Greetings!
A major and still unexplained hack happened this week. More than $238M were stolen from an address associated with Genesis Global Trading. Funds were quickly transferred to the usual suspects like Railgun, ChangeNow, eXch, Avalanche Bridge, ThorChain, and others. Railgun once again unshielded transfer of stolen funds, so may be attackers will learn to stop using it.
Seif Wallet exposed users’ private keys and passwords to a 3rd party analytics vendor. It’s not clear if any of the 50 exposed keys were actually drained; however, the incident is an interesting lesson in communicating the exposure to users:
According to Seif’s post-mortem, the bug was originally discovered on July 25th (thanks SEAL!) and patched on July 26th.
The announcement of the bug and exposed wallet on X went out on August 20th
No announcement on official Discord.
An earlier announcement on August 8th showed up buried deep in project’s docs.
Publishing such a critical exposure deep inside project’s docs and waiting to make a wider announcement almost a month later is what Web2 does. We can do better!
Parcl experienced simultaneous compromises of both their website and X accounts. In their post-mortem Parcl focuses a lot on the DNS hijacking but a double hack indicates a likely credentials theft from an insider.
To gain access to comprehensive vulnerability write-ups, post-mortems, exploit proof of concepts (PoCs), attacker addresses, and additional data regarding this week’s compromises, please subscribe to the premium plan below.
Let’s dive into the news!