Hey folks!

It’s been two weeks of relative quiet in the blocksec space. There are still occasional NFT Discord hacks, a few rugpulls, and a low value DeFi hack or two; however, it’s nice to have a break from half a dozen projects getting compromised with multi-million dollar losses week after week. Is the slowdown caused by the growing security and awareness among DeFi founders and users? Are audits and bug bounties working so well that most vulnerabilities in high value targets are gone? Or may be attackers are just hibernating during the crypto winter and waiting for the next retail influx? All of these sound good to me! So let’s be optimistic by hoping the trend will continue while preparing for the next brutal wave of compromises and even more painful scammer attacks.

In this week’s news, Rocket Pool revealed that on of its developer’s machines got infected with malware which granted attackers complete control over Oracle DAO nodes. It was odd and lucky that attackers only went after some petty cash stored on the oracle nodes instead of trying to cause much greater damage manipulating prices. BAYC community continues getting hit with fake airdrops after the official Discord server got compromised in a trend that will continue relieving investors of their precious NFT assets. This week also featured multiple arrests including the case of Nathaniel Chastain caught insider trading NFTs on OpenSea thanks to blockchain sleuths. Let’s dive into the news for more details!

Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.

Media

• Off the Chain Con 2022 Livestream.

• The WLD Show - samczsun: The “Batman of Crypto” on How It Feels to be a White Hat Hacker.

News

• Former CEO of Crypto Exchange Wex Dmitry Vasiliev Reportedly Detained in Croatia. Wex exchange was a rebrand of the infamous BTC-e exchange known for money laundering.

• Former Employee Of NFT Marketplace Charged In First Ever Digital Asset Insider Trading Scheme. The scheme was first identified by online investigators following transactions in Nate’s wallets.

• FTC reports show scammers cashing in $1B+ on crypto craze.

• Hacker Used ‘Social Media Data Leak’ to Steal USD 660K in Crypto from 90 Victims.

Scams

• Breakdown of $6.3M Animoon NFT rugpull by ZachXBT.

Hacks

• On May 26, 2022 Rocket Pool developer machine was compromised and Oracle DAO private keys were stolen resulting in the theft of $28K.

• On June 4, 2022 BAYC and OtherSide Discord servers were compromised resulting in $360K+ losses after fake airdrop links were posted.

Other Incidents

• On June 1, 2022 Solana halted due to a possible chain split caused by a DoS in durable nonces.

Vulnerabilities

• Metamask patched multiple web2 vulnerabilities after they were responsibly disclosed by UGWST.

Malware

• Clipminer Botnet Makes Operators at Least $1.7 Million by hijacking cryptocurrency addresses from the clipboard and mining Monero while idle.

• Tales From the Honeypot: WatchDog Evolves With a New Multi-Stage Cryptojacking Attack.

Research

• Interesting thread on Oracle Extractable Value by Joran Honig.

• MobyMask: An Initiative to Eliminate Phishers by Dan Finlay.

• Detecting Cybercriminal Bitcoin Relationships through Backwards Exploration.

Premium Content