Welcome to BlockThreat!

The year 2021 is almost over, but we are not even close to being done with hacks, vulnerabilities, and other events in the space! In fact, end of the year is when we traditionally see a spike in criminal activity as bad actors try to catch projects when they are most distracted with holidays and staff vacations.

This week was a tough one. The $200M BitMart exchange compromise was closely followed by BadgerDAO’s $120M. The latter was particularly vicious as it targeted end-users navigating to a backdoored Dapp frontend. Be sure to have a token approval checker bookmarked in case of another similar incident. A highly targeted Gnosis safe backdoor and phishing attack is concerning since a similar compromise of a larger governance protocol could have had much worse consequences. Another concerning trend is the spike in crypto-stealing malware campaigns. Be careful out there and read up on the indicators below.

In the good news bucket, thanks to responsible disclosures Solana and Bitclout fixed critical vulnerabilities that could have put billions at risk. This week also features an extraordinary amount of great blocksec research indicating continued maturity of this space.