Blockchain

How Exploits Are Making Web3 Look more like Web2.5

Data from over 40 crypto-based companies compromised through email service provider.

Blockchain

How Exploits Are Making Web3 Look more like Web2.5

Data from over 40 crypto-based companies compromised through email service provider.

With malicious hacks, influencer pump-and-dumps, and various exploits it begs the question — are we really in Web3 or Web2.5?

Since January, the Web3 space has seen over $2 billion USD in lost funds and there is one common denominator between most of them, human error or an exploit of Web2 technologies — both things that should not exist in an optimized Web3 world.

Most recently, a major email marketing solution company Klaviyo was exploited through a phishing attack on one of its employees, resulting in over 40 of its client’s databases being compromised. A large majority of these platforms were Web3 based, including NFT marketplace Rarible, crypto wallet platform Edge, intelligence firm Messari, Decrypt, and Swan Bitcoin.

“The threat actor used the internal customer support tools to search for primarily crypto-related accounts and viewed list and segment information for 44 Klaviyo accounts. For 38 of these accounts, the threat actor downloaded list or segment information,” read Klaviyo’s blog post on the situation.

In the case of Swan Bitcoin, customers’ compromised data included first names, email addresses, IP-based geolocation data (like identifying cities), as well as information as to how users originally joined the company’s email list.

Additionally, Swan reported that roughly 0.3% of the leaked data included historical USD deposit information, covering a period of before March 2022. It warned users that any emails asking for additional identifying information are likely scams and to be cautious of this.

So why are Web3 companies using Web2 services? A few reasons could be, there isn’t anything better yet, or maybe it’s more cost effective. In the last six months the space has seen people scammed out of their entire wallet contents with one signature approval, contracts lock themselves out of millions of dollars because they put a 1 instead of a 0 in code, and an influential member of the community accidentally purchased an NFT for 150 thousand USD.

Once technology is developed and advanced to a point where these types of exploits and errors no longer exist because of true blockchain based smart contracts and safety protocols — perhaps then we will truly be in Web3.

In other news, BlackRock launches a Bitcoin private trust for institutional investors.

You may also like

Web3 Lost Over $2 Billion USD to Hacks This Year, According to New Report
NFT

Web3 Lost Over $2 Billion USD to Hacks This Year, According to New Report

And hackers using tested Web2 tricks to exploit human error in Web3.
MetaMask Looks to Reduce NFT Scams With Updated "Set Approval For All" Feature
Blockchain

MetaMask Looks to Reduce NFT Scams With Updated "Set Approval For All" Feature

With clear warning messages when a user is about to grant authorization to “all wallet funds” during user transactions.
How Proof of Attendance Protocol, Led by 'POAP.xyz' Is Shaping Web3
Blockchain

How Proof of Attendance Protocol, Led by 'POAP.xyz' Is Shaping Web3

The tool can help users keep track of important moments and be rewarded for doing so.
Cristiano Ronaldo’s Binance Partnership Looks To Bring Football Fans Into Web3
NFT

Cristiano Ronaldo’s Binance Partnership Looks To Bring Football Fans Into Web3

By providing exclusive engagement opportunities for fans.
More ▾