BlockThreat - Week 18, 2022
Blender | MM Finance | Bistroo | Fortress | OpenSea
The crypto winter is here which is a great time to take a break from market madness and prepare for the next wave of new projects with their novel security challenges. From better investigative and monitoring tooling, research into smart contract and blockchain security topics to building up defenses around users and their wallets the time is right to invest in the future security of our ecosystem. In this spirit, today’s edition focuses on a number of excellent research papers which hopefully inspire you to deep dive on one of many blockchain security related topics. Enjoy!
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.
U.S. Treasury Issues First-Ever Sanctions on a Virtual Currency Mixer, Targets DPRK Cyber Threats. Blender was used to launder over $20.5M in Bitcoin sourced from the recent Axie Infinity hack.
SEC Nearly Doubles Size of Enforcement’s Crypto Assets and Cyber Unit.
‘Crypto muggings’: thieves in London target digital investors by taking phones.
Juno Blockchain community votes on the governance proposal to confiscate $36M of JUNO tokens from an investor, but ends up transferring them to the wrong wallet.
A Texas Tale of Tinder, Millions in Stolen Crypto and Murder.
Monkey Business by Rekt.
OpenSea Discord server compromised to promote a phishing website.
Ferrari subdomain hijacked to push fake Ferrari NFT collection.
Fake crypto giveaways steal millions using Elon Musk Ark Invest video.
On May 4, 2022 Mad Meerkat Finance web front-end was compromised which allowed attackers to inject a malicious contract address. About $2M were stolen on the Cronos blockchain.
On May 7, 2022 Bistroo lost $47k as a result of a reentrancy vulnerability.
On May 8, 2022 Fortress Protocol was exploited for $3M using a price oracle manipulation vulnerability in addition to a malicious governance proposal.
NFTs Emerge as the Next Enterprise Attack Vector to spread malware.
Overview of Web3 Smart Contract Hacking by Duncan Townsend.
North Korea’s Lazarus: their initial access trade-craft using social media and social engineering by NCC Group.
A fascinating on and off chain investigation by ZachXBT identifying thieves behind a recent Solana wallet compromise.
TWAP Oracle Attacks: Easier Done than Said? by MTorgin.
Staking requirements for MEV on ETH2 by MTorgin.
EVM Deep Dives: The Path to Shadowy Super Coder Part 4 by noxx.
Flashbots by BitMEX.
Web3 Kill Chain by Forta.
Profiling DeFi and Web3 heists by @puntium.
Auditor’s Roadmap by razzorsec.
How funds are laundered without mixing platforms by SlowMist.
How to make a >800 million dollars in crypto attacking the once 3rd largest stablecoin, Soros style.
Ethereum Signature Database by samczsun.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.