Week 24, 2020

FileCoin | Kubernetes | SpaceX | Estonia

There was an uptick of scam reports this week ranging from Estonia’s massive cleaning operation, fake Elon Musks, and a fake Privnotes site. Malicious Monero miners are still hacking everything they can get their hands on from Azure Kubernetes servers to vulnerable SQL and Windows boxes. Also, a big oops on Filecoin’s testnet where miners exploited an inflation bug to mint millions.

In other news, Craig Wright may have just self-incriminated himself into hacking Mt. Gox by claiming ownership of one of the attacker’s BTC addresses.

Hacks

Vulnerabilities

  • Inflation Bug discovered and exploited by 6Block on Filecoin’s Testnet with several accounts now holding a billion each. No additional details are available on the vulnerability; however, it appears that the bug is exploitable by miners.

Scams

Malware

Research

That’s all for this week in Blockchain Threat Intelligence. Check out /r/BlockSec for more up to the minute news and see you all next week.

-Peter