BlockThreat - Week 45, 2022
FTX | OFAC | North Korea | brahTOPG | Abracadabra
It’s never a dull week in crypto! FTX is spiraling out of control with bankruptcy, legal troubles, and now a major compromise. A pattern is emerging with asset issuers quickly blacklisting bad actor’s addresses. Following the FTX hack Tether and Paxos froze $40M. U.S Treasury doubled down on Tornado Cash sanctions by explicitly linking it to North Korea’s nuclear weapons program.
Stay safe out there and let’s dive into the news.
U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud.
North Korean hackers used new methods to target Israeli crypto.
New Treasury sanctions link Tornado Cash to North Korea's nuclear weapons program.
US Sanctions 3 Individuals, Dozens of Bitcoin, Ether and Bitcoin Cash Addresses on Opioid Allegations.
Desperate FTX customers may have exploited NFT-linked loophole to recover funds before bankruptcy filing.
On November 8, 2022 Abracadabra lost $110K in a price oracle manipulation attack.
On November 9, 2022 brahTOPG lost $90K due to insufficient function parameter validation.
On November 12, 2022 FTX insider stole $380M from wallets across Ethereum, BSC, Polygon, BSC, Tron, and Solana chains. The events surrounding the compromised resulted in many unfounded rumors such as a malicious mobile app update and a hacked website. FTX responded by moving remaining assets to new cold storage addresses. USDT and PAXG also responded by freezing attacker’s assets.
Cryptocom accidentally sent $400M to the wrong address.
Tokensoft Inc doxed 5,000 users in a misguided effort to deter cheaters.
Flashbots fixed a DoS in a relay module thanks to a responsible disclosure by Sambacha.
Bitcoin Optech Responsible Disclosures Database.
Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns by Talos.
The state of cryptojacking in the first three quarters of 2022 by Kaspersky.
KmsdBot: The Attack and Mine Malware by Akamai.
Does OpenSea Shared Storefront have a backdoor? by William Entriken.
Socketscan - bridge transactions explorer.
Web3 Decoder Burp Suite Extension.
Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.
Keep reading with a 7-day free trial
Subscribe to Blockchain Threat Intelligence to keep reading this post and get 7 days of free access to the full post archives.