BlockThreat - Week 37, 2021

SushiSwap | pNetwork | OpenZeppelin | Capoae | REvil

Welcome to BlockThreat!

This week’s edition is jam packed with post-mortems, vulnerabilities, research papers, and the latest in blocksec news. A truly bizarre hack happened involving the Kia Sedona auction on SushiSwap with all of the funds returned after the attacker received a miso soup delivery along with a not so friendly legal call. IRS is at it again soliciting exploits for hardware wallets, another cross-chain protocol loses $12.5M, new cryptominer malware family, and more in this never dull space. You can find all of the incidents below in the OpenBlockSec incidents directory.

Let’s dive into the news, but first a special thank you to all of the Gitcoin Grant supporters as well as who sponsored this week’s edition:







Other Incidents



Help support BlockThreat!

Over the past two years, BlockThreat has gained more than a thousand followers including exchanges, asset issuers, DeFi projects, engineers, investigators, law enforcement, and many others. This newsletter is a labor of love which takes many hours weekly to prepare. If you found BlockThreat valuable consider supporting its future growth:

1) Make an individual contribution.
2) Sponsor an edition where you can place an advertisement.
3) Share your job postings in the next edition.
4) Share the newsletter with a friend or a colleague.

Stay informed and see you in the next week’s edition!

- Peter Kacherginsky (iphelix)