Over $100M were stolen from various DeFi projects this week. A trend is emerging of DeFi forks either not keeping up with upstream patches or not fully understanding risks coming with the borrowed codebase. NFT social media accounts continue getting hacked to promote fake token-stealing phishing sites.

Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.

Events

• Off the Chain - blocksec conference on June 7th in San Francisco, CA

News

• U.S. Attorney Announces Charges Against Two European Citizens For Conspiring With A U.S. Citizen To Assist North Korea In Evading U.S. Sanctions.

• Juno Blockchain Community Officially Votes to Revoke Whale’s Tokens.

• Parity Multisig funds are moving to Tornado Cash.

Scams

• This NFT Scam as a Service Is a Scam.

• BNB Brokers rug pulled by exploiting its own reentrancy vulnerability.

Hacks

• On April 24, 2022 Weiner Doge, Last Kilometer, and other projects on BSC lost combined $80K after getting hit with an exploit targeting incorrect handling of deflationary tokens.

• On April 25, 2022 BAYC Instagram account was compromised to advertise a fake airdrop phishing site. As a result attackers were able to steal $2.8M from unsuspecting users. This follows a recent compromise of the BAYC Discord server also tricking users into signing safeTransferFrom transactions.

• On April 27, 2022 Cloudflare announced that it stopped the largest HTTPS DDoS attack on record against an unknown cryptocurrency platform.

• On April 28, 2022 Deus DAO was compromised yet again with a price oracle manipulation exploit resulting in the theft of $13.4M.

• On April 30, 2022 Saddle Finance lost $11M in a price manipulation attack.

• On April 30, 2022 Fei Protocol’s Rari pools on Ethereum and Arbitrum networks lost $80M as a result of a reentrancy exploit.

Vulnerabilities

• Rari Capital patched a price oracle manipulation vulnerability in one of its pools after it was responsibly disclosed by Hacxyk.

• CheckPoint disclosed an insecure storage vulnerability in the Everscale’s Ever Surf wallet allowing private key recovery.

Other Incidents

• On April 30, 2022 Solana Network went down for 7 hours after getting flooded with bot transactions related to NFT mints.

• On May 1, 2022 NEAR’s Rainbow Bridge experienced an attempted hack to inject a counterfeit block which was automatically caught by bridge watchdogs resulting in 2.5 ETH loss to the attacker.

Research

• Adversarial Thinking and Ways to Attack Bitcoin.

• Fuzzing For Memory Bugs In Solidity.

• TTAGN: Temporal Transaction Aggregation Graph Network for Ethereum Phishing Scams Detection.

Tools

• dEth tool - a suite of online tools to decode and encode transactions.

• Flashside - a set of NFT MEV contracts to claim Otherside land NFTs from various BAYC and MAYC pools, via flashloans or flashswaps.

Premium Content