Welcome to the last Blockchain Threat Intelligence newsletter for this year. We are ending the year with just a few more hacks, one of a DeFi project and one of an exchange. Additional Livecoin exchange hack details reveal some suspicious activity and Parity hackers have suddenly awoken after 3 years. I’ll keep this edition brief, but be on a lookout for the Year in Review report coming out in the next few days.
On December 28, 2020 COVER Protocol minting vulnerability resulted in $9.4M worth of COVER token minted by multiple attackers. One of the attackers, Grap Finance, has publicly acknowledged the hack and returned $3.2M with a message for Cover devs. Several write ups describe details of the hack. Interestingly, Binance vowed to compensate $10M of the stolen funds to its customers.
On December 28, 2020 Voyager Digital reported its DNS server getting compromised. No funds or PII were stolen according to the exchange.
On December 19, 2020 bitcoin.org website was under a heavy DDoS attack.
Ethology: A Safari Tour in Ethereum’s Dark Forest dives into the world of frontrunning bots by running several live experiments.
Livecoin. Hack or “hack”? Current state recreates a complete incident timeline and raises interesting questions about exchanges operation prior to the “hack”.
An Elaborate Cryptocurrency Scam revisits Twitter hack and draws connections with a multitude of scammer campaigns across Youtube, Facebook, and other social media platforms.
Multisol is a CLI to make contract verification easier.
Help support BlockThreat in 2021!
Over the past two years, BlockThreat has gained hundreds of followers including exchanges, asset issuers, DeFi projects, engineers, investigators, law enforcement, and many others. This newsletter is a labor of love which takes about 10 hours weekly to prepare threat intelligence on various blockchain security topics. If you found BlockThreat valuable consider supporting its future growth:
1) Make an individual contribution.
2) Sponsor an edition where you can place an advertisement.
3) Share your job postings in the next edition.
4) Share the newsletter with a friend or a colleague.
Dear readers, thank you for joining me on this journey to learn and explore the exciting world of blockchain security. I hope you had just as much fun reading and learning about this field this past year. Looking forward to seeing you all again in 2021!
Peter Kacherginsky (iphelix)