BlockThreat - Week 22, 2022
BAYC | Wex | Rocket Pool | OpenSea
It’s been two weeks of relative quiet in the blocksec space. There are still occasional NFT Discord hacks, a few rugpulls, and a low value DeFi hack or two; however, it’s nice to have a break from half a dozen projects getting compromised with multi-million dollar losses week after week. Is the slowdown caused by the growing security and awareness among DeFi founders and users? Are audits and bug bounties working so well that most vulnerabilities in high value targets are gone? Or may be attackers are just hibernating during the crypto winter and waiting for the next retail influx? All of these sound good to me! So let’s be optimistic by hoping the trend will continue while preparing for the next brutal wave of compromises and even more painful scammer attacks.
In this week’s news, Rocket Pool revealed that on of its developer’s machines got infected with malware which granted attackers complete control over Oracle DAO nodes. It was odd and lucky that attackers only went after some petty cash stored on the oracle nodes instead of trying to cause much greater damage manipulating prices. BAYC community continues getting hit with fake airdrops after the official Discord server got compromised in a trend that will continue relieving investors of their precious NFT assets. This week also featured multiple arrests including the case of Nathaniel Chastain caught insider trading NFTs on OpenSea thanks to blockchain sleuths. Let’s dive into the news for more details!
Former CEO of Crypto Exchange Wex Dmitry Vasiliev Reportedly Detained in Croatia. Wex exchange was a rebrand of the infamous BTC-e exchange known for money laundering.
Breakdown of $6.3M Animoon NFT rugpull by ZachXBT.
On May 26, 2022 Rocket Pool developer machine was compromised and Oracle DAO private keys were stolen resulting in the theft of $28K.
On June 4, 2022 BAYC and OtherSide Discord servers were compromised resulting in $360K+ losses after fake airdrop links were posted.
On June 1, 2022 Solana halted due to a possible chain split caused by a DoS in durable nonces.
Metamask patched multiple web2 vulnerabilities after they were responsibly disclosed by UGWST.
Clipminer Botnet Makes Operators at Least $1.7 Million by hijacking cryptocurrency addresses from the clipboard and mining Monero while idle.
Interesting thread on Oracle Extractable Value by Joran Honig.
MobyMask: An Initiative to Eliminate Phishers by Dan Finlay.