en
Back to the list

Coinbase’s Base smart contracts contain over 34k vulnerabilities, data shows

source-logo  crypto.news 19 September 2024 15:45, UTC

Base network saw over 34,000 high-risk vulnerabilities in its smart contracts, including malicious boolean checks and library tampering, according to new data.

Blockchain networks face growing security challenges as malicious actors exploit vulnerabilities in smart contracts, with Coinbase’s Base network leading in high-risk detections.

According to data from Trugard Labs, which identified risks using its Xcalibur tool, Base accounted for more than 34,000 high-risk detections in its smart contracts during August.

The Coinbase-incubated network was particularly susceptible to Digital Signature issues, with nearly 22,000 detections related to tampering in standard libraries like SafeMath. Malicious boolean checks on token transfers also posed significant risks, with over 6,300 instances identified on Base. These checks could block or manipulate token transfers, presenting a key vulnerability.

Coinbase's Base smart contracts contain over 34k vulnerabilities, data shows - 1
High risks identified across blockchains in August | Source: Trugard

Web2 hackers turn to web3

Trugard Labs identified several other major threats across the Base network, including unauthorized token burns, balance updates, and controlled minting attacks. Hidden balance updates and minting manipulations were also detected across Ethereum and BNB Chain (formerly Binance Smart Chain, BSC), though in smaller numbers.

Cross-chain comparison Top by risk share | Source: Trugard

The surge in malicious activity on Base underscores the vulnerability of protocols deployed on the network to exploitation, as cybercriminal groups that once operated in web2 “have now shifted focus to the burgeoning web3 ecosystem,” analysts at Trugard say.

As the decentralized finance sector grows, so does its appeal to threat actors. In the past, web2 criminals specialized in phishing, ransomware, and exploiting vulnerabilities in centralized systems. Trugard says those same tactics are now being adapted to exploit “vulnerabilities in smart contracts, decentralized finance protocols, and blockchain networks.”

Read more: Decentraland’s X account hacked, scammers push fake MANA airdrop
crypto.news