SkyInsights is the most streamlined, resource-efficient platform for maintaining crypto compliance. By addressing the critical pain points of illicit on-chain activities, sanctions exposure, and the maze of global crypto regulations, SkyInsights gives builders the tools they need to stay firmly on the right side of the law.

A total of $502,522,934 was lost to 223 hacks, scams, and exploits throughout the first quarter of 2024. Check out our comprehensive report for all the statistics, data, and analysis you need to understand the current state of onchain security.

Compliance is crucial for organizations deemed virtual asset service providers (VASPs) by the patchwork of regulations that apply to the blockchain industry. Yet as requirements grow, so too do the costs of the infrastructure and tools needed to meet regulatory guidelines.

On 24 February, GambleFi project RiskOnBlast is thought to have become the first confirmed exit scam to occur on the Blast ecosystem, a layer-2 project on Ethereum.

On 28 March, Prisma Finance was exploited by multiple addresses leading to a loss of approximately $12.3 million. Three attackers took advantage of a vulnerability in the Prisma Finance MigrateTroveZap contract which allowed them to manipulate a migration process. Since the exploit occurred, a wallet that received funds from the main exploiter has reached out to the Prisma Finance deployer declaring that their actions were a white hat rescue.

A detailed post-mortem analysis of the Munchables incident on the Blast mainnet, focusing on the methods used by attackers, the vulnerabilities exploited, and the subsequent community and project response to recover lost assets and enhance security measures.

From 12 March to 16 March we have seen nine private key compromises (PKC) that have led to a combined loss of at least $22.96 million in March, with five of those incidents incurring losses over $1 million. These incidents showcase the continued devastation that private key leakages can have on the Web3 ecosystem which has already seen approximately $239 million lost to this type of attack in 2024.

As digital assets go mainstream, it's more crucial than ever to make sure blockchain projects are secure. Just as important as this is finding ways to communicate security to users. For over five years, we’ve been building a suite of tools designed to both improve projects’ security as well as raise the level of education and understanding of security in the broader community.

As the cryptocurrency markets surge back to life after a long winter, the need for firms to implement a comprehensive compliance solution has never been more critical.

In this post, we detail a certain type of rug pull wherein scammers apparently create tokens out of thin air before dumping them on unsuspecting investors.

The last year has seen an unprecedented number of institutions turning their attention to onchain opportunities, and there are many financial organizations eager to offer a variety of Web3 products and services to these investors. However, an omnipresent hurdle is the lack of unified global regulation of crypto-assets.

The CertiK Ambassador Program is an initiative designed to empower our community's most enthusiastic members to play a vital role in promoting a safer blockchain environment while being rewarded for their passion and dedication.

Real-world assets (RWAs) is the latest narrative in crypto. It refers to onchain representations of tangible and intangible assets from the traditional financial realm. In this piece, we'll help you stay up to date with all that's going on with RWAs.

On the 5th March, CertiK confirmed OrdiZK orchestrated an exit scam that over a period of time stole approximately $1.4 million. In this incident the scammers used a verity of tactics to steal from investors including hoarding taxes from sales, dumping a large amount of tokens and abusing privileged roles to empty project contracts. This incident is the 6th exit scam of 2024 where losses have exceeded $1 million, contributing to the over $64 million lost to exit scams in 2024 so far.

A Pet Rock No Longer: Bitcoin’s Innovation Awakening provides a comprehensive overview of the Bitcoin ecosystem's evolution over the last year.

Facing certain resistance to public disclosure of vulnerabilities, we advocate a new approach involving expanded disclosure practices for the benefit of transparency and user safety.

A cryptocurrency scamming group, CryptoGrab, has taken the bold step of registering as a private company in the UK. CryptoGrab offers various phishing services targeting cryptocurrency users, including the Nova Drainer and more traditional seed phrase phishing techniques. It is not uncommon for malicious actors to register fraudulent entities in the UK due to the relative ease in which companies can be registered. The group has stated in Telegram that this gives them access to platforms such as Binance and eToro. We have reported this organization to Action Fraud and Companies House in the UK. This blog aims to highlight the activities of this threat group and suggest ways to protect your assets.

On 6th January 2024, the MangoFarmSOL project conducted an exit scam leading to losses estimated around ~$1.32 million which is the largest exit scam that we have investigated in 2024 so far.