In January, there were 3 typical security incidents on DeFi, but the number of blockchain fraud incidents remained high.
Original title: “Inventory | Chengdu Lian’an: Over 25 typical security incidents occurred in January, and the overall risk rating is “medium””
Written by: Chengdu Lian’an
According to Chengdu Chain Security [Beosin-Eagle Eye] security public opinion monitoring data shows that in January 2021, according to incomplete statistics, typical security incidents in the entire blockchain ecosystem exceed In the 25 cases, the economic losses caused were still mainly covered in exchanges, DeFi, scams/encryption scams, ransomware/mining Trojans, dark web, and other aspects. In general, the overall security risk rating in January 2021 is [Medium] , which still cannot be taken lightly.
Compared with December 2020, the number of typical security incidents that occurred in January has decreased; however, in terms of [scams/encryption scams] , the number of incidents is still high, which deserves the attention of all practitioners in the industry . With the increasing popularity of blockchain technology and virtual assets, the public’s relevant knowledge reserves have not been improved to the same extent, causing many speculators and scammers to start concocting various scams, leading to security incidents in this field The number is high .
The following are the details of this month’s security monthly report.
A total of “2” typical security incidents occurred on the exchange side
The Russian virtual asset exchange Livecoin announced that it will terminate its service and urge its customers to continue withdrawing funds.
Japanese virtual asset exchange Liquid recently announced the final results of its investigation into the breach of user data in November last year. Liquid stated that 169782 items of user data including email addresses, names, encryption passwords, and API keys have been leaked.
“3” typical security incidents in DeFi
On January 2nd, Twitter user NourHaridy tweeted that yCredit ‘s smart contract is vulnerable to attack, or causes all user funds to be lost; and it is recommended that users who have used ETH to deposit in the contract or purchased yCredit on Sushiswap should immediately withdraw it Or sell, and then it will release the exploit program.
The hacker address (0x701781…7a4E08) of the pickle pDAI pool changed again on January 14 after the change on January 8. Previously, the hacker address transferred 15 million DAI to 5 new addresses. Now, except for the address (0x64bA3e…fF62DB), the remaining four addresses have changed, and a total of 4 million DAI has been transferred.
On January 27, the transaction fee of SushiSwap’s DIGG -WBTC trading pair was stolen by attackers through special means.
There were “6” typical security incidents in fraud/encryption scams
On January 1, Indian police arrested a 60-year-old man, Umesh Verma , at Indira Gandhi International Airport on charges of defrauding at least 45 people through cryptographic scams for a total of 250 million rupees (about 3.5 million US dollars).
The US Federal Bureau of Investigation (FBI) is investigating a Ponzi scheme in which three suspects stole about 28 million U.S. dollars from investors by promising virtual assets and other investment returns.
On January 9, Spanish police detained 4 people of different nationalities for allegedly implementing a crypto Ponzi scheme worth about US$15 million .
In the past few weeks, Twitter giveaway scam of fake virtual assets Tesla CEO elon Musk (Elon Musk) profile has increased. So far, these scams have obtained more than $ 580,000 in BTC.
A man in California claimed that he lost approximately US$27,000 in BTC in the SIM exchange encryption scam.
Recently, a number of liquidity “miners” reported on the Internet that another DeFi “earth mine” popcornswap has run off on the Binance Smart Chain. The project party has reached 48,000 BNB worth about 2.15 million US dollars . Within a few days, 3 projects (Zap Finance and Tin Finance, SharkYield) were running. At present, SharkYield is suspected to have taken away 6000 BNB .
Beosin Comment: Judging from the security situation in recent months, the number of incidents [frauds/encryption scams] has shown a steady upward trend, and the economic losses caused far exceed those of hackers’ attacks And theft. At the same time, whether it is fraud or running off the road, the scope of the case has spread to the world through the Internet. In response to such a severe security situation, as users and investors, it is more necessary to keep your eyes open and discriminate carefully .
“5” typical security incidents occurred in the area of ransomware/mining Trojans
A website owner received an email threat that he needed to post a 5-star review on coinmama.com and wanted to like or share twice. If the recipient does not complete these things within 48 hours, the blackmailer claims to create millions of backlinks from the pornographic website to the recipient’s website, destroying its reputation.
After companies around the world were hacked, the operators of Ryuk ransomware allegedly earned more than $ 150 million worth of BTC from ransom payments.
Network security company Intezer has discovered a new type of malicious virus ElectroRAT , which can run on Windows, Linux and macOS to steal virtual assets. The malicious program has been active for more than a year and has been promoted through special forums and marketing activities. Intezer estimates that the number of victims who downloaded the malicious software is about 6,500 .
On January 11, the Michigan State Police claimed that an anonymous person mailed a death threat letter to Governor Gretchen Whitmer and employees of the state in an attempt to collect BTC worth about $2 million .
Five customers of Radware, a provider of intelligent solutions, received extortion letters in December last year and January this year. The threat stated that if they did not pay 5 BTC (worth about $160,000) to an organization, they would be attacked by DDoS.
“4” typical security incidents occurred on the dark web
Hugbunter, the administrator of the dark web forum Dread , said that all v3 onion addresses are currently inaccessible. The cause of the accident is unknown, but it may cause a huge attack on the entire network.
On January 11, the German police cut off and shut down what is believed to be the world’s largest dark web trading platform server “ dark market” (DarkMarket) , the illegal trading platform has more than 2,400 sellers and nearly 500,000 customers.
Cybersecurity company Check Point found many sellers selling Covid-19 vaccine on the dark web. The sellers demanded payment in Bitcoin; but after payment, the goods were not delivered.
The dark web Joker’s Stash will be shut down next month. According to a report by the dark web security company Gemini Advisory, the site’s Bitcoin revenue in the past year exceeded $ 1 billion .
Beosin commented: This month, the number of incidents on the [dark web] has increased, which is a wake-up call for all practitioners engaged in network security and blockchain security, and the safety construction of the entire industry ecosystem cannot be ignored. For a long time, the dark web has been flooded with all kinds of illegal crimes, which have invisibly threatened the stability and security of the international community. Strengthening the related technologies of dark web governance and enhancing the overall strength of global governance and dark web management are highly efficient measures that must be taken.
“5” typical security incidents occurred in other areas
An IT engineer in the United Kingdom accidentally threw away the hard drive containing 7,500 BTC private keys as garbage, which is estimated to be approximately US$240 million based on US$ 32,000.
According to a report by the Financial Tribune, the Iranian authorities have closed 1,620 illegal virtual asset mines, which have consumed 250 megawatts of electricity in the past 18 months.
DLive came under fire for live-streaming the violent riots in the U.S. Capitol on DLive, a streaming media platform owned by BitTorrent. Some users allege that since its establishment, DLive has paid hundreds of thousands of dollars to extremists by embedding virtual assets in the services provided by the website.
The sandbox game The Sandbox , a decentralized virtual game platform, stated that The Sandbox ASSET smart contract is prone to duplicate problems. Currently, no malicious user has exploited the vulnerability to attack. All other smart contracts are not affected. The SAND and LAND smart contracts are also unaffected. There is no risk.
On January 27th, Coinbase Wallet Engineering Director Pete Kim tweeted that if you use mobile encrypted wallets on Apple iOS devices, you must update the iOS system as soon as possible. Because the iOS system update includes a fix for a remote code execution vulnerability . This vulnerability may threaten the security of mobile encrypted wallets.
In view of the current security situation of the blockchain ecology, “Chengdu Lianan” summarizes here:
Although the Chinese New Year of the 2021 Xinchou Year of the Ox is approaching, criminals such as hackers, scammers, and attackers will not slow down the pace of illegal activities because of the arrival of the Spring Festival. On the contrary, the more the holiday season, the more criminals will grasp the public’s neglect of prevention , and the hidden security risks are likely to erupt concentratedly.
Therefore, the closer the Spring Festival is, the more security must be built. Although on the whole, the typical security incidents of the entire blockchain ecosystem in January 2021 have declined compared to December 2020, and the overall security risk has also fallen from [high] to [medium], but it can still be clearly seen , In terms of [scams/encryption scams], [ransomware/mining Trojans], [other aspects] are still in a severe situation .
In particular, [Fraud Runaways/Encryption Scams] There are many people involved, a wide range of cases, and a high amount of money involved . Countries around the world have begun to pay attention to the bad effects caused by fraud runs and encryption scams, and have successively released information about virtual assets Safety supervision and compliance policies and regulations to promote the construction of the entire blockchain ecological supervision process.
Here, Chengdu Lianan reminds users and investors to be cautious in the project selection stage, and don’t be blinded by the so-called “interests”. There is no free lunch in the world, and the pie will not just fall impartially. Into your own mouth, don’t lose sight of it. During the Spring Festival, it is even more necessary to improve their own security awareness and anti-fraud, and discard unrealistic mentality.
