Week 24, 2020
FileCoin | Kubernetes | SpaceX | Estonia
|Jun 17|| 3|
There was an uptick of scam reports this week ranging from Estonia’s massive cleaning operation, fake Elon Musks, and a fake Privnotes site. Malicious Monero miners are still hacking everything they can get their hands on from Azure Kubernetes servers to vulnerable SQL and Windows boxes. Also, a big oops on Filecoin’s testnet where miners exploited an inflation bug to mint millions.
Inflation Bug discovered and exploited by 6Block on Filecoin’s Testnet with several accounts now holding a billion each. No additional details are available on the vulnerability; however, it appears that the bug is exploitable by miners.
A massive crackdown on Estonia’s cryptocurrency companies involved in money laundering and other scams.
Multiple Youtube channels were hijacked as part of the Elon Musk/Space X impersonation campaign to steal Bitcoin.
A definitive Ontario Securities commission report on QuadrigaCX exchange.
A Privnotes[.]com phishing site was found to alter Bitcoin addresses sent in private messages.
A number of misconfigured Azure Kubernetes clusters were exploited to mine Monero.
A research article by Trail of Bits on exploiting ECDSA nonce bias.
That’s all for this week in Blockchain Threat Intelligence. Check out /r/BlockSec for more up to the minute news and see you all next week.