BlockThreat - Week 49, 2021
AscendEx | Vulcan Forged | 8ight | Pizza | Solana
Hello friends and welcome back to BlockThreat!
After a brief break from the newsletter, I will be slowly catching up to the current week. Expect not as rich but just as comprehensive editions in the meantime.
My prediction of increased hotwallet compromises toward the end of the year unfortunately came true. AscendEx (aka BitMax) lost almost $78M early in the week. Check out a curious hack of Pizza project on EOS as well as plenty of research articles from this week. On the tool side, Paradigm dropped an excellent Ethereum testing tool called Foundry while Coinbase published a well-tested cryptography library called Kryptology.
Critical log4j vulnerability is being actively exploited to install cryptomining malware. The vulnerability requires a permission to modify configuration file limiting its exploitability.
Google Threat Analysis Group (TAG) successfully disrupted Glupteba group known for data and credentials theft, cryptojacking, and using bitcoin blockchain as its command and control channel. Interestingly Google also launched a legal action in parallel with a technical disruption campaign.
BoosterToken rugpulled by injecting malicious code in its frontend.
Scammer Payback - Stealing crypto back from scammers episode where Pierogi helps recover $5000.
The biggest cryptocurrency scams of 2021 by Matt Binder (Mashable).
On December 6, 2021 8ight Finance project lost $1.75M after its insecurely stored private keys were compromised.
On December 8, 2021 Pizza DeFi project on EOS suffered an infinite mint exploit resulting in the loss of $5M.
On December 12, 2021 Vulcan Forged lost $140M after private keys for 96 of its customers were compromised. The attacker exchanged PYR and other tokens on Uniswap and currently holding assets on Ethereum, Polygon, and BSC networks.
On December 7, 2021 dYdX exchange front-end briefly went down due to AWS outage exposing the risk of reliance on centralized platforms.
Solana Phantom wallet auto-approve “feature” is getting actively exploited by malicious sites draining users’ funds.
QNAP issued an advisory about an ongoing cryptominer campaign targeting vulnerable NAS devices.
Kaspersky Security Bulletin - The story of the year: ransomware in the headlines explores current trends in ransomware including increase in more targeted infections.
Cuban ransomware gang targets tribal casinos and other US-based entities.
Is the $6B locked in L2 secure? by Bartek Kiepuszewski explores security of Arbitrum chain.
Kryptology - advanced cryptography library by Coinbase.
Foundry - Ethereum development toolbox by Paradigm.
Vulcan Forged Attacker: