BlockThreat - Week 17, 2019
ZeroCoin | Wallets | Beapy | Ledger
This week we will cover a critical vulnerability in Zerocoin protocol, a research study into weak Ethereum wallets, as well as the latest news in cryptocurrency malware and crime.
News:
- Cryptocurrency thief who stole millions from Silicon Valley entrepreneur gets 10 years in prison — a culmination of a SIM swapping crime spree that plagued many cryptocurrency users relying on the insecure SMS protocol for two-factor authentication.
- Hamas shifts tactics in bitcoin fundraising, highlighting crypto risks— a renewed interest in using cryptocurrency to sponsor the terrorist organization. The newly designed donation website shows an increased technical sophistication by generating a new address for every transaction in order to increase privacy.
Attacks:
- Further Disclosure on Zerocoin vulnerability — more details released on the recently exploited cryptographic flaw in the Zerocoin protocol used to forge/inflate new coins. The Zcoin team has released an emergency update to disable Zerocoin until the launch of a replacement protocol.
- Ledger Live Desktop Malware — a new key-stealing malware is spreading targeting Ledger’s desktop software. Once launched, the malware attempts to social engineer users to enter their 24-word mnemonic key before sending it to the attacker.
Research:
- Ethercombing: Finding Secrets in Popular Places — a fascinating research study by ISE into the prevalence of wallets generated with weak keys and an accidental discovery of a ‘blockchain’ bandit who was emptying them. Unlike previous research into guessable brain wallets, the methodology used in the study focuses on key weakening due to truncation.
- Beapy: Cryptojacking Worm Hits Enterprises in China —a threat intelligence report from Symantec on the cryptojacking campaign and the associated malware. The malware uses EternalBlue exploit and other techniques to propagate across Windows machines in the enterprise, but still relies on email as the initial infection vector. You can find more indicators of compromise here.
- Protect Your Solidity Smart Contracts From Reentrancy Attacks — a good survey of different types of reentrancy attacks and preventative measures one can take to avoid them.
Hope you enjoyed this week’s newsletter. Stay safe and join me next week for the latest in blockchain threat intelligence.