BlockThreat - Week 12, 2021
ElasticDAO | Vesper Finance | BT Finance | PancakeSwap | Immunefi
|Peter Kacherginsky||Mar 31|
Multiple projects fixed critical vulnerabilities after getting responsible disclosures from Sam, Dedaub team, and others. In many cases these disclosures were facilitated using Immunefi which provides an excellent service to the community by connecting security researchers and various smart contract projects. It was an otherwise quiet week so we can finally enjoy a few fun research papers from Vitalik, Jimmy Song, and others.
Immunefi launched a whitehat scholarship program to help sponsor up and coming security researchers.
Chinese authorities arrested a SIM swapping ring targeting exchange users.
ElasticDAO fixed an infinite minting vulnerability after it was reported by samczsun and Tina Zhen. About $4.4M worth of ETH and EGT tokens were saved as a result of the responsible disclosure. Additional vulnerability details are available here.
Dedaub reported yield skimming vulnerabilities in Vesper Finance and BT Finance DeFi apps.
PancakeSwap patched a vulnerability in its lottery contract after it was responsibly disclosed through Immunefi.
Black Kingdom ransomware targets unpatched exchange servers.
The Most Important Scarce Resource is Legitimacy by Vitalik Buterin
Debunking the Empty Block Attack by Jimmy Song
Conkas is a modular static analysis tool for Ethereum Virtual Machine (EVM) based on symbolic execution.
Help support BlockThreat!
Over the past two years, BlockThreat has gained hundreds of followers including exchanges, asset issuers, DeFi projects, engineers, investigators, law enforcement, and many others. This newsletter is a labor of love which takes many hours weekly to prepare. If you found BlockThreat valuable consider supporting its future growth:
1) Make an individual contribution.
2) Sponsor an edition where you can place an advertisement.
3) Share your job postings in the next edition.
4) Share the newsletter with a friend or a colleague.
Thanks for joining me in this week’s edition and see you all next week!
- Peter Kacherginsky (iphelix)