Base, the Ethereum Layer-2 network developed by Coinbase, is grappling with over 34,000 high-risk vulnerabilities in its smart contracts, according to recent data. Among the major issues identified are malicious boolean checks and library tampering, posing serious threats to network integrity.
According to Trugard Labs, which leveraged its Xcalibur tool to assess risk, Base recorded more than 34,000 high-risk vulnerabilities in August alone. The majority of these risks stemmed from Digital Signature issues, with nearly 22,000 instances involving tampering in widely-used libraries such as SafeMath. Malicious boolean checks on token transfers, responsible for over 6,300 detections, also presented significant concerns. These vulnerabilities could enable bad actors to block or manipulate token transfers, threatening the security of on-chain transactions.
Cybercriminals Target Web3 Networks
Trugard Labs reported additional vulnerabilities in the Base network, including unauthorized token burns, unapproved balance updates, and controlled minting attacks. Though similar security flaws were detected on Ethereum and BNB Chain (formerly Binance Smart Chain), they were far fewer in comparison.
The sharp increase in cyberattacks on Base illustrates a broader trend of web2 hackers shifting to web3 platforms. According to Trugard analysts, criminal groups that previously targeted traditional web infrastructure are now exploiting the decentralized finance (DeFi) space, taking advantage of the emerging vulnerabilities in blockchain networks.
As decentralized finance continues to expand, the attack surface for cybercriminals grows with it. Web2 hackers, once focused on phishing, ransomware, and centralized system exploits, are now adapting their tactics to undermine the security of smart contracts and blockchain protocols.