
A single link leads to massive losses—watch this video to learn how to protect yourself
TechFlow Selected TechFlow Selected

A single link leads to massive losses—watch this video to learn how to protect yourself
Building on data, embark on your Web3 security journey~
In June, the total loss across the entire network amounted to approximately $210 million. Official social media accounts experienced 31 fraud and phishing incidents, accounting for 9.91% of total losses, a month-on-month ⬇️ decrease of 75.69%. However, security awareness must not be relaxed—just one click could lead to irreversible losses.
Case Analysis
On June 10, the Ethereum-based lending protocol UwU Lend was attacked, suffering total losses of $22.7 million. The attacker exploited a vulnerability in the protocol’s oracle price mechanism, causing approximately $19 million in damages. On June 13, the attacker took advantage again due to an operational error by the project team during contract governance, gaining an additional $3.7 million.
Attack Flow:
1) Flashloan USD to manipulate SUSDE and lower its price;

2) Address 0xf19d66 deposited 19,979 WBTC, 615 million DAI, and 301 million SUSDSE into pool_2409;

3) Address 0x87ed92 deposited 318,000 ETH (approximately equivalent to 1.193 billion SUSDSE) into pool_2409;

4) Address 0x87ed92 borrowed 302 million SUSDSE and transferred it to address 0xf19d66, which then used these SUSDSE to deposit into pool_2409. Address 0x87ed92 repeated this process four times;

5) Address 0xf19d66 borrowed 319,000 ETH and sent it to address 0x87ed92, after which address 0x87ed92 repeated steps 3 and 4;

6) Address 0x87ed92 withdrew 344,000 WETH from UwULend;

7) Address 0xf19d66 manipulated the SUSDSE price and liquidated address 0x87ed92's loan;

8) Using uSUSDE as collateral, address 0x4cd6fe borrowed 3.5 million DAI and 4.2 million USDT from UwU.

Largest Security Incident - RugPull
On June 8, emholicECO in the zkSync ecosystem suffered a Rugpull, resulting in losses of approximately $3.4 million.
Largest Security Incident - Phishing Scam
On June 23, a whale user fell victim to a phishing attack, losing approximately $11 million.
Largest Security Incident - Private Key Leak
On June 22, several hot wallets at BtcTurk were compromised, suspected to be related to private key leakage, leading to a loss of $90 million, with $5.3 million of the stolen funds frozen and recovered.
OKLink Tips
Although the proportion of fraud and phishing incidents decreased in June, vigilance must still be maintained. OKLink reminds everyone never to disclose your private keys or seed phrases to anyone. Approach projects promising unusually high returns with skepticism. Conduct thorough research on any project and its team before investing. Never underestimate any single click—whether it's a message in a community group, a link in an SMS, or a direct message from someone impersonating official customer support, each may hide irreversible traps.
Use tools like OKLink to query cryptocurrency and project information thoroughly. Building decisions on solid data is the foundation of calm and secure participation in the blockchain space—fortify your own on-chain security first.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News










