BlockThreat - Week 1, 2023
GDS | GMX | RTFKT | Uniswap | Moonbeam | Astar | Acala
Welcome to the first edition of BlockThreat in 2023!
We are kicking off the new year with a number of excellent annual blockchain security reports from Immunefi, CertiK, Slowmist, and others. Devastating phishing attacks resulted in $4M+ in losses from various individuals.
On the more positive side, this week also features a number of research articles on novel tools and techniques for on-chain analysis. Bug bounty reports helped patch vulnerabilities in Uniswap and multiple Polkadot chains.
In other news, Helix CEO’s brother learned the hard way that stealing crypto from IRS to spend on strippers and luxury condos may not have been his best life decision.
Crypto Losses in 2022 by Immunefi.
Hack3d - The Web3 Security Report - 2022 by CertiK.
Global Web3 Security & AML Report - 2022 by Beosin.
$49 Billion Lost in Crypto in 2022 by DeFiYield Security.
Balancer is asking LPs to urgently remove tokens for several pools.
On January 3, 2023 GDS lost $187K in a reward manipulation exploit.
Circom-Pairing: A Million-Dollar ZK Bug Caught Early by Veridise.
Bug Patterns in Solidity and Smart Contract Auditing with Yannis Smaragdakis at SmartCon 2022
Web3 Bug Bounty Hunter Thread by Adrian Hetman.
Circumventing Layer Zero: Why Isolated Security is No Security by Krzysztof Urbański.
TrueBlocks Recipe: Factories by Thomas Jay Rush.
Guide to Web3 Data Tools by Web3 Data Degens.
OnChain Transaction Debugging Tools Thread by SunSec.
Getting Started with Phalcon 2.0 by BlockSec.
Spook - Ethereum RPC request mixer using Nym network.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.