[PRESS RELEASE – Singapore, Singapore, November 20th, 2024]
BlockSec Phalcon, the world’s first crypto hack monitoring and blocking system, has launched its 2.0 version, ushering in a new era of fighting against hackers in the Web3 world.
Protocol Security Goes Beyond Code Auditing
According to the team, today, code auditing has become an industry standard, with the vast majority of protocols undergoing audits before going live. Yet, hackers still frequently succeed, stealing billions of dollars each year.
According to the Security Incidents Dashboard, from January 2023 to the present, there have been 146 major attack incidents, resulting in asset losses exceeding one billion dollars in total. Notably, the majority of these protocols had successfully passed code audits conducted by well-known firms.
Even if a protocol has passed audits and fixed known vulnerabilities, it may still face security risks: It may still have zero-day vulnerabilities; during the bug-fixing, small-scale upgrades, or parameter adjustments, the protocol team may inadvertently introduce new attack vectors; external dependencies can pose new risks; and even oversights related to compilers can lead to attacks.
Moreover, the open-source nature, anonymity, and flashloan mechanisms of blockchain make it easier for hackers to exploit vulnerabilities, and the chance for earnings gives them strong motivation. Since protocols are transparent and attackers stay hidden, defending against these evolving threats is very challenging. Some project teams may compensate users after attacks to reduce the damage, while financial losses can be recovered, rebuilding trust is much harder once it is lost.
Unfortunately, protocols have long focused mainly on code audits to ensure security, often overlooking an equally important area—security monitoring and automated responses after launch. BlockSec Phalcon is designed to fill this gap.
What is BlockSec Phalcon?
BlockSec Phalcon is a security monitoring and blocking system designed for protocols, covering major threats such as attack, operational, interaction, and financial risks.
According to the team, some protocols may have built or purchased monitoring systems, but they still suffer losses when facing attacks. The reasons are twofold:
- First, the project team might not learn about an attack in time or could waste valuable time verifying the accuracy of alerts due to frequent false positives. Meanwhile, hackers could already complete multiple attack transactions.
- Second, even if the project team quickly detects the attack and takes action, they often cannot respond as fast as the hackers. Many protocols rely on multi-sig wallets, and the need for multiple approvals makes manual responses even slower.
BlockSec Phalcon delivers practical and battle-tested solutions to address these two critical challenges.
- Precise Detection: BlockSec Phalcon uses over 200 clearly defined attack characteristics to identify whether a transaction is an attack, ensuring no attacks go undetected while almost eliminating false positives and avoiding disruptions to the team.
- Attack-Blocking Capability: BlockSec Phalcon continuously monitors transactions early at the mempool stage. Upon detecting an attack transaction, the system immediately alerts users, automatically initiates a response transaction, and employs a gas-bidding strategy to ensure these system-generated transactions are processed before the attack. This effectively blocks hacker attacks, achieving zero loss. What’s more, the platform supports both EOA and multi-sig wallets, enabling projects using Safe{Wallet} to automatically counteract attacks.
BlockSec Phalcon 2.0: Tailored Security Solutions for Protocols
This attack-blocking system launched by BlockSec had been running internally for two years before its release, successfully blocking over twenty attacks through whitehat rescues, helping project teams recover over $20 million in potential losses. It’s the first and only security product with proven records of attack blocking and has successfully blocked multiple hacking attempts.
“Often, we detected attacks but couldn’t reach the project team promptly. This led us to think, why not empower project teams directly with the ability to automatically prevent attacks? This was the very motivation for the creation of BlockSec Phalcon,” said Andy Zhou, the CEO of BlockSec.
“In this major upgrade, we redesigned the entire system to address the attacks, operational, interaction, and financial risks faced by protocols, and now it covers the vast majority of security risks protocols may encounter after going live. Additionally, we have further optimized the convenience and flexibility of our system configurations. Now users only need to import addresses to complete monitoring configurations with one click, making it very convenient, and they can customize monitoring rules for complex scenarios,” Andy Zhou added.
David Zong, Head of Risk at Bybit, stated, “We are big fans of BlockSec and have been deeply involved from the inception of BlockSec to the use of each of its products. BlockSec Phalcon is a very good security tool, to help Bybit achieve on-chain tracking and web3 contract security monitoring. We will have more cooperation with BlockSec in the future.”
Accessing BlockSec Phalcon
BlockSec Phalcon is an invitation-only SaaS platform, accessible only to invited users.
Interested users can schedule a demo to learn more about the product’s features, and have the opportunity to speak directly with security experts to discuss customized security solutions.
Users Can Book Demo: https://calendly.com/blocksec/phalcon-demo
Users Can Learn More: https://blocksec.com/phalcon
About BlockSec
BlockSec is a full-stack Web3 security service provider. The company is committed to enhancing security and usability for the emerging Web3 world in order to facilitate its mass adoption. To this end, BlockSec provides smart contract and EVM chain security auditing services, the BlockSec Phalcon platform for security monitoring and attack blocking, the MetaSleuth platform for fund tracking and investigation, and MetaSuites extension for web3 builders surfing efficiently in the crypto world.
To date, the company has served over 300 clients such as Uniswap Foundation, Compound, Forta, and PancakeSwap, and received tens of millions of US dollars in two rounds of financing from preeminent investors, including Matrix Partners, Vitalbridge Capital, and Fenbushi Capital.
Official website: https://blocksec.com/
Official Twitter account: https://twitter.com/BlockSecTeam
Read the full article here
