Episode 69: ETH Merge, Profanity Vulnerability, Wintermute Hack, Shiba Inu Creds Leak, and Rug Pulls

In this episode we discussed how Coinbase was issued a Wells notice from the SEC. Do Kwon was arrested with fraud charges. Euler Finance, a permissionless borrowing and lending protocol on Ethereum, was the victim of a flash loan attack. Cross-chain Web3 platform Poolz Finance lost $390,000 to a hacking incident on Mar. 16. General Bytes experienced a security incident on March 17 and 18 that enabled a hacker to remotely access the master service interface and send funds from hot wallets. We also discussed a few different crypto wallet vendor vulnerabilities.

In this episode we discussed how North Korea-linked cybercrime syndicate Lazarus Group has reportedly transferred $63.4 million in Ethereum from 2022’s mammoth Harmony bridge hack. Advertisements on popular search engines like Google have been used to serve malware to unsuspecting users. The founder of cryptocurrency exchange Bitzlato was arrested and charged with processing $700 million in illicit funds. The U.S. Department of Justice (DOJ) has concluded a months-long disruption campaign, in cooperation with the Federal Bureau of Investigation (FBI), against crypto ransomware group Hive Network, preventing victims from losing $130 million in ransoms.

In the episode we discussed a report that Immunefi put out regarding crypto losses in 2022. One of the original core developers of Bitcoin, Luke Dashjr, claimed that someone stole 216 BTC from them. A class action lawsuit has been filed against Last Pass that alleges that the data breach against Last Pass resulted in loss of crypto. The CFTC filed charges against the Mango Markets hacker. Crypto and banking apps are being targeted by the "GodFather" malware. Multiple major hacks against individuals occurred over the past month.

In this episode we talked about how FTX co-founder and former CEO Sam Bankman-Fried has been arrested. Lodestar Finance was hacked for $6.9 million. FTX apparently stored wallet private keys unencrypted. A new phishing campaign that creates similar wallet addresses to victim wallets was discussed. CoinTracker suffered a data leak of user information. Gemini warned of potential phishing messages targeting its users.

In this episode we gave an update on the FTX collapse. A crypto scammer was sentenced to 18 months in prison. Ankr was victim to a potential private key compromise. An investor was hacked for $42 million in crypto. Attackers have bypassed Coinbase and Metamask 2FA via TeamViewer fake support chats. Infura made a change in their privacy policy that appears to state they are collecting Metamask Users' IP addresses. We also talked about how ChatGPT can be used to find vulnerabilities in smart contracts.   00:00 - 2022-12-02 | CoinSec Podcast Ep 72 01:48 - Story # 1: FTX Update https://www.forbes.com/sites/mariagraciasantillanalinares/2022/12/02/bankman-frieds-complex-explanation-points-to-comingled-funds-on-ftx/ 09:15 - Story # 2: Crypto Scammers Sentenced to 18 Months in Prison https://tech.hindustantimes.com/tech/news/crypto-scammer-in-geniuses-hack-gets-18-months-in-prison-71669977845605.html 15:21 - Story # 3: Ankr “Infinite Mint” Hack https://decrypt.co/116268/binance-pauses-withdrawals-amid-5m-ankr-hack 19:03 - Story # 4: FTX Attacker Fund Movement https://twitter.com/zachxbt/status/1597605409883566080 22:14 - Story # 5: Bo Shen Hacked for $42 million https://decrypt.co/115420/fenbushi-founder-bo-shen-loses-42m-stablecoins-bitcoin-ethereum-hackers 25:50 - Story # 6: Attackers Bypass 2FA on Coinbase and Metamask via Teamviewer https://www.bleepingcomputer.com/news/security/attackers-bypass-coinbase-and-metamask-2fa-via-teamviewer-fake-support-chat/ 31:49 - Story # 7: Infura Collecting MetaMask Users’ IP, Ethereum Addresses After Privacy Policy Update https://decrypt.co/115486/infura-collect-metamask-users-ip-ethereum-addresses-after-privacy-policy-update 38:57 - Story # 8: ChatGPT for Finding Smart Contract Vulns https://twitter.com/gf_256/status/1598104835848798208

In this episode we primarily talked about the collapse of major cryptocurrency exchange FTS. We also talked about how Crypto.com accidentally sent $400 million to the wrong wallet address. Deribit was hacked for $28 million. Skyward Finance was hacked for $3 million. 50,000 BTC were confiscated from a hacker who allegedly stole them from the Silk Road.

In this episode we discussed how Bitkeep was exploited for $1 million. Hackers who stole funds from Transit Finance, Moola Market, and Mango Market have returned some of the stolen funds. A bug in the smart contract code for the Ethereum Alarm Clock service was exploited for nearly $260,000. After the feds seized $311 million in BTC the funds were stolen back due to an apparent private key compromise. A popular MEV bot was hacked for $1.45 million.

Ethereum has successfully transitioned to a Proof-of-Stake consensus mechanism. A vulnerability was discovered in the Profanity vanity address generator that may allow attackers to drain funds from wallets that used it. Wintermute was hacked for $160 million. Shiba Inu developers posted AWS credentials to a public Github repository. SudoRare appears to have disappeared with $800,000 in an apparent rug pull. OptiFi accidentally locked $661,000 in user funds. FBI has put out a warning to DeFi platforms to beef up security.

In this episode we talked about how attackers are leveraging Google Sites and Azure App Services for crypto-related phishing. Chainalysis released a mid-year report indicating that scams are down, but hacks are up. Acala Network was exploited for $1.6 million. Velodrome Finance said that an insider stole $350k. CelerNetwork suffered a DNS hijack. PolySwarm launched token rewards to crowdsource cybersecurity with crypto.

In this episode we were joined by guests from AnChain.ai who talked about their upcoming CTFs they are putting on. Tornado Cash has been sanctioned by OFAC. We talked about the repercussions of these sanctions. We discussed a phishing attack against DeBridge Finance employees. NEAR Protocol revealed that SMS and email data that was used as wallet recovery options were leaked to a third party in June. Curve Finance was hacked via a DNS hijack. Ethereum's Proof of Stake merge is getting closer!