Blockchain Threat Intelligence

Blockchain Threat Intelligence

Share this post

Blockchain Threat Intelligence
Blockchain Threat Intelligence
BlockThreat - Week 46, 2023

BlockThreat - Week 46, 2023

Kronos | dYdX | Multichain | Trader Joe | Shiba Inu

Peter Kacherginsky
Nov 21, 2023
∙ Paid
2

Share this post

Blockchain Threat Intelligence
Blockchain Threat Intelligence
BlockThreat - Week 46, 2023
Share

Greetings!

About $35M were stolen this week across six compromises. A really high amount, but a relatively quiet week in the world of DeFi. Let’s explore some of the more interesting hacks, but first a word about this week’s sponsors. May be the amount above would have been much lower if only projects used BlockSec’s Phalcon Block?


Phalcon Block offers a comprehensive set of tools designed for monitoring, detecting, and responding to web3 compromises. Developed over the course of two years, it has already been utilized to rescue digital assets valued at over $14 million.

What sets this product apart from its competitors is its high signal-to-noise ratio, achieved through a precise attack detection engine and advanced auto-response capabilities — crucial for minimizing losses in a space where exploits can be executed within minutes.

Book a demo today!


Want to get the word out about your blockchain security related product or company? Consider sponsoring the next edition.

Back to the top hacks of the week. Kronos lost $26,000,000 following API key compromise. A related Woo Network entity was previously targeted by North Korean actors with a phishing campaign.

dYdX experienced a highly profitable trading strategy treatment to the tune of $9,000,000. MDC Brooklyn may need to open up another cell next to Avi and Sam.

Multichain lost another $260,000 due to insufficient function access control vulnerability. That’s just embarrassing, especially for a protocol that was already hacked 6 times in the past 3 years.

Trader Joe and Spooky Finance front-end compromises serve as a reminder to carefully vet and freeze web2 dependencies in your Dapps.

To gain access to comprehensive vulnerability write-ups, post-mortems, exploit proof of concepts (PoCs), attacker addresses, and additional data regarding this week’s compromises, please subscribe to the premium plan below.

Oh and be sure to check out SEAL Team’s Crisis Handbook template in the Research section to be used in case of an incident to help manage the investigation.

Let’s dive into the news!

News

  • If you created a bitcoin wallet before 2016, your money may be at risk. A vulnerability in BitcoinJS library used to generate wallets was disclosed by Unciphered. More details on Randstorm page.

  • DOJ Is Seeking $4 Billion From Binance, Criminal Charges Against CZ.

  • Binance parts ways with multiple anti-crime staffers.

  • Solana Denies Security Threat to Saga Phone Flagged by CertiK.

  • Atomic Wallet asks to toss suit over $100M hack, saying it has ‘no US ties’.

  • The True Origin of Hacks - Top Web3 Vulnerabilities by Immunefi.

Crime

  • Delaware authorities reported the authors of fake BlackRock XRP filing to law enforcement. The fake filing was used to create a massive XRP price rally.

  • Australia dismantles crime syndicate that moved nearly $1B in crypto.

  • Tether freezes $225 million worth of stolen USDT after DOJ investigation.

  • FBI Arrests Three Men in Alleged $10 Million Crypto Laundering Scheme.

  • Crypto-denominated Fentanyl Sales Growth Falls to Four-Year Low Following US Sanctions and Enforcement Actions by TRM.

  • An NFT Rug Pull Scammer Has Finally Been Convicted, Faces Federal Prison.

  • Illegal crypto mining rigs found in Poland’s Supreme Administrative Court.

Policy

  • SEC boasts high-volume crypto enforcement in 2023 report.

  • US SEC sues Kraken crypto exchange over failure to register.

Scams

  • Person Linked to Scam Asks FBI for His Seized Cryptocurrency Back.

  • SIM-swap reportedly outs crypto influencer as scammer.

  • OpenSea NFT users report massive email phishing campaign.

  • Beware of Phishing URLs Disguised as Transfer Addresses by SlowMist.

  • Fraudsters make $50,000 a day by spoofing crypto researchers.

  • Bloomberg Crypto X/Twitter account was hijacked with a phishing link.

  • Apple iPhone App Sideloading Could Increase Risk of Crypto Phishing Attacks.

Research

  • Crisis Handbook - Smart Contract Hack by SEAL Team.

  • Deep learning-based solution for smart contract vulnerabilities detection.

  • Account Abstraction Security Guide by ChainLight.

  • Safeguarding the Unseen: a Study on Data Privacy in DeFi Protocols.

  • Towards Stronger Blockchains: Security Against Front-Running Attacks.

  • DRAINCLoG: Detecting Rogue Accounts with Illegally-obtained NFTs using Classifiers Learned on Graphs.

  • Gas Optimization In Solidity: Strategies For Cost-Effective Smart Contracts by Tiutiun Roman and Malanii Oleh (Hacken).

  • Top-10 Vulnerabilities in Substrate-based Blockchains Using Rust by Rektoff.

Tools

  • EVM Hound by g00dv1n is a minimalistic inimalistic Rust library to extract all potential function selectors from EVM bytecode without source code.

  • Roundme by Crytic is a human-assisted rounding analyzer. It helps its operator determine whether an arithmetic operation should round up or down.


Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with detailed information on hacks, vulnerability, indicators, special reports, and searchable newsletter archives.


Premium Content

This post is for paid subscribers

Already a paid subscriber? Sign in
© 2025 Peter Kacherginsky
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share