Blockchain Threat Intelligence

Share this post
BlockThreat - Week 5, 2022
newsletter.blockthreat.io

BlockThreat - Week 5, 2022

Wormhole | KLAYswap | Meter.io | Compound | Mars Stealer

Peter Kacherginsky
Feb 16
Comment
Share

Things are not looking good in DeFi land this week! Two cross chain bridges got hit in a single week! KLAYswap suffered from a surgical BGP hijacking of its 3rd party dependency to replace the smart contract address on the front-end Dapp and steal crypto from site’s visitors. Justin Sun may be at it again with a governance attack on Compound Protocol to force a TUSD vote. Insider threats, careless access controls, reentrancy, and other bugs netted attackers $333M in a single week, that’s more than all of the losses combined in 2020. Let’s learn from these mistakes and make the blockchain security ecosystem stronger.

News

  • Crime and NFTs: Chainalysis Detects Significant Wash Trading and Some Money Laundering In this Emerging Asset Class by Chainalysis.

  • Pune Cop Kidnapped Trader To Extort Bitcoins Worth ₹ 300 Crore.

  • Maryland Man Drugs Father to Access His $400,000 in Bitcoin.

  • Binance CEO warns users of massive SMS phishing scam.

  • Tron’s Justin Sun Accused of ‘Governance Attack’ on DeFi Lender Compound.

Hacks

  • On February 2, 2022 Wormhole, a Solana/Ethereum bridge, was exploited for $325M. The attacker continues holding stolen assets in their Solana and Ethereum accounts with the world closely watching.

  • On February 3, 2022 KLAYswap front-end was attacked using BGP hijacking to redirect token approvals to a malicious address on the Klaytn blockchain. As a result $1.83M were lost.

  • On February 3, 2022 HypeBears was exploited using a reentrancy vulnerability to mint multiple tokens.

  • On February 4, 2022 Tecra Coin lost $600K from its Uniswap pool after the arbitrary burn vulnerability was exploited in its contract.

  • On February 4, 2022 DePo insider stole $1.6M by draining one of the staking rewards wallets.

  • On February 5, 2022 Meter.io money printing bug was exploited which resulted in the theft of $4.4M.

Vulnerabilities

  • Solidly Exchange patched a critical NFT double counting vulnerability after it was responsibly disclosed through its bug bounty program.

  • Yearn patched a price manipulation bug in its USDT strategy thanks to the report to its bug bounty program.

Malware

  • Mars Stealer: Oski refactoring analysis by 3xp0rt reveals new crypto stealing functionality.

Research

  • A quick reminder of what "shared security" means and why it's so important by Vitalik Buterin.

  • Sealevel Attacks - Examples of common exploits unique to the Solana programming model and recommended idioms for avoiding these attacks using the Anchor framework.

  • How to Audit Solana Smart Contracts Part 1 2 3 4 by Soteria.

  • Solana Internals Series Part 1 2 3 4 by Soteria.

  • Mainnet forking with Forge by Sushi.

  • Notional Double Counting Free Collateral Bugfix Review by Immunefi.

  • The Duality of Web3: Privacy vs. Transparency by Shekar Ramaswamy.

Premium Content

This post is for paid subscribers

Already a paid subscriber? Sign in
© 2022 Peter Kacherginsky
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing