Home Web3 SecurityCrypto Hacks Directory List of Crypto Hacks Involving Access Control Vulnerability

List of Crypto Hacks Involving Access Control Vulnerability

by ImmuneBytes

Project Date of Exploit Exploit Amt. (USD) Blockchain Type of Exploit Type of Contract Exploited Contract Add. Exploit Transaction
GameToken 2024-01-22T00:00:00.000Z 7000000 Polygon Access Control Bug Tokens https://polygonscan.com/address/0xcf32822ff397ef82425153a9dcb726e5ff61dca7
Safemoon 2023-03-29T00:00:00.000Z 8900000 BNB Chain Access Control Bug DeFi https://bscscan.com/tx/0x48e52a12cb297354a2a1c54cbc897cf3772328e7e71f51c9889bb8c5e533a934
SwapX 2023-02-27T00:00:00.000Z 1000000 BNB Chain Access Control Bug DeFi
Tales of Elleria 2023-04-19T00:00:00.000Z 280000 Arbitrum Access Control Bug Tokens https://arbiscan.io/address/0xfcd201954072545e2d12b90785e0e912ed7cc2b9 https://arbiscan.io/tx/0x376aaa9b8bdf452ea4bbc4a185e639cf30eff456d96ee117571dcbb6e9cf318c
Land NFT 2023-05-15T00:00:00.000Z 150000 BNB Chain Access Control Bug NFT (ERC-721) https://bscscan.com/token/0x1a62fe088f46561be92bb5f6e83266289b94c154 https://bscscan.com/tx/0x48878f4751f05e4366eb6c6d52a7a637f39d70a4f28cdb82b042118d9e5c81fb
Local Traders 2023-05-23T00:00:00.000Z 118000 BNB Chain Access Control Bug DEX https://bscscan.com/address/0xce3e12bd77dd54e20a18cb1b94667f3e697bea06 https://bscscan.com/tx/0x49a3038622bf6dc3672b1b7366382a2c513d713e06cb7c91ebb8e256ee300dfb
Phoenix 2023-03-07T00:00:00.000Z 100000 Polygon Access Control Bug Tokens
Melo Token 2023-05-06T00:00:00.000Z 90729 BNB Chain Access Control Bug Tokens https://bscscan.com/token/0x9a1aef8c9ada4224ad774afdac07c24955c92a54 https://bscscan.com/tx/0x3f1973fe56de5ecd59a815d3b14741cf48385903b0ccfe248f7f10c2765061f7
Venus Token 2023-05-11T00:00:00.000Z 17283 BNB Chain Access Control Bug Tokens https://bscscan.com/token/0x9fe22d981f2c9f3563d044c43e14feeecde8fc54 https://bscscan.com/tx/0x90ee7abd5d6ec0f0f3eb61e1e8a559393aa879b90ad2da4fa2739ab6233c249f
Degen Millionaires Club 2023-02-06T00:00:00.000Z 733 BNB Chain Access Control Bug Tokens
Crema Finance 2022-07-03T00:00:00.000Z 8800000 Solana Access Control Bug DeFi
CF Token 2022-04-11T00:00:00.000Z 1900000 BNB Chain Access Control Bug DeFi
Rabby Swap 2022-10-11T00:00:00.000Z 200000 Avalanche C Chain Access Control Bug DeFi
Ragnarok Online Invasion 2022-09-08T00:00:00.000Z 44222 BNB Chain Access Control Bug Tokens
HospoWise 2022-04-04T00:00:00.000Z 15000000 Ethereum Access Control Bug DeFi
POLY NETWORK 2021-08-10T00:00:00.000Z 611000000 BNB Chain Access Control Bug Bridge Ethereum:0x250e76987d838a75310c34bf422ea9f1ac4cc906, BSC:0x05f0fDD0E49A5225011fff92aD85cC68e1D1F08e, Polygon:0x28FF66a1B95d7CAcf8eDED2e658f768F44841212
Visor Finance 2021-12-21T00:00:00.000Z 8200000 Ethereum Access Control Bug DeFi
DODO 2021-03-09T00:00:00.000Z 3800000 Access Control Bug DeFi
Wild Credit 2021-05-27T00:00:00.000Z 650000 Ethereum Access Control Bug DeFi

Access control bugs in cryptography typically refer to vulnerabilities that arise from improper or insufficient access control mechanisms within cryptographic systems. These bugs can manifest in various ways, potentially leading to security breaches or unauthorized access to sensitive information. Here are some examples:

  1. Key Management Issues: Improper management of cryptographic keys can lead to access control vulnerabilities. For example, if keys are not securely stored or if access to them is not properly restricted, unauthorized parties may be able to obtain and misuse them.
  2. Inadequate Authentication: Cryptographic systems often rely on authentication mechanisms to verify the identities of users or entities. If these mechanisms are not robust enough or if they can be bypassed or tampered with, it can lead to unauthorized access.
  3. Weak Authorization Policies: Access control bugs can also arise from weak or flawed authorization policies. For example, if a system improperly grants access to certain cryptographic operations or resources without proper verification of permissions, it can lead to security breaches.
  4. Insecure Defaults: Cryptographic systems may have default settings or configurations that are insecure or overly permissive. Attackers can exploit these defaults to gain unauthorized access if they are not properly configured or hardened.
  5. Side-channel Attacks: In some cases, access control vulnerabilities may stem from side-channel attacks that exploit unintended channels of information leakage, such as timing or power consumption, to gain unauthorized access to cryptographic operations or keys.
  6. Insufficient Auditing and Logging: Without adequate auditing and logging mechanisms in place, it can be difficult to detect and respond to unauthorized access attempts or security breaches in a timely manner, allowing attackers to exploit vulnerabilities more easily.
  7. Unchecked External Calls: Smart contracts often interact with other contracts. If the access controls on the external contract aren’t properly checked, an attacker could exploit a vulnerability in the first contract to manipulate the second one.
  8. Inappropriate Access Control: Sometimes, developers mess up by making functions public that should be private. For instance, a function meant for burning tokens (removing them from circulation) might be public by mistake, allowing anyone to burn tokens and manipulate the token supply.

Overall, addressing access control bugs in cryptographic systems requires careful design, implementation, and ongoing monitoring to ensure that proper access controls are in place and that they are effective at preventing unauthorized access and protecting sensitive information.

💡Read More About Access Control Vulnerabilities Here

You may also like