Inventory | Chengdu Lianan: More than 39 typical security incidents occurred in August, and DeFi risks are beginning to emerge

According to data monitoring by Chengdu Lian'an's "Security Situation Awareness System" (Beosin-Eagle Eye), in the past August, the security situation faced by the entire blockchain ecosystem was very severe. According to incomplete statistics, a total of more than 39 typical security incidents occurred, which is the highest number in a single month in 2020. The overall risk rating of security incidents this month is "high", and all project parties in the blockchain ecosystem need to pay attention to it and prevent it from happening. Compared with July, the number of security incidents in various sectors in August showed an upward trend. According to statistics from Chengdu Lian'an security personnel, the details of the more typical security incidents that occurred in August are as follows:

In terms of exchanges , there were 4 typical security incidents.

01

Decentralized financial infrastructure Sperax said that some exchanges have recently issued announcements to guide users to enter their platforms to buy SPA tokens. Sperax currently has no official cooperation with any exchange, and Sperax stated on August 14, US East Coast time that it would not distribute SPA tokens before the official website public offering.

02

Cryptocurrency exchange KuCoin has warned of a fraudulent website using its brand in an attempt to steal cryptocurrency by offering fake rewards to entice users to deposit digital assets.

03

Japanese cryptocurrency exchange TAOTAO officially announced that from 12:46 to 12:56 Tokyo time on August 22, the exchange was unable to update trading pair quotes due to a system failure. The problem has now been fixed. The impact of the failure is still under investigation.

04

Cybercriminals have been impersonating the BTC ERA exchange in an attempt to infect potential users with malware. The cybersecurity firm has discovered that the perpetrators have been sending emails purporting to be from BTC ERA in order to lure users into paying for their services.

In terms of Defi , a total of 5 typical security incidents occurred

01

Opyn officially issued a statement to update the ETH theft incident caused by a platform vulnerability, and will fully compensate the ETH put option sellers affected by the vulnerability. For ETH put option buyers, the put option will be redeemed at a price 20% higher than the market price.

02

The anonymous DeFi liquidity farming project BASED officially announced that it will redeploy the staking pool. The official tweet said that a hacker tried to permanently freeze "Pool 1", but the attempt failed.

03

In Yam Finance’s hastily developed contract, a rebase function vulnerability caused the governance contract to be “permanently destroyed”, and Curve tokens worth $750,000 were locked and unusable.

04

A vulnerability occurred in DZI, which is officially supported by TRON. Engineers directly called the contract to obtain DZI after the official launch, resulting in heavy losses.

05

A Twitter user revealed that the DeFi liquidity mining project Degen.Money used a double approval exploit to obtain user funds. YFI founder Andre Cronje also said on Twitter that the project does have risks and needs to be manually deauthorized.

Beosin Review:

Defi projects are still a hot trend at the current stage. Many projects have been exposed to serious security vulnerabilities after they were launched. Chengdu Lianan recommends that major project parties must conduct security audits before the project is launched to eliminate security risks and reduce unnecessary losses.

In terms of scams and crypto scams , there were 8 typical security incidents .

01

The Peterborough County Police Detachment in Ontario, Canada is investigating two fraud cases involving a total of $78,000. The suspects impersonated police officers to trick victims into depositing funds into their required Bitcoin accounts or they would be arrested.

02

According to a tweet posted by Jon Prosser on August 5, his YouTube channel with 262,000 subscribers was hacked, the channel name was changed to "NASA [news]", and began to live broadcast false news about SpaceX CEO Elon Musk giving away Bitcoin. In about two hours, he made an illegal profit of $4,000.

03

The same type of crypto scams as those on Twitter have been rampant on Instagram this year. There are more than 1.3 million Instagram posts using the #Coinbase tag, but the vast majority of them are false information; there are also scams that impersonate celebrity accounts to post false crypto information.

04

On August 7, fake SRM coins appeared on Uniswap, and some users were deceived. Serum tweeted to remind users to be vigilant, and all SRM coins that appeared on trading platforms other than FTX and BitMax (such as Uniswap) were fake.

05

The ScamAlert website is tracking addresses of some suspected crypto scams, and the number of confirmed and suspected digital currency addresses has exceeded 50,000.

06

The UK’s National Cyber ​​Security Centre (NCSC) has removed more than 300,000 URLs linking to fake celebrity endorsements of investment opportunities, with more than half of the sites belonging to deceptive cryptocurrency investment schemes.

07

The Suzhou Industrial Park police cracked Suzhou's first hacker crime case targeting virtual currency, and arrested several suspects who specialized in using hacker methods to steal account passwords to steal virtual currency, and then contacted professional money laundering and selling gangs through the dark web to cash in.

08

The CFTC seeks a $429 million civil penalty against the principals of crypto scam Control-Finance.

In terms of ransomware/mining Trojans, a total of 8 typical security incidents occurred

01

CWT, the fifth-largest travel company in the United States, has agreed to pay $4.5 million worth of Bitcoin to hackers who hijacked its computer systems.

02

According to foreign media reports, the FBI issued a new security alert about the Netwalker ransomware attack against US and foreign government organizations. Subsequently, the federal government advised victims not to pay the ransom and report the incident to the local FBI field office.

03

The Micro Intelligence Agency has detected an attack that attempted to attack a Docker host and implant a mining Trojan. The mining Trojan was stored on a server located in Germany (85.214.149.236).

04

The multinational company Canon has had its emails, storage services and its US website attacked by a ransomware attack by the Maze gang, which is demanding a ransom in cryptocurrency or risk leaking its photos and data.

05

Canon has been hit by a ransomware attack, which caused some of Canon's websites to go offline and allegedly resulted in the theft of up to 10TB of data from Canon's servers.

06

Ransomware criminal gang REvil claims to have successfully attacked US wine and spirits giant Brown-Forman Corp. The company refused to pay the Monero ransom demanded by REvil. In response, the hacker sold the stolen data on its official dark web blog for about $1.5 million.

07

Israeli cybersecurity firm Mitiga has advised all Amazon Web Services customers who run certain programs to check if they have been infected with malicious Monero mining software. Mitiga said that any user running an EC2 instance based on Community AMIs (Amazon Machine Images) is vulnerable to the crypto-mining software.

08

A criminal gang launched DDoS attacks on some of the world's largest financial services providers, including MoneyGram, YesBank Indiak, PayPal, Braintree, and Venmo, and demanded a ransom in Bitcoin.

In terms of the dark web , there were 『 2 』 typical security incidents

01

Passport data of 1.14 million Russians is being sold on underground shops on the dark web. It is reported that these Russian citizens voted through a blockchain platform in the constitutional reform referendum, but their data was leaked on the Internet.

02

The famous dark web market Empire Market has shut down operations. When it was shut down, the website defrauded 1.3 million users of approximately 2,638 bitcoins, worth nearly $30 million.

In other aspects , a total of 12 typical security incidents occurred

01

Cryptocurrency wallet Ledger wrote an article in response to the security vulnerability disclosed by security researcher Monokh. Ledger said that it has released the Bitcoin application v 1.4.6, which is designed to improve the security vulnerability disclosed by Monokh. In addition, Ledger has also updated applications such as Litecoin and Dogecoin.

02

ETC’s recent 51% attack is believed to have resulted in approximately $5.6 million in cryptocurrency being “double-spent.”

03

The social news website Reddit suffered a massive hacker attack. The attackers destroyed dozens of Reddit channels including the National Football League, TV shows, The Pirate Bay, Disneyland, and The Avengers, which together have tens of millions of users, to show support for Donald Trump's re-election.

04

Tencent Security Threat Intelligence Center has detected a large number of attacks from overseas IP addresses and some domestic IP addresses targeting domestic cloud server tenants. The cloud servers of many well-known domestic companies have been attacked by this botnet, and thousands of servers have been compromised.

05

A judge sentenced Australian hacker Kathryn Nguyen to two years and three months in prison for stealing more than 100,000 XRP tokens (currently worth about $300,000) in January 2018, when XRP was near its all-time high of $3.29.

06

This year hackers have had a major impact on the privacy browser Tor, and they are using that impact to hijack Bitcoin. Through Tor exit relays, hackers are transferring Bitcoin funds from crypto transactions to themselves.

07

Two men in the Bulgarian town of Kyustendil have been detained for stealing $1.5 million worth of electricity to mine Bitcoin.

08

The U.S. government is suing NSA leaker Edward Snowden, who earned $1.2 million in speaking fees at virtual conferences, including at least $35,000 from Bitcoin and crypto companies, according to a recent court filing.

09

On August 21, Uber's former chief security officer Joseph Sullivan attempted to cover up a 2016 hack in which two hackers compromised the data of millions of users and drivers and demanded a six-figure reward from him. In December 2016, Sullivan paid the hackers $100,000 in Bitcoin.

10

On August 24, hackers stole data of more than 1,000 users from CryptoTrader.Tax, an online service used to calculate and file taxes on cryptocurrency transactions.

11

North Korean hacker group Lazarus is once again targeting cryptocurrencies, with the latest attack involving a phishing document sent through a LinkedIn job ad related to a blockchain technology company.

12

More than $1 billion worth of tokens on the Ethereum blockchain are missing a software standard released in 2017, allowing them to be hijacked and siphoned off trading exchanges, a study has revealed.

In view of the new situation in the current blockchain security field, Chengdu Lianan summarizes here:

In general, there were many security incidents in the entire blockchain ecosystem in August, showing a clear upward trend compared to July. It is worth mentioning that the number of security incidents in August is the highest in a single month in 2020, and the overall risk rating is "high". Among them, the security incidents in Defi are particularly worthy of our attention. As the popularity of Defi continues to rise, the hidden security risks in this sector may be extremely large in the future, and we must not relax our vigilance.

At the same time, several serious security vulnerabilities have appeared in Defi-related projects this month. Therefore, Chengdu Lianan also reminds the majority of project parties to do a good job of relevant security work during the project preparation stage. For contracts that are about to be launched, remember to find a professional security company to conduct code audits to avoid irreparable losses after going online.

In addition, it is also important to note that in terms of scams/crypto scams, the related scams that occurred this month also occurred from time to time; at the same time, it can be seen that the relevant departments are paying more attention to this section, and the number of scams that have been cracked has also increased. Here, Chengdu Lian'an needs to remind the majority of users not to believe in "pie in the sky" things; be careful to distinguish the relevant information on the Internet and don't fall into the trap.