BlockThreat - Week 43, 2020

Harvest | BurgerSwap | SS7 | Office 365 | Ledger

Phishing scams are on the rise with Office 365 and Ledger customers targeted last week. Old school SS7 exploits are still successfully used to take over email accounts belonging to folks in the industry. Another day, another DeFi project arbitraged for a few million stable coins and more in this week’s edition:

Crime

Hacks

  • On October 25th, 2020 an arbitrage weakness in Harvest Finance was exploited to profit an attacker about $24M worth of USDC and USDT. Following the hack, the attacker has transferred gained to funds to the following bitcoin addresses using REN Protocol:

    1Paykw4s2WX4SaVjDrQkwSiJr16AiANhiM
    1HLG86DDEzAxAGmEzxr1SUfPCWcnWA6bMm
    14stnrgMFNR4LesqQRUdo5n1VUx9xdAMeg
    18w2Bm2cCsbLjWQU9BcnjzK8ErmzozrVa3
    1FS2t2eAjmjaNmADN6SMHYo7G4XGpX1osS
    1NdAJ89k1qpRMpZLwuYGQ7VnM45xD2NJXa
    1CLHhshrusvT4XADWA29R2H4ndsSUamEWn

Vulnerabilities

Research

Thanks for joining me this week, stay healthy, and see you all in another edition next week!

-Peter

Loading more posts…