- MonoSwap’s recent hack involved phishing, resulting in the theft of staked liquidity positions and significant protocol damage.
- MonoSwap’s ‘Security Measures’ page claims expert safety but lacks recent updates on audits, raising concerns about its security.
- CoinGecko’s Bobby Ong links rising crypto hacks to vulnerabilities from Google’s domain sale, with WazirX losing $235M.
On July 11, 2024, MonoSwap, the “Blast native liquidity space,” disclosed a severe security breach on its X account. The announcement detailed how a developer fell victim to a phishing scheme. Scammers posed as venture capitalists, tricking the developer into installing a botnet on his office PC.
This malicious software gained access to all MonoSwap-related wallets and contracts. Consequently, the hackers withdrew a portion of the staked liquidity positions, severely damaging the protocol’s operations.
Concerns Over Security Measures and Audits
MonoSwap initially included a link to the hacker’s website in its post. However, this link was quickly removed after Protos questioned its prudence. The link could have exposed users to further risks.
Furthermore, MonoSwap’s ‘Security Measures’ page claims that its smart contracts are crafted by seasoned professionals. This page also asserts that the platform prioritizes safety and optimization. Yet, there are concerns regarding the accuracy of these claims.
MonoSwap’s ‘Audits’ page, labelled “Coming soon,” has not been updated for six months. This page’s lack of updates raises questions about the protocol’s commitment to security. Additionally, MonoSwap’s wrapped token, xMONO, is described as a governance token. However, Protos found no active governance mechanism for this token. This discrepancy adds to the protocol’s concerns about its operational maturity.
Broader Context: Rising Crypto Hacks and Vulnerabilities
Protos reached out to MonoSwap for clarification. Specifically, inquiries were made about the status of protocol audits, the executive’s access to critical resources, and the governance token’s use. At press time, no response had been received from MonoSwap.
CoinGecko co-founder Bobby Ong warned the crypto community about an increase in hacks. Ong attributed this rise to vulnerabilities created by Google’s sale of its domain business to Squarespace. This sale led to the removal of two-factor authentication, creating a security gap exploited by hackers. Since Ong’s warning, there have been multiple high-profile attacks.
ZackXBT alerted the community to a phishing page on Compound Finance’s website, which has since been resolved. Moreover, on July 18, 2024, WazirX, a popular Indian cryptocurrency exchange, was breached. Hackers, allegedly linked to North Korea’s Lazarus Group, stole $235 million from the exchange.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
