BlockThreat - Week 45, 2021

Curve | Robinhood | REvil | Blizzard | OpenSea

Welcome to BlockThreat!

This week the DeFi ecosystem was rocked by malicious insiders, governance attacks, oracle price manipulations exploits. If you are not already on the lookout for phishing emails, then this week’s massive Robinhood hack should serve as a solid signal for a coming barrage. Europol continues dismantling ransomware groups with a number of key arrests around the world. In the fun news department, thieves in San Francisco are setting up one helluva mining rig while NSA is looking for “a backdoor into the blockchain.”

News

Ransomware

Scams

Hacks

Vulnerabilities

Malware

Research

Tools

Premium Content

Indicators

  • TeamTNT mining malware:
    Domain: teamtnt[.]red
    IP: 45.9[.]148.182
    Shell Hashes:
    79ed63686c8c46ea8219d67924aa858344d8b9ea191bf821d26b5ae653e555d9
    497c5535cdc283079363b43b4a380aefea9deb1d0b372472499fcdcc58c53fef
    a68cbfa56e04eaf75c9c8177e81a68282b0729f7c0babc826db7b46176bdf222

  • Welnance Hack
    BSC: 0x3e8164bd6cd56c1793b13a5c82cf17fca0ad44ed
    BSC: 0x96e28c2ffa1bbf45929051289ecfa8aa8039e23f
    BSC: 0xa6516b0fc4e98a942decd6ef733cae29b74a0951

  • OFAC addresses related to Sodinokibi/REvil actors:
    BTC: 158treVZBGMBThoaympxccPdZPtqUfYrT9
    BTC: 389Sft4nJFkPGhbagk9FN4jXncA9piYTuU
    BTC: 39Te8MbphSgs7npDJPj2hbNzhke61NTcnB
    BTC: 31p6woV4e55HUfC2aGynFhzQnGoJFW26cD
    BTC: 3DNsaQnaUz7wkQny1ZDSmtz6QfbEShxoDD
    BTC: 3AjyprBY5yhijiCjUC5NUJutGbwhd3AQdE
    BTC: 35QpLWYkvD3ALhjbge5bK2kd7HfHYcDMu3
    BTC: 3NQ1aa9ceirMJ1JvRq3eXefvXj1L639fzX
    BTC: 3BsyZ7qRFSi3NsaoV1Ff724qAgrEpjVUHm
    BTC: 372Wk9NLrMkJzKgqJdatWJy4bYRfxFjgat
    BTC: 12udabs2TkX7NXCSj6KpqXfakjE52ZPLhz
    BTC: 1DT3tenf14cxz9WFNxmYrXFbB6TFiVWA9U
    LTC: ​​Leo3j36nn1JcsUQruytQhFUdCdCH5YHMR3
    DASH: Xs3vzQmNvAxRa3Xo8XzQqUb3BMgb9EogF4
    ETH: 0xfec8a60023265364d066a1212fde3930f6ae8da7
    ETH: 0x901bb9583b24d97e995513c6778dc6888ab6870e
    ETH: 0xa7e5d5a720f06526557c513402f2e6b5fa20b008

This post is for paid subscribers