BlockThreat - Week 37, 2022
Profanity | OmniBridge | GMX | Binance | Terra
This week featured a critical vulnerability in the Profanity vanity address generator which is bound to facilitate wallet theft for weeks to come as attackers crack any valuable wallets. The merge (and the launch of EthPoW) already brought its first victim which did not do sufficient chain validation, a centralized exchange fell for a massive price manipulation hack, while Binance made an error by crediting customers the wrong coin.
Interpol issued red notice for Do Kwon following arrest warrant by South Korean Court. Do Kwon was last seen in Singapore.
The Dutch police arrested a man for his role in laundering assets obtained in Electrum wallet phishing campaign.
DoJ forms Digital Asset Coordinators (DAC) Network by tapping 150+ prosecutors to fight cryptocurrency crime.
White House Releases First-Ever Comprehensive Framework for Responsible Development of Digital Assets.
Crypto giveaway scams continue to soar: the number of fake domains grows five-fold in H1 2022 report by Group IB.
How Scammers Are Paying Nothing for Your NFTs by SlowMist.
Scam Sniffer Database includes malicious domains and addresses.
On September 15, 2022 multiple wallets generated by a vulnerable Profanity tool were compromised with at least $3.3M in losses.
On September 16, 2022 OmniBridge lost $286K in a transaction replay attack caused by insufficient chain validation logic.
On September 18, 2022 GMX exchange $400K in a price manipulation attack.
On September 15, 2022 Binance incorrectly credited $19M worth of HNT tokens by incorrectly crediting MOBILE token deposits.
1inch exposed a critical vulnerability in Profanity, an Ethereum vanity address generator, which may allow attackers to bruteforce private keys in about the same time as it took to generate the address much faster than expected.
NFTX marketplace patched a vulnerability which could allow for NFT theft thanks to a responsible disclosure by ErrNil.
StarkEx patched a double-spend vulnerability thanks to a responsible disclosure by Vlad Bochok.
EIP-712 contracts with cached domain separator may be vulnerable to replay attacks.
TeamTNT hijacking servers to run Bitcoin encryption solvers.
A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities report by TrendMicro.
Good Samaritan level on Ethernaut.
Solidity Security & how to change the bytecode of a deployed contract by Peter Robinson.
How do Ethereum Mixing Services work? by Peter Robinson.
Who is Task Force Rusich – the ‘neo-Nazi paramilitary group’ sanctioned by OFAC yesterday? by TRM
Building A PoC For The Uranium Heist by Immunefi.
Ethereum PoS and PoW Security by Beosin.
Collaborative Learning for Cyberattack Detection in Blockchain Networks.
Web3 Graveyard by Razzor.
cETH Price Feed Incident: Post-Mortem by Compound.
Circomspect - static analyzer and linter for the Circom and tutorial.
Qiling Framework - advanced binary emulation network with EVM support and tutorial.
Tornadoxxed address deanonymization tool.
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.