BlockThreat - Week 22, 2020
Github, AT&T, ECDSA, DeFi
This week let’s take a breather from the usual survey of hacks, leaks, vulnerabilities and enjoy the much needed break with a number of interesting white papers. You will learn about the current state of privacy coins, ECDSA attacks, model consensus mechanism threats, and think about DeFi risk. For some lighter reading, you can enjoy the play by play of SIM swappers using AT&T as their playground to target cryptocurrency owners.
Hacks
- Hacker steals $1,200 worth of Ethereum in under 100 seconds - news of bots scanning Github and other Internet resources for wallet keys and mnemonics.
- The events of a SIM swap attack (and defense tips) - a play by play of a standoff between SIM swappers and an AT&T customer.
- The Ethereum forum hacker is now selling the databases of Trezor and Ledger - the same actor selling Ethereum.org DB from last week is offering additional dumps of popular hardware wallet companies. Both Ledger and Trezor question validity of the data.
Malware
- Thousands of enterprise systems infected by new Blue Mockingbird malware gang - Telerik UI vulnerability exploited to install Monero mining malware.
Research
- The stair-pattern in time-locked Bitcoin transactions - an interesting study into certain time-locked transactions which can be used for fee sniping by miners.
- Everything is a Race and Nakamoto Always Wins - security analysis of several consensus mechanisms based on the longest chains.
- Dangers of using secp256k1 for encryption - Twist Attacks - an attack which may lead to a private key exposure.
- LadderLeak: Breaking ECDSA With Less Than One Bit Of Nonce Leakage
- DeRisking DeFi: Guarded Launches - risk management for DeFi assets.
- Subtleties and Security - information on four security issues in Bitcoin Core.
- Alt-Coin Traceability - the current state privacy features in Zcash and Monero.
- Custody Protocols Using Bitcoin Vaults
Thanks for joining me this week and see you in another edition of Blockchain Threat Intelligence newsletter. Head over to /r/blocksec for up to date information on the current threats.
-Peter