Dear Readers,

Happy happy new year! As we wrap up this year, I wanted to thank you for joining me on this journey. I can’t believe it’s already been four years since I have discovered the blockchain security industry and started sharing it through this newsletter. Week after week I’m left with the feeling of wonderment which hopefully inspired some of you to join the fun as a hobby or even a full time career. Here is for many more years together, cheers! 🥂

In the last week of the year, 3Commas finally admitted the API leak, BlueNoroff started using new social engineering and malware techniques while crypto scam campaigns triggered regulator and FBI warnings. Multiple private key compromises this week with one particularly unfortunate incident involving a bitcoin developer.

That’s all folks, see you all next year!

News

• 3Commas Admits It Was Source of API Leak That Led to Hacks.

• A Review on the Security of Blockchain by SlowMist and Coinlive.

• 2022 Crypto Investigations Wrap-Up by CertiK.

• Looking back at 2022 and towards 2023 to see what the future holds for digital assets policy by TRM Labs.

• Ukrainian Steals Bitcoin From Russian Darknet Market, Donates to Charity.

• Kevin O'Leary's Twitter Account Hacked to Promote Bitcoin, Ethereum Giveaway Scam.

• Tornado Cash Sanctions and the Fourth Amendment by nfttorney.

Scams

• The MOST EVIL Crypto SCAM: Boris and Bob Rug-Pulled $19M by DeFiYield Security.

• Users of BitKeep wallets lost up to $31M in a mass phishing campaign that distributed malicious wallet APK files.

• Analysis of WIN-799RI0TSTOF NFT Stealer by harry.eth.

• California regulator issues barrage of crypto scam warnings.

• FBI Renews Warning About Pig Butchering Crypto Scam Sweeping the Country.

• Address Poisoning Token PoC by jtriley.

Hacks

• On December 26, 2022 Amun lost $300K after a stolen private key was used to reconfigure the smart contract.

• On December 29, 2022 Japeggerz lost $20K due to a reentrancy vulnerability.

• On December 31, 2022 Luke Dashjr lost $3.3M in Bitcoin in a private key theft attack which may be related to an earlier server compromise.

• On December 31, 2022 Quota Network lost $270K by failing to implement proper access controls for initialize function.

Malware

• BlueNoroff introduces new methods bypassing MoTW by Kaspersky.

Media

• From NSO Group Hacker to Web3 Security Researcher: An Interview with Trust by Andy Li.

• Darknet Diaries - EP 131: Welcome To Video.

Research

• How to start analyzing any Web3 protocol or product using SQL (in just five minutes) by Andrew Hong.

• AutoMESC: Automatic Framework for Mining and Classifying Ethereum Smart Contract Vulnerabilities and Their Fixes.

• The Case for an On-Chain Risk Oracle by Yaron Velner.

• Practical Cryptography and Distributed Ledgers.

• ZK Bug Tracker by 0xPARC.

• Difficulty of Reproducing Old Exploits by Brian IsMeta.

• Financial Crimes in Web3-empowered Metaverse: Taxonomy, Countermeasures, and Opportunities.

• Rekt - War On Code - rekt.news meets The Defiant.

Tools

• Regex EVM Disassembler.

Enjoy reading BlockThreat? Consider sponsoring the next edition or becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.

Premium Content