BlockThreat - Week 15, 2021

MEV is the word of the day and I dedicated a whole section of the newsletter for you to catch up on the latest events in the Dark Forest. In other news there was a lot of regulatory activity with new sanctions and analysis published below. Stand-alone blockchains have been having increased number of consensus bugs with Stellar, OpenEthereum, and Tendermint issuing patches. Only the latter did so preemptively thus avoiding a major incident.

As a reminder, the OpenBlockSec Incidents repository is growing every day now with a complete coverage of incidents and post-mortems from past years. Check out this busy year in early exchange history. Does it remind you of the DeFi space today?

News

• Janet Yellen, Bitcoin And Crypto Fearmongers Get Pushback From Former CIA Director after he published An Analysis of Bitcoin’s Use in Illicit Finance in response to the Janet Yellen’s warning earlier this year.
• Biden calls out crypto's use in sanctions evasion in executive order response to Russian cyberattacks. The complete sanctions list includes a number of BTC, BCH, ETH, LTC, ZEC, DASH, and other addresses.
• U.S. Regulator’s Crypto Conundrum Hurts Ransomware Victims explores how some regulations make it actually harder to catch criminals.
• Hackers move $760 million from the 2016 Bitfinex hack.
• Chinese police arrest EOS gambling dApp team, seize $3.8 million in crypto following the series of recent crackdowns.

Scams

• NFT Scams Part 2: Typosquatting Attacks targeting NFT marketplace users discusses a surge of fake domains.
• NFT Scams Part 1: 5 NFT Scams you need to know enumerates both generic and NFT specific schemes.

Hacks

• On April 14th, 2021 Celsius Network reported a breach of its 3rd party email distribution system which resulted in a number of phishing emails sent to its customers.

Vulnerabilities

• Tendermint issued a patch to defend against a new security risk called Forward Lunatic Attack tricking light clients into accepting bad blocks.
• OpenEthereum patched a consensus flaw which halted its Ethereum nodes after the Berlin fork.
• Stellar fixed a flaw which caused a network halt after core Horizon and Lobstr nodes dropped offline.

Malware

• HackBoss malware poses as hacker tools on Telegram to steal digital coins.

Media

• How (Not) To Get REKT - DeFi Hacks Explained by Finematics and Rekt

Research

• An Analysis of Bitcoin’s Use in Illicit Finance by Michael Morell.
• Using discreet log contracts to attack Bitcoin forks.
• EtherClue: Digital investigation of attacks on Ethereum smart contracts.
• Ethereum Name Service: the Good, the Bad, and the Ugly.

MEV

• Rapid Rise of MEV in Ethereum by Harith Kamarul
• Flashbots Transparency Report — March 2021 by thegostep provides latest stats on the Ethereum dark forest.
• MEV …wat do? by Philip Daian explores the use of MEVs for economic security of chains.
• Frontrunning Synthetix: a history is an account of a cat and mouse game played by frontrunners and Synthetix devs.
• A novel MEV instance targeting sandwich bots by Robert Miller.
• Five theses about transaction ordering, MEV, and front-running by Ed Felten.

Stay informed and see you in the next week’s edition!

- Peter Kacherginsky (iphelix)