BlockThreat - Week 9, 2022
TreasureDAO | Bacon | Evolution | Conti | CVX
Greetings!
This week’s edition deep dives into the leaked Conti Ransomware files including their involvement in the Squid Games scam. Only a few DeFi hacks resulting in $2.5M in losses due to reentrancy and input validation bugs as well as a recently trending front-end address injection exploit. Be sure to check out select research papers to sharpen your EVM bug hunting skills.
Enjoy reading BlockThreat? Help support this project by donating in the latest Gitcoin R13 round:
Also, consider becoming a paid subscriber to unlock the premium section with indicators, special reports, and searchable newsletter archives.
Events
TrustX - Ethereum security conference in Amsterdam on April 21-22.
Scams
'Help Ukraine' crypto scams emerge as Ukraine raises over $37 million.
Common crypto scam transaction patterns by PeckShield.
Hacks
On March 3, 2022 Evolution BSC front-end was maliciously modified with a phishing address which resulted in the theft of $26K.
On March 3, 2022 TreasureDAO lost $1.4M in NFTs due to an input validation vulnerability.
On March 5, 2022 Bacon Coin lost $1M after a reentrancy bug was exploited in the lend() method.
Vulnerabilities
Convex Finance redeployed its vlCVX contract after an unknown vulnerability was responsibly disclosed to the project.
Malware
Conti Ransomware Group Diaries, Part I: Evasion by Brian Krebs.
Conti Ransomware Group Diaries, Part II: The Office by Brian Krebs.
Conti Ransomware Group Diaries, Part III: Weaponry by Brian Krebs.
Conti Ransomware Group Diaries, Part IV: Cryptocrime by Brian Krebs.
Media
Why Crypto Scammers Are Scared of This Man - ZachXBT, On-chain Detective, Ep. 187.
Research
VOLCANO: Detecting Vulnerabilities of Ethereum Smart Contracts Using Code Clone Analysis.
EVM Deep Dives: The Path to Shadowy Super Coder 🥷 💻 - Part 1.
EVM Deep Dives: The Path to Shadowy Super Coder 🥷 💻 - Part 2.
How Robert Forster of Armor Finds Big Bugs by Immunefi.
Tools
Smart-Contract-Hash-Matcher - given a contract, find all subcontracts defined on it, calculate their sha-256 hash and look for exact matches.