Got a fun edition for you this week featuring a number of great blocksec talks from EthCC, podcasts, and research papers. THORChain contracts and users continue getting attacked with more than $8M stolen. In other news, Malaysian police adopted a unique approach to fighting illegal mining.

Let’s dive into the news, but first a special thank you to Trail of Bits which sponsored this week’s edition:

News

• PlugWalkJoe arrested in connection with the 2020 Twitter hack.

• Virgil Griffith arrested for violating terms of his bail.

Media

• Interview with a Searcher with MEV Senpai and Hasu

• Security Risks in Crypto: How To Stay Safe? by Travin Keith

• Unchained Ep. 256 - How Ransomware Evolved Into a Big Business with Gurvais Grigg

  EthCC[4] Security Track talks:

• Lessons learned from over 300 security audits by Sebastian Banescu

• The streets of Dark Forest are paved with gold by Damian Rusinek

• From a Hackathon to your first Code Audit by Robson Silva Junior

• Becoming the most secure crypto organisation by Matt Johnson

• KVaC: Key-Value Commitments for Blockchains and Beyond by Srinivasan Raghuraman

• CryptoTerminal for Trusted Ethereum Transactions by Pascal Urien

• Fully Automated Formal Verification: How far can we go? by Leo Alt

• Combating Frontrunning and Malicious MEV Using Threshold Cryptography by Jannik Luhn Shutter Network

• Exploiting and Securing DeFi Projects with Formal Methods by Xinyuan Sun

• Securing DeFi - A sneak peek in the world of Ledger Nano Ethereum plugins by Jean Passot

• Oracles from the Ground Truth to Market Manipulation by Shayan Eskandari

• More talks here.

Scams

• An interesting exploit/rug pull by the creators of Layer.farm by RugDoc

• New ETH stealing scam on Discord writeup by Immunefi

Hacks

• On July 20, 2021 Sanshu Inu deflation mechanism flaw was exploited which resulted in the loss of $110K. Interestingly the attacker got front-run by an MEV searcher.

• On July 22, 2021 THORChain ETH Router was exploited which resulted in the loss of $8M. The attacker left a taunting message in TX data field.

• On July 23, 2021 THORChain’s RUNE token transfer method incorrectly handled message origin was abused in an airdrop scam campaign which resulted in the loss of $76K worth of RUNE.

Research

• Should I Use Spot Price as my Oracle? by samczsun. Spoiler alert: No!

• Ethereum Reorgs After The Merge by Georgios Konstantopoulos, Vitalik Buterin

• Dr. Reorg or: How I Learned to Stop Worrying and Love MEV by Saneel Sreeni

• Iron Finance Debacle: Was it really a bank run? (no) by Herbert Eng

• Assessment of Quantum Threat To Bitcoin and Derived Cryptocurrencies

• Automated Test-Case Generation for Solidity Smart Contracts: the AGSolT Approach and its Evaluation

• How to Stay Motivated When Hunting for Bugs by CKK

Tools

• Scribble Generator by Consensys Diligence

Help support BlockThreat!

Over the past two years, BlockThreat has gained hundreds of followers including exchanges, asset issuers, DeFi projects, engineers, investigators, law enforcement, and many others. This newsletter is a labor of love which takes many hours weekly to prepare. If you found BlockThreat valuable consider supporting its future growth:

1) Make an individual contribution.
2) Sponsor an edition where you can place an advertisement.
3) Share your job postings in the next edition.
4) Share the newsletter with a friend or a colleague.

Stay informed and see you in the next week’s edition!

- Peter Kacherginsky (iphelix)