Blockchain Threat Intelligence

Share this post

BlockThreat - Week 45, 2022

newsletter.blockthreat.io

BlockThreat - Week 45, 2022

FTX | OFAC | North Korea | brahTOPG | Abracadabra

Peter Kacherginsky
Nov 16, 2022
∙ Paid
4
Share this post

BlockThreat - Week 45, 2022

newsletter.blockthreat.io
Share

It’s never a dull week in crypto! FTX is spiraling out of control with bankruptcy, legal troubles, and now a major compromise. A pattern is emerging with asset issuers quickly blacklisting bad actor’s addresses. Following the FTX hack Tether and Paxos froze $40M. U.S Treasury doubled down on Tornado Cash sanctions by explicitly linking it to North Korea’s nuclear weapons program.

Stay safe out there and let’s dive into the news.

News

  • U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud.

  • North Korean hackers used new methods to target Israeli crypto.

  • New Treasury sanctions link Tornado Cash to North Korea's nuclear weapons program.

  • US Sanctions 3 Individuals, Dozens of Bitcoin, Ether and Bitcoin Cash Addresses on Opioid Allegations.

  • Bankrupt FTX Faces Criminal Investigation in the Bahamas.

  • Desperate FTX customers may have exploited NFT-linked loophole to recover funds before bankruptcy filing.

Scams

  • Reports of an ongoing malware campaign targeting Telegram users.

Hacks

  • On November 8, 2022 Abracadabra lost $110K in a price oracle manipulation attack.

  • On November 9, 2022 brahTOPG lost $90K due to insufficient function parameter validation.

  • On November 12, 2022 FTX insider stole $380M from wallets across Ethereum, BSC, Polygon, BSC, Tron, and Solana chains. The events surrounding the compromised resulted in many unfounded rumors such as a malicious mobile app update and a hacked website. FTX responded by moving remaining assets to new cold storage addresses. USDT and PAXG also responded by freezing attacker’s assets.

Other Incidents

  • Cryptocom accidentally sent $400M to the wrong address.

  • Tokensoft Inc doxed 5,000 users in a misguided effort to deter cheaters.

Vulnerabilities

  • Flashbots fixed a DoS in a relay module thanks to a responsible disclosure by Sambacha.

  • Bitcoin Optech Responsible Disclosures Database.

Malware

  • Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns by Talos.

  • The state of cryptojacking in the first three quarters of 2022 by Kaspersky.

  • KmsdBot: The Attack and Mine Malware by Akamai.

Research

  • Reorg resilience and security in post-SSF LMD-GHOST.

  • Does OpenSea Shared Storefront have a backdoor? by William Entriken.

Tools

  • Socketscan - bridge transactions explorer.

  • Web3 Decoder Burp Suite Extension.

Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.

Premium Content

Indicators

Keep reading with a 7-day free trial

Subscribe to

Blockchain Threat Intelligence
to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2023 Peter Kacherginsky
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing