BlockThreat - Week 10, 2021
EIP1559 | Roll | DODO | Nano | Zerion
Welcome back to the Blockchain Threat Intelligence newsletter! After a brief break and a happy wedding (part of it on-chain), I’m excited to dive back into the fun world of BlockSec. This week we will discuss the EIP1559 drama happening on the Ethereum blockchain, 0day markets and NFTs, and several DeFi hacks. Be sure to read the DODO post-mortem for mad a ride through the Dark Forest.
News
- A small group of miners proposed to fork the Ethereum network as a protest to reduced miner rewards in the EIP 1559 proposal. In response, a contingency plan was established to quickly move from PoW to ETH2.0 PoS in case of a 51% attack.
- NFT with a 0day exploit for Quake3 was (briefly) listed on a popular marketplace OpenSea.
- Romanian law enforcement arrested a hacker responsible for the theft of 620K euros from an unidentified exchange.
- Turkish police arrested a Chinese gang which kidnapped workers and forced them to operate a cryptocurrency scam.
Hacks
- On March 14th, 2021 Roll platform’s hot wallet keys were compromised which resulted in the loss of $5.7M worth of various social tokens.
- On March 9th, 2021 DODO V2 Pool contracts were exploited by calling an initialization function which was supposed to be called only once. $3.8M worth of crypto were stolen. In a surprising twist, attackers themselves were front-ran by arbitrage bots who returned the majority of stolen funds.
- On March 7th, 2021 Nano network came under a multi-week DoS attack which resulted in many nodes getting knocked out of sync and transactions getting significantly delayed. The DoS condition was triggered by a large number of dust accounts which saturated the network and overloaded nodes.
- In February, 2021 Zerion platform was tricked to list a malicious Balancer clone which resulted in the loss of $30K worth of funds.
Malware
- Fake crypto wallets on the rise in Google and Apple App Stores.
- UnityMiner targets vulnerable QNAP NAS devices to mine crypto.
- Fake Ad Blocker delivers ransomware and cryptominer in one package.
Research
- A History of Bitcoin Transaction Dust & Spam Storms
- HashSplit: Exploiting Bitcoin Asynchrony to Violate Common Prefix and Chain Quality.
- BLOCKEYE: Hunting For DeFi Attacks on Blockchain.
- Snarky Ceremonies.
- SciviK: A Versatile Framework for Specifying and Verifying Smart Contracts.
- Selfish Mining Attacks Exacerbated by Elastic Hash Supply
- Formal Modelling and Security Analysis of Bitcoin’s Payment Protocol
- EtherSolve: Computing an Accurate Control-Flow Graph from Ethereum Bytecode
Tools
- OpenZeppelin launched Sentinels a smart contract security monitoring service. The service is available free for individual use.
Thanks for joining me this week and see you all in the next week’s edition as I’m slowly catching up on the news.
- Peter Kacherginsky (iphelix)