Blockchain Threat Intelligence

Share this post
BlockThreat - Week 19, 2022
newsletter.blockthreat.io

BlockThreat - Week 19, 2022

GoDaddy | Coinzilla | Etherscan | UST | RedLine

Peter Kacherginsky
May 19
Share this post
BlockThreat - Week 19, 2022
newsletter.blockthreat.io

Greeting!

I hope you got some rest last week, because this one was brutal. GoDaddy compromise resulted in DNS takeovers of multiple DeFi projects. Malicious Coinzilla ads phished users across Etherscan, CoinGecko and other highly trusted resources. $40B LUNA/UST meltdown triggered a chain halt to prevent governance attacks and caused additional $56M+ in losses across DeFi projects with faulty stablecoin price oracles.

This week did not have too much traditional smart contract exploitation as attackers find it easier to target web2 infrastructure. If you are not already including infra and 3rd party dependencies in your threat model, then now is the time. Oh and be on the lookout for job applications coming from North Korea.


Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.


This post is for paid subscribers

Already a paid subscriber? Sign in
© 2022 Peter Kacherginsky
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing