BlockThreat - Week 35, 2022
KyberSwap | Bill Murray | Rug Pull Finder | Coinbase | ShadowFi
A busy week with BSC projects getting picked off one after another with flash loans and reward manipulation bugs. Yet another front-end compromise of KyberSwap continues the alarming trend of bad actors targeting vulnerable web2 infrastructure. Scammers continue getting creative with new schemes to entice users with phishing sites and malware. Coinbase messed up exchange rates triggering a bank run in Georgia. OptiFi and Compound managed to lock up their stablecoin and ETH markets respectively which shows that the DeFi ecosystem is still fragile enough with plenty of assets getting lost even without evildoers.
Let’s dive into the news!
FBI PSA: Cyber Criminals Increasingly Exploit Vulnerabilities in Decentralized Finance Platforms to Obtain Cryptocurrency, Causing Investors to Lose Money.
CEO of collapsed Turkish crypto exchange Thodex faces extradition from Albania following arrest.
Ukraine takes down cybercrime group hitting crypto fraud victims.
Whale Spends 10,000 BTC Worth $203M, Bitcoins Stem From the Infamous 2011 Mt Gox Hack.
Tracking down phishing crew identities part 2 with ZachXBT.
New OpenSea scheme abuses bids with revoked token approvals.
Beta testing phishing campaign used to deliver RedLine Stealer.
On August 29, 2022 DDC lost $104K in a reward manipulation exploit.
On August 30, 2022 Coinbase users in Georgia took advantage of a bad pricing data to sell their stablecoins at inflated rates.
On August 31, 2022 Cupid lost $78K in a reward manipulation exploit.
On September 1, 2022 KyberSwap users lost $265K in a front-end compromise. Binance identified two suspects on their platform.
On September 1, 2022 Bill Murray lost $185K in NFTs and tokens in a likely private key compromise.
On September 2, 2022 ShadowFi lost $300K due to an exposed burn function.
On September 2, 2022 Rug Pull Finder minting mechanism was abused to mint all 450 NFTs by just two wallets.
On September 4, 2022 DAO Officials lost $581K in a reward manipulation exploit.
On August 29, 2022 OptiFi accidentally froze 661K USDC.
On August 30, 2022 Compound governance proposal froze cETH markets.
Report on Nitrokod crypto miner impersonating Google translate desktop by Check Point Research.
ModernLoader RAT used to distribute crypto stealer and miner analysis by Cisco Talos.
Analysis of Sharkbot banking and crypto stealer posing as a fake Android AV app by FoxIt.
Web3 project security practices thread by Damian Rusinek.
Blockchain bridges security & common cross-chain vulnerabilities by Jakub Zmysłowski.
Cairo and StarkNet Security by ctrlc03.
Categorized Code4rena reports by Tomosuke0930.
ZIION VM by Halborn is a one stop blockchain and smart contract security distribution with 100+ tools.
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.