A number of exchange compromises and critical vulnerabilities were reported in the cryptocurrency ecosystem. Bitpoint suffered a $32 million loss and up to 100 exchanges using AlphaPoint, an exchange platform provider, may have been affected as a result of the hack. A significant vulnerability was reported in 0x prompting the exchange shutdown A Cosmos slashing bypass bug triggered an emergency patch.
News:
US mayors resolve not to pay hackers over ransomware attacks - 225 majors have signed a resolution not to pay ransom in response to the increase of attacks targeting US cities. The action is aimed to de-incentivize further attacks.
Hacks:
Bitpoint cryptocurrency exchange hacked for $32 million - On July 11, 2019 Bitpoint, a cryptocurrency exchange in Japan, has suffered a breach resulting in the loss of 1225 BTC, 1985 BCH, 11169 ETH, 5108 LTC, and 28106343 XRP. The exchange has published the first report of the breach in under 24 hours and continued releasing a series of reports which included a detailed incident timeline and investigation steps taken. It was interesting to note the role of Japan’s Financial Service Agency (FSA) to ensure timely communication of the compromise with the public.
MyDashWallet was compromised for 2 MONTHS - a supply chain attack was reported on the Dash forum which suggested the popular online wallet software was collecting users’ private keys through a backdoored 3rd party library - GreasyFork. According to the blog post, the library was added back in April 2018 and the private key stealing code added between May 13th and July 12th.
Indicators: https://api[.]dashcoinanalytics[.]com/stats.phpUp to 100 crypto exchanges worldwide could be affected - a number of exchanges around the world may have lost funds after AlphaPoint, a New York based white label provider of cryptocurrency exchange services, was compromised with a spear-phishing and sim-swapping campaigns. Bitcoins Norway, Foxbit, Coinext, FlowBTC, Casa do Bitcoin, and other exchanges were among those affected.
Monroe College Hit With Ransomware, $2 Million Demanded - yet another ransomware attack was reported on Wednesday, July 10th asking with a ransom of 170 BTC ($2 million).
Phishing:
Facebook’s Libra Cryptocurrency: Cybercriminals tipping the scales in their favor - the hype around Libra coin has triggered a number of phishing domains getting registered with some of them already scamming users to make an early purchase of the coin.
Vulnerabilities:
The 0x vulnerability, explained - on July 12th, 2019 a critical bug in signature verification caused 0x to shut down the v2 exchange. The vulnerable function accepted a magic value 0x04 as a valid signature for non smart contract accounts. According to the postmortem, there was no evidence that the vulnerability was exploited and the 0x Core Team has patched the vulnerability in the span of a couple of hours.
CosmosSDK Security Advisory 05-30-2019 - a high severity vulnerability in the staking module was patched on the Cosmos network which allowed malicious actors to bypass token slashing for bad behavior. The bug was actively exploited on the network. A patch and an advisory were released within two days after the team learned of the vulnerability.
Be safe and see you all next week for another issue of Blockchain Threat Intelligence newsletter.
| 2 |