Home
Blog
The official month of web3 phishing attacks

The official month of web3 phishing attacks

In the past month, web3 phishing attacks have surged by 34%, posing a significant threat to hundreds of millions of dollars in crypto assets.

February 23, 2023
2 min read
During the recent month phishing attacks had become the hottest trend in web3, with an alarming uptrend of 34% and an imminent risk to hundreds of millions of dollars.
Illustration of a hooded figure sitting at a computer, engaging in a phishing attack, with the text "Jan 2023" and the Ironblocks logo in the background, symbolizing the rise of web3 phishing attacks in January 2023

As a cybersecurity company committed to the longevity and prosperity of the Crypto sphere, ironblocks provides monthly best practices to protect against these recent cybersecurity threats:

Traders — always check yourself

To avoid getting scammed by a phishing attack, it is crucial to double-check the addresses to which you transact. There are many instances of “address poisoning” and phishing addresses, so it is important to be vigilant in order to avoid falling a victim to such phishing attacks.
Our advice: Save all addresses you already know as notes in a secure place and make sure to double-check transaction-explorer (Ethscan, BSCscan) when interacting with new addresses

Builder s— Segment your protocol

CowSwap hack demonstrated how responsibility isolation and good architecture can significantly minimize risks. Despite an attacker managing to steal money from their protocol, the funds at risk were only the seven-day fees the protocol collected. The attacker was subsequently slashed for this in their staking.
Our advice: When building a protocol, it is essential to focus on “transaction isolation” and code architecture to mitigate risks.

Protocols — Enforce protocols and usage of proper tools

The biggest hack of the month, the BonqDAO hack, involved an attacker manipulating the price of WALBT token through TellorFlex’s decentralized oracle. The attacker took a loan and then manipulated the price again to liquidate at a much lower price.

Our advice: To protect against such attacks, we recommend protocols admins to implement two best practices:

  1. The first transaction could be detected and stopped, and the second one could be blocked by an automated tool that could frontrun and execute a pause action.
  2. Always check for vulnerabilities when using an oracle. Most of the time, oracles have weak spots that can be exploited by attackers. In case you lack the knowledge or tools for this.

Overall, it is essential to remain vigilant and proactive in protecting against cybersecurity threats, especially as web3 continues to evolve. By following these best practices, we can help ensure the continued security of our loved “Crypto-sphere” and safeguard the prosperity and longevity of the global community.

More from the Blog

Back
June 26, 2024
3 min read

Approved Patterns: AI-Driven Security Policy in The Ironblocks Firewall

Discover how Approved Patterns, the AI-driven security policy in The Ironblocks Firewall, is setting new standards for Web3 Security.

June 19, 2024
2 min read

Ironblocks Firewall: Unveiling the First Batch of Security Policies in DeFi

Dive into the first batch of Ironblocks Firewall security policies for DeFi protocols – EOA Only, Balance Change, Allow List and Block List, and Forbidden Methods.

June 5, 2024
2 min read

Ironblocks’ Open-Source, On-Chain, Self-Service Web3 Firewall is Live

Discover the essential role of Web3 firewalls in securing smart contracts and decentralized applications.

Be part of the security paradigm shift  

Start Building
Join Community
Iron Blocks logo White
Terms of Use
Privacy Policy
Contact us
© Ironblocks™ 2025