BlockThreat - Week 41, 2022
Mango | TemplateDAO | Rabby | ATK | FTX | Earning Farm | Lazarus
The Hacktober continues! This week’s edition is loaded with post-mortems, writeups, and indicators from various DeFi exploits netting attackers more than $120M. One of the compromises was particularly interesting since attacker’s identity was revealed as someone associated with multiple scams and price manipulation attacks in the past. Profanity wallet generator vulnerability continues claiming new victims with even 1inch, which originally reported it, joining their ranks. Lazarus is at it again with several reported social engineering and phishing attacks against Japanese crypto companies.
North Korean Hacker Group Lazarus Targets Japanese Crypto Firms.
U.S. Treasury fines crypto exchange Bittrex $29M over sanctions violations.
FOI reveals 20% of UK crypto fraud last year relied on Binance.
Crypto scam victims seek to hold Coinbase responsible for losses.
Hacks Dashboard by DeFi Llama.
A bad actor deployed a fake 1inch contract on Fantom network thanks to the Profanity vulnerability.
On October 10, 2022 Carrot lost $30K due to insufficient function access controls.
On October 11, 2022 Mango Markets was exploited with a price oracle manipulation attack with losses over $116M. Interestingly, the attacker was soon discovered and engaged in public discourse on Twitter.
On October 11, 2022 TempleDAO insufficient function access controls vulnerability was exploited to steal $2.36M.
On October 11, 2022 QANPlatform private keys were cracked using the profanity with the losses exceeding $2M.
On October 11, 2022 multiple users of Rabby Swap lost $190K in approved assets due to insufficient function parameter validation.
On October 12, 2022 The Journey of Awakening ATK suffered a $120K loss from a price oracle manipulation exploit.
On October 12, 2022 FTX lost about $100K in gas fees when an attacker tricked its withdrawal system to mint tokens.
On October 13, 2022 Eden Network private keys appear to have been compromised with the owners held for ransom.
On October 14, 2022 Earning Farm lost $971K due to insufficient verification of who originated a flash loan.
Ocean Protocol patched an insufficient function access control vulnerability thanks to a responsible disclosure by chiefdestroyer.eth.
Cosmos patched a critical vulnearbility in all IBC-enabled Cosmos blockchains following due diligence review after the BNB hack last week.
Aptos fixed a DoS vulnerability in its Move VM nodes thanks to a responsible disclosure by Numen Cyber Labs.
The Fall of Hydra Market by OXT Research.
How to test a smart contract function a million times by Tincho.
Pitfalls of using CREATE, CREATE2 and EXTCODESIZE opcodes by MixBytes.
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.