Skip to main content

General Incident classification

The type of incidents can be generally broken down into 4 types:

Hacks

Hacks in general, is the practice of intentionally exploiting weaknesses in an organization's computer systems. In the context of blockchain, it is exploiting vulnerabilities in fundamental components of DApps and in the blockchain infrastructure. The non-exhaustive list of components can be: blockchain bridges, oracles, crypto wallets, Frontend/backend application and smart contracts which are deployed on-chain. Examples include business logic issues and lack of validation.

At times, it could be compromising the private keys of project teams through traditional attack vectors.

Scams

Scams are Web3 projects that do not intend to deliver promised features. Indeed, they usually entice users to invest or participate in the project with the only intent of keeping their invested money and leaving the users hanging. Scams could be executed by dumping tokens, stealing all the invested funds, through means like sending sketchy emails and websites, or creating fake accounts on social media. In the context of blockchain, scams can involve investing in a “Get-rich-quick scheme” such as a Ponzi scheme or tricking users into signing unintended transactions that will result in stolen funds.

Do refer to our blog article for more details on the top 6 crypto scams in 2022.

Improper Management

Improper Management is a unique situation where the project party mismanages components that associate with user funds. Some examples include application misconfiguration issues that could expose critical information about users / project funds, or when the project party mints uncollateralized funds to perform high risk trading. This will be at the expense of users’ funds being lost.

White Hat Operation

A "white hat" operation signifies the actions taken by ethical hackers to recover funds present within the blockchain system. Often, the project team does not respond to private bug disclosures, so "White Hats" strive to protect assets as a priority before malicious hackers, or "Black Hats," uncover the defects.

The term "white hat" comes from old Western movies where the "good guys" typically wore white hats, distinguishing them from the "bad guys" who wore black hats.