The CoinSec Podcast is a show about cryptocurrency and blockchain technologies with a focus on securing them. Each of the hosts are hackers that perform a broad spectrum of offensive security assessments. They will be bringing their unique perspectives to the discussion around blockchain vulnerabilities and other security concerns. Weekly crypto-security news is broken down each episode along with analysis of the technologies behind DeFi, wallets, mining, smart contracts, layer 1 blockchain issues, and more.
Episode 75 - Lazarus Group Moving ETH, Hacked via Ads, Bitzlato, and HIVE Shutdown
55:10In this episode we discussed how North Korea-linked cybercrime syndicate Lazarus Group has reportedly transferred $63.4 million in Ethereum from 2022’s mammoth Harmony bridge hack. Advertisements on popular search engines like Google have been used to serve malware to unsuspecting users. The founder of cryptocurrency exchange Bitzlato was arrested and charged with processing $700 million in illicit funds. The U.S. Department of Justice (DOJ) has concluded a months-long disruption campaign, in cooperation with the Federal Bureau of Investigation (FBI), against crypto ransomware group Hive Network, preventing victims from losing $130 million in ransoms.
Episode 74: Review of 2022, Last Pass Breach, and Multiple Hacks Against Individuals
1:03:20In the episode we discussed a report that Immunefi put out regarding crypto losses in 2022. One of the original core developers of Bitcoin, Luke Dashjr, claimed that someone stole 216 BTC from them. A class action lawsuit has been filed against Last Pass that alleges that the data breach against Last Pass resulted in loss of crypto. The CFTC filed charges against the Mango Markets hacker. Crypto and banking apps are being targeted by the "GodFather" malware. Multiple major hacks against individuals occurred over the past month.
Verpasse keine Episode von “The CoinSec Podcast” und abonniere ihn in der kostenlosen GetPodcast App.
Episode 73: SBF Arrest, Lodestar Hack, CoinTracker Leak, and Gemini User Data For Sale
48:36In this episode we talked about how FTX co-founder and former CEO Sam Bankman-Fried has been arrested. Lodestar Finance was hacked for $6.9 million. FTX apparently stored wallet private keys unencrypted. A new phishing campaign that creates similar wallet addresses to victim wallets was discussed. CoinTracker suffered a data leak of user information. Gemini warned of potential phishing messages targeting its users.
Episode 71: FTX Collapse, Deribit Hot Wallet Compromise, Skyward Finance Hack, and 50k BTC Seized
1:01:36In this episode we primarily talked about the collapse of major cryptocurrency exchange FTS. We also talked about how Crypto.com accidentally sent $400 million to the wrong wallet address. Deribit was hacked for $28 million. Skyward Finance was hacked for $3 million. 50,000 BTC were confiscated from a hacker who allegedly stole them from the Silk Road.
Episode 70: Bitkeep Hack, More Hackers Returning Stolen Funds & MEV Bot Hack
58:27In this episode we discussed how Bitkeep was exploited for $1 million. Hackers who stole funds from Transit Finance, Moola Market, and Mango Market have returned some of the stolen funds. A bug in the smart contract code for the Ethereum Alarm Clock service was exploited for nearly $260,000. After the feds seized $311 million in BTC the funds were stolen back due to an apparent private key compromise. A popular MEV bot was hacked for $1.45 million.
Episode 69: ETH Merge, Profanity Vulnerability, Wintermute Hack, Shiba Inu Creds Leak, and Rug Pulls
49:22Ethereum has successfully transitioned to a Proof-of-Stake consensus mechanism. A vulnerability was discovered in the Profanity vanity address generator that may allow attackers to drain funds from wallets that used it. Wintermute was hacked for $160 million. Shiba Inu developers posted AWS credentials to a public Github repository. SudoRare appears to have disappeared with $800,000 in an apparent rug pull. OptiFi accidentally locked $661,000 in user funds. FBI has put out a warning to DeFi platforms to beef up security.
Episode 68: Velodrome Insider, Acala Network Exploit, CelerNetwork DNS Hijack, Crypto Phishing
50:36In this episode we talked about how attackers are leveraging Google Sites and Azure App Services for crypto-related phishing. Chainalysis released a mid-year report indicating that scams are down, but hacks are up. Acala Network was exploited for $1.6 million. Velodrome Finance said that an insider stole $350k. CelerNetwork suffered a DNS hijack. PolySwarm launched token rewards to crowdsource cybersecurity with crypto.
Episode 67: Guests from AnChain.AI, Tornado Cash Sanctions, DeBridge Phishing Attack, Curve Hack
1:06:45In this episode we were joined by guests from AnChain.ai who talked about their upcoming CTFs they are putting on. Tornado Cash has been sanctioned by OFAC. We talked about the repercussions of these sanctions. We discussed a phishing attack against DeBridge Finance employees. NEAR Protocol revealed that SMS and email data that was used as wallet recovery options were leaked to a third party in June. Curve Finance was hacked via a DNS hijack. Ethereum's Proof of Stake merge is getting closer!
Episode 66: Nomad Bridge Hack, Solana Wallet Draining Attack, New Threat Intel Discord Bots
44:25In this episode of the CoinSec Podcast we talked about the $190 million Nomad bridge hack. Users of the Solana wallet Slope found that their tokens were being sent without authorization resulting in $6 million in losses across 9000 wallets. ZBExchange was drained for nearly $5 million. We discussed critical vulnerabilities discovered in Moonbeam and Strips finance. Our CoinSec Discord has new bots that are for assisting in blockchain threat intel.