In episode 56 we discussed Optimism paying out a $2 million bug bounty. A BGP hijack occurred in South Korea and the KLAYswap platform was affected for roughly $1.9 million. IRA Financial Trust was hacked for $36 million. The ArrowDAO founder explains an elaborate scam targeting him. Department of Justice beefs up efforts to combat criminal use of cryptocurrencies. Twitter user Tree_of_Alpha reported vulnerabilities to both CoinDesk and Coinbase.

In 2016, Bitfinex was hacked, and 120,000 Bitcoin were stolen. A New York couple was arrested and charged with laundering $4.5 billion in connection with the Bitfinex hack. Meter.io was hacked for $4.4 million. The Superfluid contract on QiDao was hacked for $8.7 million. EarnHub was hacked due to a logic error in their contract. Dego Finance was hacked for $10 million due to an alleged private key compromise.

In this episode we discussed the Wormhole exploit that resulted in $323 million being stolen. We also discussed an $80 million hack against Qubit Finance. A person was apparently phished where they accepted token approvals on their behalf and lost $2.7 million in NFTs. SMS phishing attacks are up for Binance users. We also discussed various physical attacks such as a case where a man drugged his father to get access to his Bitcoin.

In this episode of the podcast we were joined by Tal Be'ery, Co-Founder & CTO of ZenGo. We discussed the ongoing attacks against Multichain. OpenSea continues to have listing issues resulting in NFTs being purchased for way lower than floor prices. Some Crypto.com users were hacked for around $30 million. A price oracle manipulation attack happened to the Float Protocol Pool 90 on Rari Capital. Crypto YouTuber's accounts are being hacked. $2 million was recovered from a Trezor.

In episode 52 we were joined by Jack Rhysider from Darknet Diaries. He gave us additional insight into a story we covered in episode 44 around Coinbase accounts getting hacked. We also talked about a $1 million bug bounty that was paid out by Notional. DefiDollar successfully stopped a smart contract attack by having an early warning system in place that detected a malicious contract. LCX was hacked for $7.94 million in a hot wallet compromise. North Korean hackers are targeting crypto startups. Rarible is creating a tool to block risky NFT sales. Fees.wtf was hit by bots that drained their liquidity pool during their token launch.

2022 is already starting off hot for crypto hacks, scams and rug pulls. We recap 2021 as $14 billion were stolen in crypto-related incidents. A follow-up from episode 50 in regard to Polygon hard forking due to a critical bug was discussed. Norton Anti-virus has added a cryptomining feature to its Norton 360 software. Tinyman was hacked for $3 million. The first week of the new year saw rug pulls from Arbix Finance, $YEAR token, and Doodled Dragons NFT. A new smart contract auditing tool called SAILFISH claims to discover new vulnerabilities. $2.2 million in Bored Apes were frozen on OpenSea after being stolen. Steve walks us through a demo on how to recover/crack your lost wallet password.

In episode 50 we discussed the Helium network, how to mine HNT, and a hack for getting a miner. Multiple Discord hacks happened to various NFT projects. Grim Finance, Bent Finance, and Visor all dealt with hacks. Polygon silently hard forked.

In this episode of the CoinSec Podcast we talked about the critical Log4J issue and how that may affect crypto-related software. BadgerDAO was compromised for $120 million due to an attacker gaining CloudFlare API access. Four different private key compromise stories were discussed in this episode for Vulcan Forged, AscendEX, Bitmart, and 8ight. MonoX was hacked for $31 million due to a smart contract vulnerability. Also, a man accidentally sold a Bored Ape for $3k instead of $300k.

MediaMarkt was infected with Hive Ransomware preventing their cash registers from accepting credit cards. More than 5 million email addresses were stolen in a hack on Robinhood. A man threatened to burn down the Upbit Exchange. Blizzard Network was allegedly hacked by a malicious insider for $1 million. The ConstitutionDAO failed to purchase a copy of the US Constitution. Samczun created a CTF that included a 0-day in Etherscan.

In episode 47 we talked about two separate rug pulls that happened recently. Also, a number of fake Metamask and Phantom wallet extensions have been on the rise. We discussed potential vulnerabilities in smart contracts written for NFTs. BZX appeared to have a private key compromise resulting in the loss of over $53 million.

Show Notes at: https://coinsecpodcast.com/Episode-47-7e704784114442c1aef28d62ae6a96b2