BlockThreat - Week 42, 2022
3Comma | Moola | BitKeep | Layer2DAO | BitBTC | QiDAO
About $10M lost from hacks and $6M from phishing attacks in another wild week in blockchain security. What’s staggering is not only the amount of incidents, but their variety ranging from the more common DeFi and social media compromises to blockchain level and unique inflated gas reward manipulation attacks.
On the bright side, multiple hacking victims returned most of their stolen assets by negotiating with attackers for a forced “bounty” payment or just a promise not to prosecute. Law enforcement is also not sleeping with multiple indictments, arrests, and sentencing all happening this week.
Be safe out there! Oh and be sure to check out amazing security resources dropped this week in the research and media sections.
Retail investors become vigilantes in hunt for crypto’s most wanted man who continues giving interviews even on the run.
Crypto Scammers Are Often Victims Too a horrific look inside crypto scam centers in Cambodia.
SlowMist: “Blank Check” eth_sign Phishing Analysis by Slowmist.
On October 16, 2022 LiveArtX lost $39K in NFTs due to a private key compromise.
On October 17, 2022 BSV network was under a DoS attack by a miner producing empty blocks preventing finalization of new transactions.
On October 17, 2022 PLTD lost $24K in a price oracle manipulation attack.
On October 17, 2022 BitKeep lost $1M due to insufficient function access controls.
On October 18, 2022 Moola Market lost $8.4M (recovered $7.8M) in a price oracle manipulation attack.
On October 21, 2022 OlympusDAO lost and later recovered $292K due to an insufficient function parameter validation flaw.
On October 22, 2022 Layer2DAO lost $400K (recovered $312K) in a wild exploit involving uninitialized contracts, cross-chain liquidity crunches, and eventual buy back of stolen tokens at a reduced price.
ALTAVA patched a flaw in their airdrop strategy thanks to a responsible disclosure by Riley Holterhus.
ERMAC Android Banking Trojan Analysis report by Cyble on a campaign targeting cryptocurrency users.
Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability report by Fortinet discusses a cryptominer campaign.
DevCoin 6 - Security Track Talks.
Web3 Security Library by Immunefi.
DeFi Hacks Analysis - Root Cause database by SunSec.
Practical Guide into Analyzing MEV in the Proof-of-Stake Era by Toni Wahrstätter.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.