Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly Digest #15

Weekly Digest #15

Share via:

DHS warns against using Chinese hardware and digital services

The DHS (US Department of Homeland Security) has published a “business advisory” warning US companies against using hardware equipment and digital services created or linked to Chinese companies.

These Chinese products could contain backdoors, bug doors, or hidden data collection mechanisms that could be used by Chinese authorities to collect data from foreign companies and forward the information to local competitors to further China’s economic goals to the detriment of other countries.

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

Four nation-states advanced persistent threats (APTs) hacked Al Jazeera producers, journalists, executives, and anchors, with a zero-day exploit for Apple iPhone.

The firm said that the perpetrators could belong to up to four APTs, including potentially those linked to Saudi Arabia and the United Arab Emirates. All of the operators used the NSO Group’s infamous Pegasus spyware.

Pegasus is a mobile phone solution that enables customers to exploit and monitor devices remotely.

FBI & Interpol disrupt Joker’s Stash, the internet’s largest carding marketplace

Officials from the US FBI and Interpol have seized a small number of servers used by Joker’s Stash, the internet’s largest marketplace for buying & selling stolen cards, temporarily disrupting the site’s activity.

Interpol described the server seizures as an ongoing “coordinated police operational activity” but declined to elaborate further.

These are websites that use top-level domains (TLDs) managed by Emercoin, a blockchain company. Records for these domains are stored inside a blockchain and cannot be transferred to anyone else without the domain owner’s cryptographic signature.

Hacker Dumps Crypto Wallet Customer Data; Active Attacks Follow

From a June attack against cryptocurrency wallet firm Ledger, customer data is now public and actively being used in attacks.

This Monday, hackers dumped sensitive data stolen earlier this year from the Ledger cryptocurrency wallet’s website. This information includes such data: Email addresses, Names, Phone numbers, Physical addresses. And in a twist that surprised no one, the data is now actively being exploited in phishing campaigns.

According to the report, the first includes email addresses of 1,075,382 people who subscribed to the Ledger newsletter.

Swedish university fined $66,000 for GDPR violations

A Swedish university has been fined SEK550,000 ($66,000) for storing sensitive personal information in the cloud without sufficiently protecting the data.

Umeå University violated the General Data Protection Regulation (GDPR) by failing to properly secure data related to a research study on male sexual health, the Swedish Data Protection Authority has ruled.

The reports contained information on suspicion of a crime, name, personal identity number, contact details, and sensitive data about sexual life and overall health.

It was also faulted for failing to report the data breach under GDPR laws, which came into effect in May 2018.