Welcome to BlockThreat!
US Government has been taking a number of legal and other actions to combat ransomware including sanctions, taking over servers, and arrests. The Bitcoin.org DNS hack could have been much worse than a ‘double bitcoin’ scam, another $40M lost in various DeFi incidents, Virgil Griffith trial starts tomorrow, and more in this week’s edition.
Let’s dive into the news, but first a special thank you to Breadcrumbs.app who sponsored this week’s edition:
TrendMicro published its Midyear 2021 Cybersecurity Landscape Review which explores evolution of modern ransomware families and doubling of their detections since last year.
FBI penetrated REvil’s servers and obtained master decryption key for the ransomware shortly following the Kaseya compromise.
Leaked documents reveal Chainalysis collecting IP address data from its blockchain explorer and flagging suspicious addresses to law enforcement.
WEX founder, Dmitri Vasiliev, arrested in Poland per extradition request by Kazakhstan. Following the arrest a $31M ETH transaction was broadcast with fees set so low that it’s still stuck in mempool.
US Treasury added a Russian exchange, Suex, to the sanctions list for its role in laundering estimated $160M from ransomware, scam, and darknet market operators.
A class action lawsuit was filed against Apple for hosting a malicious cryptocurrency wallet that stole plaintiff’s XRP coins.
Riccardo Spagni, aka fluffypony, released from jail after South Africa failed to provide sufficient documentation for extradition.
On September 23, 2021 Bitcoin.org domain name was hijacked to redirect visitors to a ‘double your money’ scam page. The attackers were able to steal 0.4 BTC (~$17K); however, the attacker could have resulted in much greater losses if a backdoored wallet was published instead.
On September 23, 2021 Polkadog, a cross-chain protocol, lost $4M worth of PDOG tokens after an intruder compromised the bridging server, minted and sold tokens on Ethereum and BSC chains.
Monero published a post-mortem on the recent decoy selection vulnerability that could impact transaction privacy.
A survey of common NFT scam techniques by DCLBlogger.
Real World CTF 2019 - Montagy challenge solution by LiveOverflow.
Help support BlockThreat!
Over the past two years, BlockThreat has gained more than a thousand followers including exchanges, asset issuers, DeFi projects, engineers, investigators, law enforcement, and many others. This newsletter is a labor of love which takes many hours weekly to prepare. If you found BlockThreat valuable consider supporting its future growth:
Stay informed and see you in the next week’s edition!
- Peter Kacherginsky (iphelix)