Inventory From Beosin | There Were Over 22 Typical Security Incidents In October, And The Overall Risk Rating Was Medium.
According to the data monitoring of Beosin-Eagle Eye: In October 2020, various security incidents still occurred in the field of Blockchain. However, compared with the situation of frequent incidents in September, the situation in this month has taken a turn for the better. According to the incomplete statistics, over 22 typical security incidents occurred in October.
The number of various security incidents has decreased to varying degrees in this month. The reason was mainly due to the fact that after a large number of security issues were exposed, more and more project parties began to pay attention to security issues and took corresponding measures.
Judging from the audit applications of Beosin, the number of consultations and inquiries has increased significantly recently, which shows that if project parties pay great attention to the underlying technology, the logical structure, etc., and take measures in the early stage, then security risks and security vulnerabilities can be effectively mitigated and contained. Therefore, please do not forget to prevent the slightest failure at all times. Or when problems occur and cause losses, it will be too late.
In terms of Exchange, there were 3 typical security incidents occurred in total:
Elliptic, a London data company, said that of the $281 million stolen tokens from KuCoin, $17.1 million tokens has been sold through decentralized exchanges.
Bitbay, the Estonian exchange, suddenly went down at about 0:28 on October 13, and then resumed at about 2:10. This was the second sudden downtime of the exchange in this year. There was an 18-hour downtime in March.
Paxful, the P2P Bitcoin market, successfully defended against a series of serious threats within 2 months, including 220,000 cyber robot attacks and various social engineering strategies.
In terms of Defi, there were 3 typical security incidents occurred in total:
On October 11, the WLEO contract of Ethereum project was hacked at a later time, resulting in the theft of $42,000 worth of funds. The hackers stole Ethereum from the pool of the decentralized exchange, Uniswap, by casting WLEO to themselves and replacing it with Ethereum.
Huobi Global has detected there were vulnerabilities in the on-chain contract of Curve. In order to ensure the security of users’ assets, the project of “DeFi Liquidity Mining Phase 6” was terminated ahead of schedule.
On October 26, according to Twitter netizens, it was suspected that a hacker borrowed Flash Loan and used 20 ETH to cash out over $4 million from Harvest. The total transfer fee was 5.19 ETH at this time.
Comments of Beosin:
Compared with last month, the security issues of DeFi projects in this month have been greatly reduced. It was believed that behind this, there was a close relationship with project parties noticing the seriousness of the problem in time and starting to take preventive measures. As the market gradually returned to the rationality, if new project parties wanted to show their advantages in fierce competition, it was more necessary to do a great job in security prevention to reduce the appearance of vulnerabilities.
Beosin believed that it was necessary to be alert to security issues at all times, and it was also necessary to do a great job on security audits before new projects launched. Only strengthening precautions in peacetime could avoid the occurrence of security incidents to the greatest extent. Don’t relax the vigilance just because of the temporary “calmness”. At the same time, investors still need to make a good project risk assessment before entering the market.
In terms of Crypto Frauds/ Crypto Scams, there were 3 typical security incidents occurred in total:
A user named Kazuo Kusunose posted on Google forums that he lost $15,000 due to a crypto scam in Google ads. Allegedly, the suspicious website named Coindaq.io tried to use the digital RMB that China was studying, and claimed that users could deposit funds on the platform to participate in the sale of the digital RMB.
Nicholas J. Percoco, the chief security officer of the cryptocurrency exchange Kraken, tweeted on October 15 to warn users that there was a scam targeting the cryptocurrency community that was currently very active. The scam involved phishing attacks and multiple staff members posing as Kraken.
US President Trump’s campaign website was briefly hacked on Tuesday afternoon. Some of the website’s content was affected. The page of “About” was replaced by a scam collecting cryptocurrencies. These hackers claimed that they has mastered the internal information about the “origin of the coronavirus” and other information that damaged Trump’s image, and provided 2 Monero addresses.
In terms of Ransomware/ Trojan of Mining, there were 5 typical security incidents occurred in total:
CMA CGM suffered a ransomware attack from “Ragnar Locker” and its official website was paralyzed and unable to open. Many of its global sites were also paralyzed and unable to provide services normally.
Recently, a group of attackers purporting to come from hacker organizations such as Armada Collective, Cozy Bear, Fancy Bear, and Lazarus Group have carried out DDoS attack on thousands of companies and institutions in multiple industries around the world and ransomed them with Bitcoin.
Recently, Hall County, Georgia, USA suffered a ransomware attack. Several services were affected. The attackers demanded Bitcoin to pay the ransom. In addition, the Georgia government database used for the 2020 election was also paralyzed by the ransomware attack.
Enel Group, the Italian multinational energy giant, recently encountered a ransomware attack. Its computer network was infected with a Windows ransomware called NetWalker. It was reported that the hackers of NetWalker released screenshots of about 5 TB of stolen data and threatened Enel Group to pay 1,234 Bitcoins (about $16.8 million) as the ransom.
On October 28, it was reported that the confidential medical records of tens of thousands of patients receiving psychological treatment in Finland were hacked, and some of them were leaked online. Many patients received emails asking for 200 EUROS in Bitcoin, stating that if the ransom was not paid, what they discussed with the therapist would be made public.
In terms of Dark Web, there were 3 typical security incidents occurred in total:
Nearly a month since the fall of Empire Market, supporters of the dark web market (DNM) have moved to other markets. At the same time, global law enforcement agencies recently arrested 179 DNM-related personnel and seized more than $6.5 million in cryptocurrency and cash proceeds.
Trustwave, US cybersecurity company, said they discovered that a hacker was selling personally identifiable information of more than 200 million Americans on dark web, including registration data of 186 million voters.
A couple in Hilversum, the Netherlands, were convicted of money laundering for using Bitcoin on dark web services. They were sentenced to 2 years and 2.5 years in prison respectively. In addition, the Rotterdam District Court also confiscated 2,532 Bitcoins (approximately $29 million) and 250,000 EUROS (approximately $295,000) from the couple.
In terms of Others, there were 5 typical security incidents occurred in total:
Conner Fromknecht, the head of cryptographic engineering of Lightning Labs, issued an announcement today stating that the unknown vulnerabilities have been discovered in the older version of Lightning Network Daemon (LND), the full-node implementation of Lightning Network, the second layer of Bitcoin solution. The vulnerability affected LND0.10.x and the lower versions.
The hackers stole $22 million from users of Bitcoin wallet Electrum by inducing them to install fake software updates. This gimmick frequently appeared in 2018. Since the attack was first discovered 2 years ago, the team of Electrum has taken steps to prevent the attack.
In a series of recent attacks to steal users’ funds, nearly 2,000 accounts of Robinhood, a stock and cryptocurrency investment platform, were hacked.
According to Decrypt, a report issued by Bleeping Computer showed that a new wave of phishing emails were disguising as official emails from the crypto exchange Coinbase, attacking Microsoft 365 accounts.
Ledger, the hardware wallet manufacturer, suffered the phishing attack. Some users received e-mails with phishing software, resulting in financial losses. According to reports, the hacker attack might be related to the incident of the company’s user data breach in July 2020.
In view of the current new situation in the field of Blockchain security, Beosin hereby warmly prompts:
On the whole, the number of Blockchain security incidents in October decreased compared with September, and the overall number of security incidents occurred was at a moderate level.
With regard to DeFi projects, the number of security incidents in this month has decreased significantly compared with the previous month, but there were still some security issues exposed of project parties. To make the secure environment of DeFi ecosystem, it has to be said that this was a protracted battle. In this process, project parties must not take it lightly, and do not ignore or do nothing on these tiny vulnerabilities.
It was worth noting that there have been more security attacks on ransomware in this month. Therefore, Beosin once again appealed to users to maintain a secure network environment, do not trust unfamiliar links, do not click unfamiliar emails, and do not download software and applications from unknown sources.