Blockchain Threat Intelligence

Share this post

BlockThreat - Week 28, 2022

newsletter.blockthreat.io

BlockThreat - Week 28, 2022

PREMINT | Uniswap | Mixers

Peter Kacherginsky
Jul 19, 2022
1
Share this post

BlockThreat - Week 28, 2022

newsletter.blockthreat.io

Hey folks,

This week featured two attacks targeting DeFi users. The massive Uniswap airdrop phishing attack was successful enough to call attention of CZ and other crypto celebrities. Unfortunately, a quick check of your wallets will likely show a dozen unknown tokens sent as part of previous airdrop campaigns. Following a series of DNS hijacking in June, attackers managed to compromise PREMINT server itself and post a malicious approval contract to steal users’ tokens. Not fun at all and once again reinforces the need for stronger wallet-side defenses to protect us.

Let’s dive into the news and be sure to check out the Job Listings section in case you get inspired to make blockchain security your career. Premium Indicators section has attacker addresses for all of the hacks below.

Events

  • DeFi Security Summit in Stanford, CA on August 27-28.

News

  • FBI Notification: Cyber Criminals Create Fraudulent Cryptocurrency Investment Applications to Defraud US Investors.

  • 2022 Q2 Web3 Security Report by Beosin.

Scams

  • Massive airdrop scam campaign targeting Uniswap LPs tricks steals $8M from 74K+ wallets.

Hacks

  • On July 17, 2022 PREMINT users lost $400K after interacting with a malicious contract on the compromised project website.

Research

  • 20 years of payment processing problems by Kaimi.

  • Crypto Mixer Usage Reaches All-time Highs in 2022 With Nation State Actors and Cybercriminals Contributing Significant Volume by Chainalysis.

  • On Writing Secure Smart Contracts by Matthew Di Ferrante.

  • Flashbots: Kings of The Mempool by noxx.

  • Two Novel Crypto Wallet Exploits, Explained by Immunefi.

Job Listings

  • Halborn is hiring for a variety of engineering and marketing roles. To apply, visit https://halborn.com/careers/.

    Fill out the Job Posting Form to share available positions with thousands of BlockThreat subscribers.

Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.

Premium Content

Keep reading with a 7-day free trial

Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Peter Kacherginsky
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing