BlockThreat - Week 19, 2022
GoDaddy | Coinzilla | Etherscan | UST | RedLine
I hope you got some rest last week, because this one was brutal. GoDaddy compromise resulted in DNS takeovers of multiple DeFi projects. Malicious Coinzilla ads phished users across Etherscan, CoinGecko and other highly trusted resources. $40B LUNA/UST meltdown triggered a chain halt to prevent governance attacks and caused additional $56M+ in losses across DeFi projects with faulty stablecoin price oracles.
This week did not have too much traditional smart contract exploitation as attackers find it easier to target web2 infrastructure. If you are not already including infra and 3rd party dependencies in your threat model, then now is the time. Oh and be on the lookout for job applications coming from North Korea.
The rise of the crypto cop and a real shortage of them.
Coffeezilla, the YouTuber Exposing Crypto Scams article in The New Yorker.
On May 9, 2022 HoneySwap users lost $20K as a result of a domain hijacking attack which tricked users into sending tokens to the wrong address.
On May 9, 2022 Ownly lost $30K as a result of a logic error in its unstaking function.
On May 10, 2022 Neorder DAO lost $3.3M due the private key leak.
On May 11, 2022 Kava lost half of its value after its hardcoded UST price was used to generate lost of bad debt.
On May 15, 2022 Scream Protocol lost $35M due by hardcoding fUSD stablecoin to $1 when it in fact lost its peg.
Solana patched a vulnerability in its implementation of the `sdiv` instruction which could lead to monetary losses after it was responsibly disclosed by the BlockSec Team.
Sturdy patched a vulnerability in its fallback oracle configuration after it was responsibly disclosed by Nnez.
Balancer patched a DoS vulnerability after it was responsibly disclosed through Immunefi.
Geth patched a DoS vulnerability caused by a malicious p2p message.