BlockThreat - Week 3, 2021
Firo | Nano | LivePeer | Saddle | Tendermint
It didn’t take too long to see more layer one blockchain attacks. Firo 51% attack is particularly interesting due to a new precedent where asset issuers were held responsible for compensating a double spent exchange. Tendermint fixed a yet unreported critical vulnerability and Nano was slammed with a spam attack. On the DeFi side, LivePeer fixed a staking vulnerability. This week’s edition features plenty of excellent research papers and article for your reading pleasure.
Events
- January 28-31, 2021 - Anti-Human Trafficking Cryptocurrency Consortium (ATCC) Virtual Summit featuring multiple panels. Free admission.
- February 2, 2021 - Unchained - Blockchain Security Conference CFP deadline.
Hacks
- On January 19, 2021 Firo (formely Zcoin) suffered from a 51% attack where for 25 hours 306 blocks were reorged. Firo team published a post-mortem report which revealed Binance as the target with 866K FIRO ($4M worth) double spent. The Firo team took advantage of Lelantus emergency switch to freeze attacker’s funds. As a new precedent, Firo team will likely compensate Binance by mining the same amount of Firo as locked in the attacker’s account and sending those funds to the exchange.
- On January 19, 2021 Saddle Finance DeFi project suffered from multiple arbitrage incidents due to high slippage.
- On January 21, 2021 Nano network suffered from a spam attack resulting in the network slow down.
Vulnerabilities
- LivePeer DeFi project fixed a staking vulnerability which could allow attackers to withdraw more LPT and ETH than expected.
- Tendermint fixed a high-severity vulnerability details of which will be published later next week.
- Griefing attacks against Lightning Network continue to plague the experimental network.
Crime
- California man lost $27K in BTC in a SIM swapping scam.
- 30 arrested in Japan in relation to Coincheck hack.
- Increase in DDoS extortion scams reported by Radware and Black Lotus Labs.
- Janet Yellen expressed “a particular concern” with terrorist financing using cryptocurrencies.
Malware
- MrbMiner cryptominer traced to Iran. The malware targets MSSQL servers.
- IObit software forum hacked to distribute DeroHE ransomware.
Research
- Chainalysis report on cryptocurrency crime in 2020 identifies multi-billion Ponzi schemes like PlusToken as the largest source of theft. Ransomware profits increased by 311% over previous year netting evildoers $350 million.
- MyCrypto report on major blockchain security incidents in 2020 discusses major scammer campaigns and DeFi/exchange hacks.
- Was there a Bitcoin double-spend on Jan 20, 2021? Explanation of the recent FUD which caused multiple sell-offs.
- Quantifying Blockchain Extractable Value: How dark is the forest?
- The Eye of Horus: Spotting and Analyzing Attacks on Ethereum Smart Contracts.
- The Good, the Bad and the Ugly: Pitfalls and Best Practices in Automated Sound Static Analysis of Ethereum Smart Contracts.
- The Cryptographic Complexity of Anonymous Coins: A Systematic Exploration.
- Writing Properties - A new approach to testing by Joran Honig on smart contract audits using Scribble.
- DeFi Sandwich Attacks by Christoph Michel.
- Making DeFi SAFU by Secureum.
Stay informed, stay healthy, and see you next week!
- Peter Kacherginsky (iphelix)