Week 16, 2019

Fancy Bear | CEX | Electrum | EOS

Welcome to this week’s newsletter! The Mueller report was released and contained plenty of interesting revelations about the use of cryptocurrency by both state actors and also investigators following their trail on the blockchain.

News:

Research:

  • Russia’s Bitcoin Hacking Funds — a well researched article revealing wallet addresses and cryptocurrency funds movements mentioned in the Mueller report above.

  • Electrum Bitcoin wallets under siege — an in-depth technical report on the evolution of Electrum wallet malware variants as well as the malware behind the ongoing DDoS campaign targeting the Electrum network.

  • EOS smart contract centralization risks— a new referendum on the EOS network to address a previously unpublicized security risk. By design, smart contract developers currently have complete control over token ownership including the ability to freeze accounts and redirect transfers. These actions can be performed by the smart contract developers without the need for Block Producer votes.

  • Signature Replay Vulnerabilities in Smart Contracts — an interesting discussion of a vulnerable design pattern when checking message signatures without nonces.

And this wraps up blockchain threat intelligence for this week. Stay secure and good luck if you are hunting the Satoshi’s Treasure. It looks like folks are making great progress.