BlockThreat - Week 44, 2019

Continuing in the catch up mode, Week 44 features yet another ransomware attack against a major city, BitMEX mass email leak, LiteCoin getting dangerously close to being a target of a 51% attack, Devcon 5 videos and slides release.

Crime

• City of Johannesburg, on Second Hit, Refuses to Pay Ransom - an unusual attack where attackers demanded 4BTC for releasing control of a compromised network as opposed to keys to encrypted files.

Vulnerabilities

• BitMEX Email Leak - an incident report on the massive email address leak affecting BitMEX users. The report identifies an engineering lapse where a SendGrid API call batched sent addresses into a single TO: field which exposed addresses to all other recipients. The report also identifies that exchange’s Twitter account was also briefly compromised. Following the exposure, there were reports on hacking groups starting to target BitMEX users using leaked emails.
• Litecoin Hashrate Falls More Than 50% Since Peak: Dark ASICs Make it Vulnerable to Attack - a significant drop in Litecoin’s hashrate increases a risk and incentives for miners to perform a 51% attack.

Malware

• BlueKeep exploitation activity seen in the wild - a detailed report of mass exploitation of the Windows RDP vulnerability caught on a honeypot. The current payload is a Monero miner.

Research

• Vyper Preliminary Security Review - an analysis of the Vyper smart contract language identifies several interesting vulnerabilities.

Media

• Devcon 5 Videos and Slides - a number of excellent blockchain security related talk recordings were released today including:
  - Live Smart Contract Hacking
  - Ethereum 2.0 Security Considerations
  - Chainalysis: Building Trust in the Ethereum Blockchain
  - Privacy for Everyone
  - Mastering Ethereum CTFs
  - Breaking Smart Contracts