BlockThreat - Week 39, 2023
Dice9 | Seal 911 | FTX | Three Arrows
Seal 911 team had its first public win after @FrankResearcher and @pcaversaccio saved $200,000 for a BSC-based DeFi project. FTX hacker woke up days before the trial to start moving funds through ThorChain while Three Arrows founder was apprehended trying to flee. This week’s edition features indicators for a number of malware families that you should keep in mind while setting up internal security practices. Otherwise, enjoy the rare quiet week to catch up on research papers.
To gain access to comprehensive vulnerability write-ups, post-mortems, exploit proof of concepts (PoCs), attacker addresses, and additional data regarding this week’s compromises, please subscribe to the premium plan below.
Let’s dive into the news!
Immunefi introduced Vaults system to combat unfair bounty rewards.
Ripple back out of Fortress Trust acquisition following the hack.
Global Web3 Security Report, AML Analytics & Crypto Regulatory Landscape - Q3 2023 by Beosin.
Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company by Eset. The new ‘LightlessCan’ payload can bypass common detection tools.
A cryptor, a stealer and a banking trojan by Kaspersky shares details on Lumma stealer and Zanubis banking trojan families.
BunnyLoader, the newest Malware-as-a-Service by Zscaler reports on a new strain which steals browser credentials and crypto.
Scraping Bits by DeGatchi - How Coinbase's Lead Investigator Tracks Down Web3 Blackhat Hackers - Ft. Peter Kacherginsky.
Finding Analysis 01: Evil NFT by Solodit.
Bridge Bug Tracker by 0xDatapunk.
GothicShanon interview with Immunefi.
Minimal Proxy Compendium by banteg.
Murph - Transpile EVM bytecode into huff.
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with detailed information on hacks, vulnerability, indicators, special reports, and searchable newsletter archives.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.