Another fun week in blockchain security where a compromised RubyGem account resulted in a cryptojacking code getting added to a popular Ruby library. More details were revealed on the massive Beaxy exchange hack and PlusToken scam.
Malicious cryptojacking code found in 11 Ruby libraries - a compromised RubyGems maintainer account was used to upload multiple backdoored versions of the popular rest-client gem.
Moscow's blockchain voting system cracked a month before election - a 15k USD bug bounty was claimed by a French security researcher who discovered a flaw in a smart contract based Moscow City Duma election system. The smart contract implemented a weak encryption scheme which could be cracked within 20 minutes on a standard personal computer.
Beaxy — Incompetent. In Denial. Insolvent? - a great investigative report into the XRP partial payment hack of Beaxy exchange including a complete incident timeline. The total loss listed in the article was 43 BTC and 111k XRP.
A Survey on Ethereum Systems Security: Vulnerabilities, Attacks and Defenses - a detailed threat model of Ethereum on application, data, consensus, network, and environment layers. The paper also includes examples of attacks and specific defense mechanisms used to protect smart contracts.
10 Million ETH: Big Mysteries Revealed About PlusToken - an investigation into the Ethereum addresses involved in the massive 10 million ETH scam. The report notes that 820k ETH are laying dormant while the remainder have been distributed among 248k Ethereum addresses with top 10 accounts holding a significant portion. Of the funds that moved to the exchanges, attackers have used Huobi for about half of total transactions with ZB[.]com, Upbit, Okex, and Gate[.]io trailing behind.
Advances in Automated Smart Contract Vulnerability Detection - a great demonstration of current state of the art in smart contract security assessment using MythX.
Bitcoin’s Security Budget is Adequate - an analysis of Bitcoin’s security from economic perspective.
Uncovering a MyKings Variant With Bootloader Persistence via Managed Detection and Response - an in-depth report on a variant of a well-known cryptocurrency miner and a backdoor.
That’s all for this week’s Blockchain Intelligence. Stay safe and don’t install miners at work, especially if you work at a Nuclear Reactor.
Protect Your Crypto
Buy a hardware wallet: