Weekly Report (Apr-15)


  • Over $5.26 million was lost in multiple DeFi hacks.
  • Animoca Brands Japan is set to launch a new NFT launchpad.
  • Nova Frontier X is set to launch spaceship NFTs through their mobile game.
  • Samsung joined forces with Polygon, OpenSea, and Ledger for the NFT TV Bundle.

Blockchain Hacks

The SQUID Game Coin was exploited on the BNB chain due to a smart contract vulnerability, which resulted in a loss of assets worth approximately $87,000. The root cause of the exploit is a faulty logic design within their swap contract, allowing for arbitrage opportunities.

xBlast, an omnichain-web3 ecosystem built inside Telegram, took to X (formerly Twitter) to announce that they had been hacked. The root cause of the exploit is unknown at the moment. The exploiter transferred XBL tokens from the main wallet of the project to their wallet and sold them for approximately 22 ETH. The team will deploy a new XBL token and restore liquidity, thereby providing fair compensation for all of the affected users.

The Zest Protocol was exploited, and the hacker took away funds worth approximately 324,000 STX from the protocol, amounting to roughly $972,000. The attack took place on the day the protocol was launched to the public, in which an attacker artificially inflated the value of their collateral to borrow an amount exceeding the value of their position. The team stated that their protocol will remain frozen until further notice. User positions will be unaffected until the protocol relaunches.

The fraudulent Oasis AI project (token OAI) on Ethereum was exposed as a rug pull, wherein funds totaling 85.38 ETH (approximately $301,600) were siphoned off. The orchestrator of the scheme offloaded 1,603,040,020,640,000 OAI tokens shortly after the contract’s deployment. Notably, this rug pull token was deceptively named after a legitimate entity. In a similar vein, a counterfeit Truflation project (token TRUF) was also identified as a rug pull, with 72.9 ETH (roughly $256,600) stolen. The initiator of this scam dumped 1,769,800,761,000,000 TRUF tokens, exploiting the shared name with a legitimate project.

Furthermore, the fake Monad project (token MONAD) on the Ethereum Mainnet witnessed a 100% drop in value. The deployer liquidated around 1,769,800,761,000,000 MONAD in exchange for 74.59 WETH, valued at about $266,000. This token, too, masqueraded under the guise of a legitimate counterpart. Similarly, the price of Empower AI (token EMPAI) on Ethereum plummeted by 100%, with a significant holder disposing of 1,000,000,000,000 EMPAI tokens for 66.44 WETH, worth approximately $237,500. Additionally, the fake CryptoSaga project (token SAGA) on the BNB chain saw its value plunge by 100%. A major investor offloaded 8.1 million SAGA tokens for 71.4 BNB, valued at around $41,500. This token also fraudulently shared its name with a legitimate project.

Sumer Money was exploited on the Base chain due to a smart contract vulnerability, which resulted in a loss of assets worth approximately $310,000. The root cause of the exploit is a lack of reentrancy protection, which led to the manipulation of the underlying assets. We have shared a detailed analysis of the exploit in this blog.

Leaper Finance was identified as a scam in which funds worth approximately $1 million had already been taken away. The fraudulent group, infamous for previous exploits with Magnate Finance, Kokomo, Lendora, Solfire, and others, resurfaced with Leaper Finance on Blast. By leveraging the laundered funds from prior exploits, they artfully baited users with enticing liquidity, only to abscond with all the deposited funds. The scam also extended to Zebra Lending on the Base chain, which was live with approximately $311,000 worth of their TVL. Likewise, the same group of scammers were also reportedly behind the Glori Finance project on Arbitrum, which boasted $1.4 million worth of TVL. Following the community alert by ZachXBT, the X (formerly Twitter) accounts of both Leaper Finance and Gorli Finance were deactivated. All three websites for the associated projects have been taken down.

Metaverse, and NFTs

Animoca Brands Japan, a branch of Animoca Brands, declared its intention to introduce an NFT launchpad expected to be operational by this summer. This endeavor is designed to support the international growth of Japanese intellectual property (IP) and content creators within the Web3 space, utilizing the vast network of Animoca Brands, which includes over 400 companies and partnerships connecting to more than 700 million users globally. The subsidiary has already begun to provide strong support for international projects in the Japanese market through recent collaborations. The launchpad will act as a portal for projects and content creators to display and market their NFTs, thereby cultivating a more dynamic digital environment. The NFT launchpad, which has not yet been officially named, will provide selected projects with guidance on sales tactics and promotional activities. It will accommodate the ERC-721 token standard on both the Ethereum and Polygon networks, offering a wide range of possibilities for project creators and collectors.

Nova Frontier X, a mobile game on the Web3 space that combines third-person flight combat and base management against a vast interstellar setting, is gearing up to release its spaceship NFTs on April 16. The game will offer a series of 9,999 uniquely attributed NFT spaceships, with prices starting at $200, including a 50% discount for early buyers. The launch has generated significant interest, evidenced by over 100,000 registrations on the waitlist, and is expected to soon be available on both Google Play and the Apple App Stores. The game is distinguished by its weekly competitive tournaments and non-linear gameplay, allowing players to collect Dark Nova Crystals (DNC) through dynamic battles with humans, rogue AI, and enigmatic aliens.

Samsung is set to launch a special Web3 TV Bundle on April 24. This package integrates Polygon Labs’ blockchain technology, OpenSea’s NFT marketplace, and Ledger’s hardware wallets, enabling users to effortlessly access premium NFTs via the Samsung NFT Gallery TV App. The application is compatible with Samsung Lifestyle TVs and enhances the Smart Hub’s Art Mode with captivating art and rewards from blockchain innovators such as Illuvium, Wilder World, and World of Women, as well as Vienna’s Belvedere Museum. In addition, Samsung is rewarding early users of its Web3 portal with free TX1 NFTs, designed by renowned artist Paul Milinski, known for his work with Cartier. Those interested in obtaining a TX1 NFT must fill out a form on Samsung’s official website or through the Samsung NFT Gallery TV App by April 24. Samsung will cover all gas fees and transaction costs associated with the NFT minting process to provide a seamless and affordable experience.

OnChain Insurance Industry News

Neptune Mutual officially announced the launch of its vote escrow NPM token (veNPM) feature on Arbitrum One. NPM holders can now lock their NPM tokens for veNPM tokens. veNPM tokens offer a number of benefits relating to the allocation of NPM emissions from the liquidity gauge, which will go live later in the month. Specifically, veNPM tokens grant increased voting power in Snapshot votes that determine the distribution of NPM emissions to cover pools, along with boosted NPM emissions for veNPM token holders.

This new feature provides a compelling incentive for liquidity providers (LPs) to contribute capital to cover pools, thereby expanding the marketplace’s capacity and enabling more cover policies to be sold.

Despite DeFi’s sector’s assets surpassing 100 billion USD, less than 0.4% are protected against one of the biggest risks: smart contract vulnerabilities. Scaling the capacity and adoption of DeFi cover is crucial for safeguarding existing users and is likely a prerequisite for institutional involvement in DeFi.