A rare week in the sea of never ending hacks and scams. The DAO hacker may have finally been identified, BitConnect founder indicted, and a DeFi project compromise averted thanks to an MEV bot. Let’s relax and sharpen the saw this week by going over the excellent UnChained 2022 conference recordings, reading up on past vulnerability recordings, and studying Sherlock CTF solutions.

News

• Austrian Programmer And Ex Crypto CEO Likely Stole $11 Billion Of Ether by Laura Shin.

• How could Russia use crypto, and its over 340 crypto businesses, to evade U.S. sanctions?

• Bitcoin Mining in Russia Largely Unaffected Amid Ukraine Invasion.

• BitMEX Founders Plead Guilty to Bank Secrecy Act Violations.

• Bored Ape Owner Files $1M Lawsuit Against OpenSea Over 'Stolen' NFT.

• U.S. Secret Service Launches Cryptocurrency Awareness Hub.

Crime

• BitConnect Founder Indicted in Global $2.4 Billion Cryptocurrency Scheme.

• IRA Financial 'Swatted' at Time of $36M Crypto Hack, Police Officer Tells Victim.

• Apple Store hostage taker demanded $226,000 in cryptocurrency as ransom.

Scams

• Crypto Scammers’ New Target: Dating Apps.

• How Bad Actors Can Abuse Etherscan to Trick You by MyCrypto.

Hacks

• On February 17, 2022 Flurry Finance got hit with a code injection exploit which resulted in $293K losses.

• On February 25, 2022 Remittance Token was exploited using an underflow vulnerability. Luckily MEV bot was able to hijack all of attacker’s profits.

Malware

• Conti ransomware gang chats leaked by pro-Ukraine member.

• Conti ransomware gang takes over TrickBot malware operation.

• A fake Ethereum mining fix for Nvidia GPUs was actually malware.

Contests

• Sherlock CTF 0x0 - Solutions.

• Learning Ethereum Virtual Machine Opcodes With EVM Puzzles by patrickd.

• Damn Vulnerable DeFi V2 - #9 Puppet V2 by patrickd.

See many more CTFs, challenges and their solutions in BlockThreat’s CTF repository.

Media

• UnChained 2022 Conference Recordings.

• Ethereum/EVM Smart Contract Reverse Engineering & Disassembly - Blockchain Security #3 by Patrick Ventuzelo.

• The Ransomware Files Podcast by Jeremy Kirk.

Research

• MEV Research during Wormhole Incident by Misaka.

• Polygon Consensus Bypass Bugfix Review by Immunefi.

• Incident Report: Grim Holiday Hack, Beefy Whitehat Response.

• ScrawlD: A Dataset of Real World Ethereum Smart Contracts Labelled with Vulnerabilities.

• What is Peel Chain by SlowMist.

Tools

• Teleport Transactions is software aiming to improve the privacy of Bitcoin.

• ethernaut-x-foundry - Ethernaut puzzles solved & tested with foundry.

Premium Content