Inventory From Beosin | There Were Over 31 Typical Security Incidents In December, And The Overall Risk Rating Was High
According to the data monitoring for security incidents of Beosin-Eagle Eye: In December 2020, a total of 31 typical security incidents occurred in the entire Blockchain ecosystem. The overall risk rating of December was High rated by Security Lab of Beosin, which required great attention of the whole industry ecological participants.
Compared with November, the number of security incidents in December has increased. In particular, it should be noted that in terms of Crypto Frauds/ Crypto Scams, a high number of typical security incidents occurred this month. As users and investors, in the project selection stage, it is necessary to carefully screen the deployment and operation status of the project, as well as whether it has been audited by a third-party security company and whether it has an authoritative security audit report, and should not take it lightly.
The following are the detailed matters of this month’s security report.
In terms of Exchange, there were 2 typical security incidents occurred in total:
01
On December 19, earlier that day, Bitcoin.org encountered DDoS attack that brought the site down.
02
Livecoin, Russian cryptocurrency exchange, encountered what it called a “well-planned attack”. The exchange lost control of all servers, backends and nodes and implored customers to stop depositing, trading or interacting with the exchange.
In terms of Defi, there were 5 typical security incidents occurred in total:
01
A smart contract located at the address (0x0b283b107f70d23250f882fbfe7216c38abbd7ca) of Compounder.Finance occurred multiple large transactions. After verification by technical staff, it was confirmed to be an insider attack with a total loss of about 80 million RMB in tokens.
02
On December 7, Harvest Finance officially announced the launch of the claims portal of GRAIN, USDC and USDT. Officials said this would reduce user losses to 13.5% based on the previous refund of $2.5 million in funds from the hacker. Officials were helping users previously affected by the attack to make claims through a mix of USDC, USDT and GRAIN tokens for compensation.
03
According to TheBlockCrypto, the personal address of Hugh Karp, the founder of DeFi insurance protocol Nexus Mutual, was attacked. And there were 370,000 XNM tokens in the address, resulting in a loss of over $8 million.
04
At 06:34 (Beijing time) on December 18, Warp Finance, the liquidity LP token collateralized lending DeFi protocol, suffered flash loan attack. About $8 million were stolen.
05
On December 28, the attacker (address labeled as Grap Finance: Deployer), who had previously made $3 million in profits by issuing additional COVER, returned 4,350 ETH to the address labeled as YieldFarming.insure: Deployer with the message “Next time, take care of your own shit”.
Comments of Beosin:
The Defi ecosystem was still a hot trend in the entire industry this month, so it was also a key target for hackers and attackers, and several DeFi projects have suffered huge asset losses this month. Beosin recommends that all projects in the Defi ecosystem should remember to do precautionary work and seek third-party security companies to complete strict security audit, which was the most effective and feasible protective measures to enhance the security of DeFi projects.
In terms of Crypto Frauds/ Crypto Scams, there were 7 typical security incidents occurred in total:
01
Ripple has taken YouTube to court for failing to remove XRP-related scams from its platform. Brad Garlinghouse, CEO of Ripple, said that not only did YouTube fail to take a proactive approach to deal with the scams, but it continued to ignore Ripple’s notices even after receiving them.
02
On December 1, industry sources broke the news to Beep that the project of Dafuweng had privately tampered with the contract to transfer user assets, extracted over 100 million GOLD tokens and then smashed 90% of the fund pool and ran away.
03
On December 8, the media reported that 2 fake Gemini accounts appeared on YouTube, and hackers renamed the related YouTube accounts with Gemini’s name and logo. Gemini said that it had reported the fake accounts to YouTube.
04
Synthetix, a synthetic asset distribution platform, tweeted to Telegram officials on December 10 that it had found fraudulent groups impersonating Synthetix on Telegram for months and scamming people out of their money.
05
A Twitter user named “Artura $” tweeted that DeTrade Fund was a cryptocurrency scam that allowed any user to profit by investing money through an arbitrage system and scamming over 1,400 ETH in the pre-sale.
06
A fraudulent Bitcoin advertising scheme that attracted thousands of victims through unauthorized pictures of celebrities has been traced to Russia, according to The Guardian on December 16.
07
A Localbitcoins and Paxful trader pleaded guilty to charges related to Bitcoin scam. The U.S. Department of Justice charged the trader with knowingly selling Bitcoins to victims of a fraudulent scheme.
Comments of Beosin:
Various security incidents in terms of Crypto Frauds/ Crypto Scams have been occurring, largely due to the fact that security regulatory process construction of the current Blockchain industry still needs to be promoted urgently; in addition, the lack of users’ own security awareness is also an important reason that cannot be ignored. Beosin would like to remind that keep all kinds of personal privacy information properly and be careful to distinguish the relevant news on the network.
In terms of Ransomware/ Mining Trojan, there were 5 typical security incidents occurred in total:
01
On December 1, Microsoft said in a report released Monday evening that the Vietnamese government-backed hacking groups codenamed APT32 and OceanLotus were recently found to have deployed cryptocurrency mining malware in addition to their regular cyber espionage kits.
02
Microsoft warned in a report that a group called BISMUTH used the Monero mining Trojan as a decoy to attack government targets in France and Vietnam.
03
On December 3, Hacking group Black Shadow carried out a cyber attack on insurer Shirbit on Tuesday. The group posted on its telegraph channel on Wednesday that Shirbit would need to send 50 Bitcoins to its Bitcoin wallet or they would leak and sell private information about Shirbit’s customers and employees.
04
Korea’s Eland Group reported to police that its stores, including NC Department Store and NEWCORE Outlet, encountered a ransomware attack on November 22 and suffered damage. The hackers encrypted data on the group’s computers and demanded payment of Bitcoins in exchange for decryption.
05
Foxconn CTBG MX production facility was attacked by the ransomware Doppel Paymer. In the ransom letter, the hackers demanded 1804.0955 Bitcoins as ransom and claimed to have encrypted about 1200 servers.
In terms of Dark Web, there was 1 typical security incident occurred in total:
01
Finnish Customs (Tulli), with the support of Europol, has eliminated the Finnish dark web marketplace SIPULIMARKET.
In terms of Others, there were 11 typical security incidents occurred in total:
01
Blockchain forensics firm CipherTrace warned that on December 2, there was user funds stolen by a malicious Chrome browser extension masquerading as MetaMask, a popular crypto wallet.
02
At around 21:46 (Beijing time) On December 4, Solana, a public Blockchain project, stopped producing blocks due to an unknown vulnerability. The public Blockchain network has resumed normal operations in the early morning of December 5.
03
On December 7, the French court has sentenced Russian hacker Alexander Vinnik to 5 years in prison and fined him 100,000 euros (about $121,000). In previous news, Vinnik was accused of being behind an international money laundering scheme and transferring over $4 billion worth of funds through the BTC-e platform.
04
Mexican police arrested trafficker Ignacio Santoyo in Playa del Carmen, Caribbean. Ignacio Santoyo had been using cryptocurrencies for money laundering.
05
Aeternity (AE) encountered 51% attack by the hackers on December 9, according to Aeternity’s official Twitter feed. According to the disclosure of the core members of Aeternity community, the 51% attack caused a loss of more than 3,900 AE tokens this time, and the official team was working to resolve the problem. The damage was mainly to exchanges and mining pools.
06
The hacker who attacked Nexus Mutual founder Hugh Karp’s wallet has now successfully withdrawn nearly 35% of his funds. According to the investigation from The Block Research revealed that the hacker used renBTC to withdraw 137 BTC to 2 addresses worth about $2.65 million.
07
Infected packages were found in the open source software repository of Rubygems containing malicious code that was primarily used to steal cryptocurrency from users through supply chain attack.
08
On December 21, a database containing over a million customer emails has been made public on the hacking site Raidforums. The data was stolen when hardware wallet provider Ledger’s e-commerce database was hacked in June 2020.
09
Italian police have accused Franscesco Firano, CEO of BitGrail, of stealing millions of dollars in cryptocurrency from exchange users.
10
A large number of cryptocurrency mining machines that illegally consumed large amounts of electricity were found at the Banguriani Hotel in central Mestia, Georgia. The theft of electricity at the Banguriani Hotel was equivalent to the power consumption of about 4 villages.
11
On December 29, cryptocurrency broker Voyager Digital suffered a cyber attack. The trading system was damaged and forced to go offline, informing customers that its Domain Name System (DNS) server was compromised, but have since recovered.
In view of the current new situation in the field of Blockchain security, Beosin hereby warmly prompts:
On the whole, the number of Blockchain security incidents in December has increased compared with November, and the overall number of security incidents was over 31, so the risk rating was High. From the perspective of segmentation, Defi, Crypto Frauds/ Crypto Scams and Ransomware/ Mining Trojan were still the key targets of Blockchain ecosystem; from the perspective of attack methods, DDoS attack, lightning loan attack and 51% attack were still the key methods used by hackers; from the perspective of asset losses, the security situation this month was quite severe.
Specifically in terms of Defi, the security risk of the DeFi ecosystem was still worrying, and the amount of money lost was huge. Various typical incidents occurred this month showed that attacks from hackers have been unrelenting. In addition, the latent risk from project insiders should not be underestimated. Here, Beosin reminds that Defi project parties need to always pay attention to respond to the attacks of external hackers, but also from the internal risk factors need to be purged in a timely manner; strengthen the security awareness of internal personnel to avoid the occurrence of theft.
In addition, the number of security incidents of Crypto Frauds/ Crypto Scams has been on the rise this month, which may be largely due to the sudden surge in market value of cryptocurrencies such as BTC and ETH this month. The onset of the bull market has let latent attackers and scammers on all fields be ready to come out. As users and investors, it is important to cultivate awareness of security precautions while sharpening eyes, carefully screening and choosing reliable projects to avoid blind obedience.
In the last month of 2020, the security risk of Blockchain ecosystem still cannot be underestimated. In the coming year, “Securing Your Blockchain Ecosystem” will be the ambitious vision that Besoin strives for.
Wish you all good health and keep safe in the new year.
