Hi folks,

From DeFi and exchange hacks to wallet key leaks and PII theft it seemed like nothing was safe this week. Every day I was anxiously waiting for yet another major compromise. The Nomad bridge hack was particularly painful as the replayability of the exploit enticed hundreds of copycats to hack away at the treasury. North Korean actors continue their spear phishing campaigns targeting crypto business while a mining pool was caught playing with consensus mechanisms to maximize its profits.

It’s easy to despair when faced with attacks on all sides. However, I invite you to just hang in there, learn the painful lessons from each compromise, and slowly make our ecosystem safer. Because what we are building is worth it.

News

• BTC-e Operator Alexander Vinnik Has Been Extradited to the US.

• Vulnerabilities in Cross-chain Bridge Protocols Emerge as Top Security Risk report by Chainlysis.

• Police in Kazakhstan Arrest Gang Forcing IT Specialists to Run Crypto Farms.

Scams

• Master of Anons: How a Crypto Developer Faked a DeFi Ecosystem.

• Fake MEV contract scam campaign on YouTube.

Hacks

• On August 1, 2022 Nomad Bridge lost $186M as a result of message verification bypass. Hundreds of unique addresses participated in the attack due to the ease of exploiting the vulnerability.

• On August 2, 2022 Reaper Farm lost $1.7M due to insufficient function parameter validation.

• On August 2, 2022 ZBExchange hot wallet was emptied to the effect of $3.6M.

• On August 2, 2022 more than 9000+ wallets on Solana network lost $5.9M possibly linked to a data leak vulnerability in Slope Wallet which sent private key data to its Sentry service. It’s still not clear how attackers were able to intercept or obtain that data from Slope’s backend.

• On August 3, 2022 Klaviyo email marketing firm lost email lists for 38 crypto-related companies including Rarible and Swan Bitcoin.

• On August 4, 2022 deBridge Finance and earlier Woo Network were targeted in a spear phishing attack tied to a North Korean actor.

• On August 6, 2022 GenomesDAO insufficient function access control was used to steal $43K.

Vulnerabilities

• interBTC Bridge fixed multiple critical funds theft vulnerabilities thanks to a responsibly disclosure by Pwning.eth.

• NEAR Protocol patched a data leak vulnerability in their wallet thanks to a responsible disclosure by Hacxyk.

• Agave Finance fixed an uninitialized proxy vulnerability after it was responsibly disclosed by Hacxyk.

Contests

• Vyperpunk wargame implemented using Vyper.

• CryptoHack CTF Archive.

Media

• BlueHat IL 2022 - Tal Be'ery & Shalev Keren - Web3 Security: The Blockchain is Your SIEM. Blockchain is your SIEM!

Research

• Uncle Maker: (Time)Stamping Out The Competition in Ethereum and the corresponding white paper both point to F2Pool engaging in this consensus attack to reap greater rewards.

• The Ultimate 100+ Point Checklist Before Sending Your Smart Contract for Audit by Jeffrey Scholz.

• An Empirical Study on Ethereum Private Transactions and the Security Implications.

• How to change your Black Hats into White Hats by Micah Zoltu.

• Dark Side of CREATE2 opcode by Jayakumar.

• EVM and ELF in one binary.

• BlockSec Academy Archives.

Job Listings

Fill out the Job Posting Form to share available positions with thousands of BlockThreat subscribers.

Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.

Premium Content