BlockThreat - Week 50, 2021
Grim | Sorbet | Adidas | Fractal | Phorpiex
Welcome to the latest catch-up edition. As we revisit events late last year we continue observing NFT platforms becoming a more significant target with Discord channels, airdrops mechanisms, and users phished all to gain the precious tokens. More traditional DeFi projects continue to be attacked curiously on more diverse set of EVM-compatible networks where developers may have slipped or simply don’t have the same tools (e.g. reliable oracles) available to them.
News
Scams
The Biggest Threat to Trust in Cryptocurrency: Rug Pulls Put 2021 Scam Revenue Close to All-time Highs by Chainalysis.
Scamming scammers by selling a private key to a blacklisted USDT wallet and sweeping any inbound ETH.
Denver man loses $1.6 million in new "Pig Butchering" cryptocurrency scam.
Airdrop phishing campaign targeting high value NFT owners.
EverestDAO rug pulls with a fake wallet breach message.
Fractal discord compromised, $150K phished from channel participants.
Hacks
On December 13, 2021 Definer contract on OEC network lost $5K due to oracle manipulation.
On December 17, 2021 Adidas NFT airdrop mechanism was tricked to mint 330 tokens in a single transaction.
On December 19, 2021 Grim Finance reentrancy vulnerability was exploited which resulted in the loss of $30M.
Vulnerabilities
Sorbet Finance fixed a critical vulnerability by performing a whitehat hack after receiving an urgent notification.
Umbra patched a minor front-end bug which would could hide funds.
Malware
Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions by Check Point Software.
Research
Intro to Cryptography and Signatures in Ethereum by Immunefi.
“Alpha-Rays” behind the scenes on ECDSA attacks.
00 on ZKP implementation attacks.
The ‘U Up?’ Files With samczsun by Immunefi.
The Hidden World of Ethereum Snipers by Samneet Chepal.
How To Light Up The Dark Forest - A Walkthrough of Building A Cryptopunk MEV Inspector by Robert Miller.
Brownie Tutorial 26 -- 🦧 Ape Safe! 🦍 Safely Interact with Web3 Using Brownie.
SAILFISH: Vetting Smart Contract State-Inconsistency Bugs in Seconds.
Tools
Tutela - Tornado Cash pool anonymity auditor.
Subway - A practical example on how to perform sandwich attacks on UniswapV2 pairs.
Premium Content
Indicators
Grim Finance Attacker:
FTM: 0xdefc385d7038f391eb0063c2f7c238cfb55b206c
ETH: 0xdefc385d7038f391eb0063c2f7c238cfb55b206c