Table of Contents
Disclaimer: The information provided through the BNB Chain community does not constitute advice or recommendation for investment or trading. Projects are listed in no particular order below. BNB Chain does not take responsibility for any of your investment decisions. Please seek professional advice before taking financial risks.
AvengerDAO is a community-driven initiative created to protect the users and projects on BNB Chain from malicious actors and activity. AvengerDAO publishes a list of risk projects and addresses on DappBay Red Alarm every Friday. By actively identifying and flagging such items through DappBay’s Red Alarm, AvengerDAO can help users identify high-risk BNB Chain dApps with the level of risk, the risk description, and other important risk details. Web3 users can safely navigate BNB Chain dApps while staying safe.
Security Incidents
HashDit is an industry-leading blockchain security company that focuses on building a safe ecosystem for both protocol users and smart contract developers on BNB Chain. HashDit is member of AvengerDAO. HashDit’s analysis shows that there were 11 security incidents that happened in the week of October 10th.
| Attack Vector | Protocol / Contract Name | Loss |
| Rugpull | IVY | 1,585,000 |
| Private Key Compromise | BigWhale | 1,500,000 |
| Rugpull | L7 DEX $LSD7 | 158,000 |
| Rugpull | Fake OFN | 58,000 |
| Rugpull | Honest Ventures | 58,000 |
| Access Control | Unknown | 38,000 |
| Private Key Compromise | DNFT, DPL | 34,000 |
| Price Manipulation | MicDao | 12,200 |
| Rugpull | SFC | 9,000 |
| Rugpull | ZMN | 5,000 |
| Private Key Compromise | Fantom Foundation | 2,000 |
Lessons Learned
Here are some tips to spot Rugpull scams:
- Often, these fraudsters operate through professional-looking websites using sophisticated investment terminology to appear credible. Yet, once you sign in to your account via their platform, you might find yourself unable to withdraw your funds, or only permitted to do so upon payment of an overly excessive fee.
Red Alarm Weekly Highlights
AvengerDAO publishes a list of risk projects and addresses on DappBay Red Alarm every Friday. If you have questions or feedback for below risk highlights, please contact here.
Newly Detected High-Risk dApp Projects
| Category | Description | Spotted Project This Week |
| Ponzi or potential Ponzi dApps | Ponzi schemes lure investors with the false promise of extremely high returns. | – Piggy Garden |
| Phishing dApps | Phishing usually forges legitimate web pages to trick you into entering your private keys or authorizing transactions that you don’t understand. | – MiningOneBitcoin – HashDrilll – Defix – CircleEvent – Astralhash – BoneShibe – Staking Ink |
Newly Detected High-Risk Address
AvengerDAO members offer APIs to check the security of a contract to be interacted with or get relevant information such as potential risks of a specific address to perform due diligence. AvengerDAO API gives a comprehensive evaluation of each address. We advise you to regularly check with these APIs when receiving an airdrop for a certain token, or interacting with the contracts that they want to invest in. https://dappbay.bnbchain.org/risk-scanner is integrated with these APIs. Please have a try!
The latest high-risk addresses detected from Weekly Scan.
All the addresses are listed here.
Latest Risk Remediation – TVL >1M$ Projects
AvengerDAO is actively scanning TVL >1M$ projects. This week, 4 projects are identified with potential risks and 2 have been resolved. Most of the issues are due to a lack of multi-sig wallet setup. We recommend projects to study the Web3 Risk Framework to learn more about best practices.
Stay Safe – DYOR (Do Your Own Research)
BNBChain community has published detailed guides for crypto users to identify scam projects. Here are some tips:
- Do not rely solely on social media channels and forums for information. You should search for a new project on Red Alarm before interacting.
- A thorough DYOR process includes studying the project’s whitepaper, checking its codebase, engaging with its community, and assessing its market potential.
- Use reliable tools and sources to aid your research, such as CoinGecko, CoinMarketCap, Etherscan, reputable news outlets, project websites and blogs, and academic articles.
- Protecting your investment from scammers is as important as identifying the next lucrative crypto project. Always err on the side of caution when in doubt.
About AvengerDAO
AvengerDAO is a community driven initiative that protects users from possible exploits, scams and malicious actors on BNB Chain. The founding members of AvengerDAO started this because BNB Chain is the largest public chain today, and the larger the community, the greater the responsibility. Our goal is to protect users from financial losses and malicious contracts. Deter malicious actors and notify BNB Chain’s users. We aim to enhance further adoption by setting an industry standard for safe practices and raise awareness on safety and security in the ecosystem.
