BlockThreat - Week 39, 2021

Compound | DeversiFi | POAP | Autoshark | Coinbase | Eleven | Cream

Welcome to BlockThreat!

Finally a week with some good news. Eleven and Cream both announced that all of their stolen funds ($23M combined) were returned this week. Another $23M were returned to DeversiFi by a miner who collected the amount in erroneous gas fees. On the not so positive side, Compound Finance is on track to losing $160M after introducing a governance proposal with a nasty bug, Coinbase announced that an SMS 2FA bypass vulnerability was used to compromised 6K accounts, POAP’s minting mechanism was compromised. In other news, AlphaBay founder wants to resurrect the darkweb marketplace and a nasty airdrop scam campaign continues to haunt Ethereum users.

Let’s dive into the news, but first a special thank you to Breadcrumbs.app who sponsored this week’s edition:



News

Media

Scams

Hacks

Other Incidents

Vulnerabilities

Malware

Research


Help support BlockThreat!

Over the past two years, BlockThreat has gained more than a thousand followers including exchanges, asset issuers, DeFi projects, engineers, investigators, law enforcement, and many others. This newsletter is a labor of love which takes many hours weekly to prepare. If you found BlockThreat valuable consider supporting its future growth:

1) Make an individual contribution.
2) Sponsor an edition where you can place an advertisement.
3) Share your job postings in the next edition.
4) Share the newsletter with a friend or a colleague.


Stay healthy, stay informed and see you in the next week’s edition!

- Peter Kacherginsky (iphelix)