Blockchain Threat Intelligence

Blockchain Threat Intelligence

Share this post

Blockchain Threat Intelligence
Blockchain Threat Intelligence
BlockThreat - Week 18, 2022
Copy link
Facebook
Email
Notes
More

BlockThreat - Week 18, 2022

Blender | MM Finance | Bistroo | Fortress | OpenSea

Peter Kacherginsky
May 12, 2022
∙ Paid

Share this post

Blockchain Threat Intelligence
Blockchain Threat Intelligence
BlockThreat - Week 18, 2022
Copy link
Facebook
Email
Notes
More
Share

Greetings!

The crypto winter is here which is a great time to take a break from market madness and prepare for the next wave of new projects with their novel security challenges. From better investigative and monitoring tooling, research into smart contract and blockchain security topics to building up defenses around users and their wallets the time is right to invest in the future security of our ecosystem. In this spirit, today’s edition focuses on a number of excellent research papers which hopefully inspire you to deep dive on one of many blockchain security related topics. Enjoy!


Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.


News

  • U.S. Treasury Issues First-Ever Sanctions on a Virtual Currency Mixer, Targets DPRK Cyber Threats. Blender was used to launder over $20.5M in Bitcoin sourced from the recent Axie Infinity hack.

  • SEC Nearly Doubles Size of Enforcement’s Crypto Assets and Cyber Unit.

  • ‘Crypto muggings’: thieves in London target digital investors by taking phones.

  • NiceHash QuickMiner bypasses Nvidia’s LHR mining locks.

  • Juno Blockchain community votes on the governance proposal to confiscate $36M of JUNO tokens from an investor, but ends up transferring them to the wrong wallet.

Scams

  • A Texas Tale of Tinder, Millions in Stolen Crypto and Murder.

  • Monkey Business by Rekt.

  • OpenSea Discord server compromised to promote a phishing website.

  • Ferrari subdomain hijacked to push fake Ferrari NFT collection.

  • Fake crypto giveaways steal millions using Elon Musk Ark Invest video.

Hacks

  • On May 4, 2022 Mad Meerkat Finance web front-end was compromised which allowed attackers to inject a malicious contract address. About $2M were stolen on the Cronos blockchain.

  • On May 7, 2022 Bistroo lost $47k as a result of a reentrancy vulnerability.

  • On May 8, 2022 Fortress Protocol was exploited for $3M using a price oracle manipulation vulnerability in addition to a malicious governance proposal.

Malware

  • NFTs Emerge as the Next Enterprise Attack Vector to spread malware.

Media

  • Overview of Web3 Smart Contract Hacking by Duncan Townsend.

Research

  • North Korea’s Lazarus: their initial access trade-craft using social media and social engineering by NCC Group.

  • A fascinating on and off chain investigation by ZachXBT identifying thieves behind a recent Solana wallet compromise.

  • Cross Chain Security Part 1 and Part 2 by 0xpostman.

  • TWAP Oracle Attacks: Easier Done than Said? by MTorgin.

  • Staking requirements for MEV on ETH2 by MTorgin.

  • EVM Deep Dives: The Path to Shadowy Super Coder Part 4 by noxx.

  • Flashbots by BitMEX.

  • Web3 Kill Chain by Forta.

  • Profiling DeFi and Web3 heists by @puntium.

  • A Guide to NFT Platform Security.

  • Auditor’s Roadmap by razzorsec.

  • How funds are laundered without mixing platforms by SlowMist.

  • How to make a >800 million dollars in crypto attacking the once 3rd largest stablecoin, Soros style.

Tools

  • Ethereum Signature Database by samczsun.

Premium Content

This post is for paid subscribers

Already a paid subscriber? Sign in
© 2025 Peter Kacherginsky
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More