of the FIT21 bill in the U.S. and the approval of spot ETFs for Bitcoin and Ethereum indicate a maturing market poised for increased institutional participation. However, the substantial losses experienced in Q2 and H1 2024 highlight the ongoing challenges in achieving a secure and stable crypto ecosystem.

“Q2 2024 has been another eventful quarter for the blockchain security world,” said Prof. Ronghui Gu, co-founder of CertiK. “The increasing value lost to hacks and scams underscores the importance of continued vigilance and innovation when it comes to onchain security.”

Stay Ahead of the Financial Curve with Our Latest Fintech News Updates!

The post CertiK Releases Hack3d: The Web3 Security Report for Q2 and H1 2024 first appeared on FinTecBuzz.

In the first half of 2023 alone, an estimated $207M was stolen through flash loan attacks. A flash loan is an uncollateralized loan provided by a smart contract that can be taken out for as short as a single transaction. In these attacks, hackers leverage flash loans to borrow substantial funds and manipulate DeFi protocols into unexpected states that developers may not have anticipated. Flash loan attacks can drain the entire TVL (total value locked) of a DeFi protocol, and their complicated nature combined with DeFi’s composability means these attack vectors often evade conventional audits.

Seeing the dire need to prevent these attacks, Quantstamp collaborated with researchers from the University of Toronto to advance their research into a production-level automated tool. With the tool now fully developed, Quantstamp is unveiling a new service for DeFi clients called Economic Exploit Analysis, where the Quantstamp team uses the tool to detect flash loan attack vulnerabilities in a client’s code. Available for both deployed and undeployed protocols, this innovative service will vastly benefit the entire DeFi ecosystem by reducing the number of flash loan attacks and the amount of funds lost to those hacks.

Quantstamp believes that the Economic Exploit Analysis service will have a lasting impact on the DeFi ecosystem. Coupled with Quantstamp’s core business offering, smart contract audits, services such as Economic Exploit Analysis will foster a safer and more secure environment for both DeFi companies and their users, pushing the industry further toward mainstream adoption.

“DeFi has the potential to change the global financial infrastructure for the better, but its success requires preempting threats like flash loan attacks. We developed this tool to provide DeFi protocols an extra layer of security on top of audits,” said Martin Derka, Head of New Initiatives at Quantstamp. “As DeFi evolves, security measures need to evolve with it. Services like Economic Exploit Analysis give us an edge against hackers.”

While the search process of the tool is automated, some manual guidance and protocol-specific adaptations are required. In addition to checking clients’ contracts, auditors also incorporate contracts from the integrated and other relevant DeFi protocols, which enhances Quantstamp’s ability to discover flash loan attack vectors that involve multiple protocols. While the search tool is non-exhaustive, meaning that attacks may still exist even if the automated tool doesn’t detect them, its practical success rate is remarkably high. Currently available across all EVM-compatible chains, the Economic Exploit Analysis service has the potential to adapt the tool to other blockchains and VMs (virtual machines) suffering from similar attack vectors.

Quantstamp also offers security services including smart contract audits, ZK rollup audits, and more. Quantstamp is blockchain-agnostic, conducting audits for several other blockchains beyond Ethereum including Solana, Flow, Cardano, Avalanche, Binance Smart Chain, Near, Hedera Hashgraph, Tezos, Aptos, and Sui.

Fintech News – The Latest News in Financial Technology.

The post Quantstamp launches Novel Economic Exploit Analysis Service first appeared on FinTecBuzz.

CertiK, the leading global Web3, and blockchain security firm headquartered in New York, today announced the completion of an oversubscribed $88 million Series B3 financing round. This investment is led by Insight Partners, Tiger Global, and Advent International, with participation from Goldman Sachs and existing investors such as Sequoia and Lightspeed Venture Partners. This latest funding now brings CertiK’s valuation to $2 billion in just 3 months since its last round of funding. This is the fourth round of capital raised by CertiK in the past nine months, altogether totaling $230 million.

Blockchain security continues to see strong demand, which has led to substantial growth at CertiK as the leader in the category. Following a substantial loss of $1.3 billion in cryptocurrency in 2021, the year 2022 is already continuing that trend, with cryptocurrency losses predicted to be much higher than last year. Within the last three months, the crypto industry witnessed over $1 billion in cryptocurrency losses due to four major bridge attacks (Ronin Network, Wormhole, Qubit Finance, and Meter.io), as well as various flash loan attacks; both types of attacks of which seem to be trending this year.

CertiK’s mission is to secure the Web3 world. It delivers on this mission through an end-to-end set of security services, providing clients with a one-stop shop for all their security needs. To date, CertiK has protected over $300 billion worth of crypto assets for well over 3,200 enterprise clients. CertiK’s auditing service provides pre-deployment auditing and formal verification for smart contracts, blockchain protocols, and Web3 apps, while Skynet provides on-chain 24/7 active monitoring of security threats. CertiK also recently launched its Know Your Customer (“KYC”) and fraud investigation service this year. CertiK believes KYC is the missing link in most competitive offers for helping prevent malicious intent i.e., rug-pulls, by owners of a project. Overall, CertiK’s leaderboard enables transparency for its community and builds both trust and visibility for the projects that are listed there.

CertiK’s products and services continue to show strong demand, supporting an incredible growth of revenue for the company. For the year 2021, CertiK saw its revenue surge 12x, while its profits surged by 3,000x. Even with the temporary downturn in the crypto market, CertiK’s 2022 Q1, Year-over-Year Web3 security revenue grew by 4x. According to CoinMarketCap data, CertiK serves 60% of all listed blockchain projects that use third-party security audit services.

CertiK’s leadership and tremendous growth have already been widely recognized by the industry. In March 2022, CertiK received awards for the CB Insights Blockchain 50 award – listed as the only blockchain security firm, and the Globee Awards – Cybersecurity Global Excellence Award.

“CertiK is a mission-critical blockchain cybersecurity platform in a massive market and has already become a clear leader in the industry with a high-quality product that provides all-round security for blockchain, smart contracts, and Web3,” said Steve Ward, Managing Director at Insight Partners. “We look forward to partnering with CertiK’s best in class founding team, complete with a team of leading crypto security thought leaders as they continue to grow and Scale-Up.”

“We are excited to invest in CertiK as a leader in developing critically needed cybersecurity solutions for the Web3/DeFi market,” said Eric Noeth, Partner at Advent International. “The decentralized Internet that runs on the blockchain has experienced high levels of security breaches and is in dire need of the kind of effective solutions that CertiK provides. We look forward to partnering with the CertiK team as it continues its tremendous momentum in making blockchains safer and more performant while also providing consumers with much-needed visibility into security considerations across new and existing projects.”

“Goldman Sachs is excited to be an investor in CertiK, a leading security platform for the blockchain and Web3 ecosystem,” said Oli Harris, Managing Director, Goldman Sachs. “As we see continued growth in use cases and assets on decentralized applications the solutions being built by CertiK will be integral to securing the ecosystem, helping to accelerate innovation and adoption of these novel technologies.”

This new round of funding, coupled with revenue generated from KYC, Skynet, and Security Leaderboard services, will be used for the development and operation of more innovative and data-driven security products. “Given increasing trends in rug-pulls, we now see KYC playing an important role in Web3 security,” said CertiK Founder and CEO, Ronghui Gu. “KYC, together with Smart contract auditing and 24/7 monitoring of threats, will further strengthen our offer around end-to-end Web3 security services.”

CertiK continues to hire top-tier product and development talent to help deliver on its end-to-end product strategy. CertiK recently invested in the hire of Kevin Liu, CertiK’s Chief Product Officer. Mr. Liu is an experienced product and engineering leader, with over 20 years of global experience in the technology industry, with a focus on media and telecoms. Before CertiK, Kevin was a founding member of FreeWheel (a Comcast company) where he held various leadership positions, including VP of Product and VP of Engineering. He also served as General Manager, China, and Chief Technology Officer (CTO) of ads, at iflix. As CPO at CertiK, Kevin will be responsible for leading product strategy across the company, building the groundwork for initiatives in securing blockchain applications, and providing insights for the community, project owners, and other participants.

For more such Updates Log on to https://fintecbuzz.com/ Follow us on Google News Fintech News

The post CertiK Doubles Its Valuation to $2 Billion in Just 3 Months first appeared on FinTecBuzz.

“The biggest challenge facing blockchain applications today is user adoption,” notes Richard Ma, CEO of Quantstamp. “With over 90% market penetration in Korea and 40 million monthly active users, Kakao is well-positioned to bring blockchain to a large and active user base.”

With the belief that businesses will drive mass adoption of blockchain technology, Klaytn is designed to address all the roadblocks hindering blockchain adoption today. To ease development, it provides a strong developer experience through its familiar use of Solidity, a development environment and supporting tooling. For enterprises it provides the transparency and integrity of blockchain technology with the performance and reliability needed for business applications. For users, the Klaytn platform provides means to simplify account creation and management, private key safekeeping and wallet provisioning and setup, as well as UX guidelines and references for developers to create easy to use interfaces.

“With Klaytn we have the technology and business partners that we think really can scale and serve a massive new userbase,” says, Junsic Youn, Lead of Product Management at GroundX. “With the scale of this project, the stakes were high and we wanted to make sure it was safe to deploy. Quantstamp has a good reputation for thorough audits. Their professional process and experience in the field led us to choose them to ensure the security of the Klaytn blockchain platform.”

Get an Audit with Quantstamp
Interested in receiving a Quantstamp audit or other service? The best crypto native companies trust Quantstamp to audit their products including Chainlink, OmiseGO and Binance.

About Quantstamp
Quantstamp is a Y Combinator-backed blockchain security company that conducts smart contract audits and also develops security products, services, protocols, and other automated security tools powered by QSP. The Quantstamp Security Network aims to enhance smart contract security and the reputation of projects that create smart contracts by producing openly accessible scan reports. Quantstamp recently expanded to Japan. Get an audit or run a security scan today at Quantstamp.com.

The post Quantstamp Audits Kakao’s Blockchain Platform Klaytn first appeared on FinTecBuzz.