Inventory From Beosin | There Were Over 39 Typical Security Incidents In August. Security Incidents Occurred Frequently In This Month, And The Overall Risk Rating Was “High”, Which Needed To Pay Great Attention
According to the data monitoring of Beosin-Eagle Eye, the security situation of the entire Blockchain ecosystem was very severe in the past month. The statistics indicated that over 39 typical security incidents have occurred in total, and which was the highest so far in a single month in 2020. And the overall risk rating of security incidents in this month was “high”, which required the great attention from all project parties in Blockchain ecosystem. Compared with July, security incidents at all fields in August showed an upward trend. Security personnel of Beosin counted the items of typical security incidents in August as follows:
In terms of Exchange, there were 4 typical security incidents occurred in total:
01
Sperax, the decentralized financial infrastructure, said that some exchanges recently issued announcements to guide users to enter their platforms to snap up SPA tokens. Sperax currently does not have any official cooperation with any exchange, and Sperax stated that it would not distribute SPA tokens before the public sale on its official website on August 14, East Coast Time.
02
KuCoin, the cryptocurrency exchange, warned that there were some fraudulent websites using its brand to try to steal cryptocurrencies. And this websites provided false rewards to induce users to deposit digital assets.
03
TAOTAO, the Japanese cryptocurrency exchange, officially stated that at 12:46–12:56 on August 22, Tokyo Time, the trading pair quotation of the exchange could not be updated due to a system failure. The problem has been fixed right now, but the impact of the failure was still under investigation.
04
Some cyber-criminals have been counterfeiting the BTC ERA trading platform with the intention of infecting potential users with malware. The cyber-security company discovered that the perpetrators had been sending emails allegedly from BTC ERA to induce users to invest and pay.
In terms of Defi, there were 5 typical security incidents occurred in total:
01
Opyn officially issued an update on the ETH theft incident caused by platform loopholes and would fully compensate ETH put option sellers affected by the loophole. For ETH put options buyers, the put options were redeemed at a price 20% higher than the market price.
02
BASED, the anonymous DeFi liquidity farming project, officially announced that it would redeploy the pledge pool. The official Twitter said that hackers tried to freeze “Pool1” permanently, but the attempt failed.
03
In the contract developed hastily by Yam Finance, a rebase function loophole caused the governing contract to be “Permanently Destroyed”, and Curve tokens worth $750,000 were locked and unusable.
04
The DZI officially supported by TRON were exposed a loophole. The engineers directly called the contract to obtain DZI after it was officially launched, and which suffered heavy losses.
05
A netizen on Twitter said that Degen.Money, the DeFi liquidity mining project, used “Double Approval Exploit” to obtain users’ funds. Andre Cronje, the founder of YFI, also tweeted that the project was indeed risky and required manual cancellation of authorization.
Comments of Beosin:
Defi is still a hot trend at the current stage. However, plenty of serious security vulnerabilities were exposed after some projects launched. Beosin recommends that all project parties must do a great job in security auditing before projects launch to eradicate potential security hazards and reduce unnecessary losses.
In terms of Crypto Frauds/ Crypto Scams, there were 8 typical security incidents occurred in total:
01
The Police Detachment in Peterborough County, Ontario, Canada was investigating 2 fraud cases involving a total amount of $78,000. The suspect pretended to be a police officer to trick the victim into depositing funds in Bitcoin account he requested. Otherwise, the suspect would be arrested.
02
According to a tweet posted by Jon Prosser on August 5, his YouTube channel with 262,000 subscribers was hacked, and the channel name was changed to “NASA [news]”, also started to broadcast a live false news about Elon Musk, CEO of SpaceX, giving away Bitcoins. In about 2 hours, the illegal profit was $4,000.
03
Since the beginning of this year, the same type with tweet of crypto scams has been rampant on Instagram. More than 1.3 million Instagram posts used the hashtag #Coinbase, but the vast majority of them were false information; there were also some frauds which pretended to be fake celebrity accounts to post false crypto information.
04
On August 7, Uniswap appeared counterfeit SRM tokens, and some users were already cheated. Serum issued a tweet to remind users to be vigilant. SRM appearing on other trading platforms (such as Uniswap, etc.) other than FTX and BitMax were counterfeit.
05
ScamAlert website was tracking some addresses suspected of crypto scams, and the number of confirmed and suspicious digital currency addresses has exceeded 50,000.
06
The National Cyber Security Centre (NCSC) in the UK has deleted more than 300,000 urls that were related to false endorsement investment opportunities of celebrities, and more than half of the websites were deceptive cryptocurrency investment schemes.
07
The Police in Suzhou Park detected the first hacking crime against virtual currency in Suzhou and captured several criminal suspects who used hacking methods to steal accounts & passwords to obtain virtual currencies, and contacted professional money-laundering gangs to realize cash through dark web.
08
The CFTC requested a civil fine of $429 million on the person in charge of the crypto scam, Control-Finance.
In terms of Ransomware/ Trojan of Mining, there were 8 typical security incidents occurred in total:
01
CWT, the fifth largest travel company in the United States, agreed to pay $4.5 million worth of Bitcoin to hackers who hijacked its computer systems.
02
According to foreign media reports, the FBI issued a new security alert against Netwalker ransomware by the United States and foreign government organizations. Subsequently, the federal government advised the victims not to pay the ransom and reported the incident to the local FBI field office.
03
The Weibu Intelligence Bureau detected an attempt to attack the Docker host and planted the attack of Trojan of mining. The Trojan of mining was stored on a server (85.214.149.236) in Germany.
04
The multinational company Canon’s emails, storage services and US websites were attacked by the ransomware from Maze group. Maze required Canon to pay the cryptocurrency ransom, otherwise they would leak Canon’s photos and data.
05
The ransomware attack on Garmin was not over, and Canon suffered another ransomware attack. In addition to downing some of Canon’s websites, the attack was said to have caused up to 10TB of data in Canon’s servers to be stolen.
06
REvi, the ransomware criminal group, claimed to have successfully attacked Brown-Forman Corp, the giant of American wine and spirits. The company refused to pay the ransom (Monero) demanded by REvil. In response, hackers sold the stolen data on their official blog on dark web for approximately $1.5 million.
07
Mitiga, Israeli cyber security company, advised all customers of Amazon Web Services running certain programs to check whether they have been maliciously infected by Monero mining software. Migita claimed that any user running an EC2 instance based on Community AMIs (Amazon Machine Images) was vulnerable to the crypto mining software.
08
A criminal group launched the DDoS attack on some of the world’s largest financial service providers (including MoneyGram, YesBank Indiak, PayPal, Braintree, and Venmo) and demanded Bitcoin ransoms.
In terms of Dark Web, there were 2 typical security incidents occurred in total:
01
Passport data of 1.14 million Russians were being sold in underground shops on dark web. It was reported that in the previous referendum on constitutional reform, these Russian citizens voted through Blockchain platform, but their data was leaked on the Internet.
02
Empire Market, a well-known dark web market, has closed operations. When it exited, the site defrauded 1.3 million users of about 2638 Bitcoins, worth nearly $30 million.
In terms of Others, there were 12 typical security incidents occurred in total:
01
Ledger, the Cryptocurrency wallet, wrote an article in response to the security vulnerability disclosed by security researcher Monokh. Ledger said that version 1.4.6 of the launching Bitcoin application, which aimed to improve the security vulnerabilities disclosed by Monokh. In addition, Ledger has also updated applications such as Litecoin and Dogecoin.
02
Recently, the 51% attack on ETC was believed to have resulted in approximately $5.6 million in cryptocurrency being “Double Spending”.
03
The social news site Reddit suffered a large-scale hacking attack. The attackers destroyed dozens of Reddit channels, including the National Football League in the US, TV shows, the Pirate Bay, Disneyland, Avengers, etc. These channels added up to tens of millions of users in order to show support for Donald Trump’s re-election.
04
The Tencent Security Threat Intelligence Center detected a large number of attacks originating from overseas IP and some domestic IP against domestic cloud server tenants. The cloud servers of many well-known domestic companies have been attacked by the Botnet, and thousands of servers have been destroyed.
05
The judge sentenced Kathryn Nguyen, an Australian hacker, to 2 years and 3 months in prison for stealing more than 100,000 XRP tokens (currently valued at approximately $300,000) when XRP was nearing its all-time high of $3.29 in January, 2018.
06
Hackers have had a significant impact on the privacy browser Tor in this year, and they were using the influence to hijack Bitcoin. Through Tor export relay, hackers transferred Bitcoin funds in crypto transactions to their own hands.
07
2 men in Kyustendil, the town of Bulgarian, were detained for stealing electricity to mine Bitcoins. And the stolen electricity was worth $1.5 million.
08
The US government was suing Edward Snowden, the leaker of US National Security Agency (NSA). According to a recent court document, Snowden’s lecture fees at virtual conferences amounted to $1.2 million, of which at least $35,000 came from Bitcoin and crypto companies.
09
On August 21, Joseph Sullivan, the former chief security officer of Uber, tried to cover up the hack in 2016. Two hackers hacked the data of millions of users and drivers, and demanded that he paid six-figure payments. In December 2016, Sullivan paid hackers $100,000 in Bitcoin.
10
On August 24, hackers stole more than 1,000 users’ data from CryptoTrader.Tax. CryptoTrader.Tax is an online service for calculating and filing cryptocurrency transaction taxes.
11
Lazarus, the North Korean hacker organization, once again set its sights on cryptocurrencies. The latest attack incident was to send a phishing document through a job advertisement on LinkedIn, which was related to a Blockchain technology company.
12
A study showed that the token worth more than $1 billion on the Ethereum Blockchain lacked a software standard released in 2017 which allowed them to be hijacked and taken from trading exchanges.
In view of the current new situation in the field of Blockchain security, Beosin hereby summarizes:
On the whole, there were plenty of security incidents occurred in the entire Blockchain ecosystem in August, which showed a clear upward trend compared to July. It is worth mentioning that security incidents occurred in August was the highest so far in a single month in 2020, and the overall risk rating was “high”. Among them, security incidents in Defi were particularly worthy of our attention. As the popularity of Defi have continued to rise, the subsequent hidden security risks in the field may be grim, and we cannot relax our vigilance.
At the same time, there were several serious security vulnerabilities on some projects related to Defi in this month. Therefore, Beosin also reminds that all project parties should keep eyes on relevant security work during the preparation stage. For smart contracts that are about to deploy, remember to seek a professional security company to conduct code auditing to avoid causing irreparable losses after deployment.
In addition, it also should be noted that in terms of Crypto Frauds/ Crypto Scams, relevant scam incidents occurred in this month from time to time; however, it can be seen that relevant departments are paying more attention to this field and scam incidents solved have also increased. Hence, Beosin needs to remind that all users do not believe in the “pie in the sky” easily, discern relevant news on the Internet carefully and do not fall into the trap.
