The CoinSec Podcast The CoinSec Podcast

In this episode we discussed how Coinbase was issued a Wells notice from the SEC. Do Kwon was arrested with fraud charges. Euler Finance, a permissionless borrowing and lending protocol on Ethereum, was the victim of a flash loan attack. Cross-chain Web3 platform Poolz Finance lost $390,000 to a hacking incident on Mar. 16. General Bytes experienced a security incident on March 17 and 18 that enabled a hacker to remotely access the master service interface and send funds from hot wallets. We also discussed a few different crypto wallet vendor vulnerabilities.

In this episode we discussed how North Korea-linked cybercrime syndicate Lazarus Group has reportedly transferred $63.4 million in Ethereum from 2022’s mammoth Harmony bridge hack. Advertisements on popular search engines like Google have been used to serve malware to unsuspecting users. The founder of cryptocurrency exchange Bitzlato was arrested and charged with processing $700 million in illicit funds. The U.S. Department of Justice (DOJ) has concluded a months-long disruption campaign, in cooperation with the Federal Bureau of Investigation (FBI), against crypto ransomware group Hive Network, preventing victims from losing $130 million in ransoms.

In the episode we discussed a report that Immunefi put out regarding crypto losses in 2022. One of the original core developers of Bitcoin, Luke Dashjr, claimed that someone stole 216 BTC from them. A class action lawsuit has been filed against Last Pass that alleges that the data breach against Last Pass resulted in loss of crypto. The CFTC filed charges against the Mango Markets hacker. Crypto and banking apps are being targeted by the "GodFather" malware. Multiple major hacks against individuals occurred over the past month.

In this episode we talked about how FTX co-founder and former CEO Sam Bankman-Fried has been arrested. Lodestar Finance was hacked for $6.9 million. FTX apparently stored wallet private keys unencrypted. A new phishing campaign that creates similar wallet addresses to victim wallets was discussed. CoinTracker suffered a data leak of user information. Gemini warned of potential phishing messages targeting its users.

In this episode we gave an update on the FTX collapse. A crypto scammer was sentenced to 18 months in prison. Ankr was victim to a potential private key compromise. An investor was hacked for $42 million in crypto. Attackers have bypassed Coinbase and Metamask 2FA via TeamViewer fake support chats. Infura made a change in their privacy policy that appears to state they are collecting Metamask Users' IP addresses. We also talked about how ChatGPT can be used to find vulnerabilities in smart contracts.
 
00:00 - 2022-12-02 | CoinSec Podcast Ep 72
01:48 - Story # 1: FTX Update
https://www.forbes.com/sites/mariagraciasantillanalinares/2022/12/02/bankman-frieds-complex-explanation-points-to-comingled-funds-on-ftx/
09:15 - Story # 2: Crypto Scammers Sentenced to 18 Months in Prison
https://tech.hindustantimes.com/tech/news/crypto-scammer-in-geniuses-hack-gets-18-months-in-prison-71669977845605.html
15:21 - Story # 3: Ankr “Infinite Mint” Hack
https://decrypt.co/116268/binance-pauses-withdrawals-amid-5m-ankr-hack
19:03 - Story # 4: FTX Attacker Fund Movement
https://twitter.com/zachxbt/status/1597605409883566080
22:14 - Story # 5: Bo Shen Hacked for $42 million
https://decrypt.co/115420/fenbushi-founder-bo-shen-loses-42m-stablecoins-bitcoin-ethereum-hackers
25:50 - Story # 6: Attackers Bypass 2FA on Coinbase and Metamask via Teamviewer
https://www.bleepingcomputer.com/news/security/attackers-bypass-coinbase-and-metamask-2fa-via-teamviewer-fake-support-chat/
31:49 - Story # 7: Infura Collecting MetaMask Users’ IP, Ethereum Addresses After Privacy Policy Update
https://decrypt.co/115486/infura-collect-metamask-users-ip-ethereum-addresses-after-privacy-policy-update
38:57 - Story # 8: ChatGPT for Finding Smart Contract Vulns
https://twitter.com/gf_256/status/1598104835848798208

In this episode we primarily talked about the collapse of major cryptocurrency exchange FTS. We also talked about how Crypto.com accidentally sent $400 million to the wrong wallet address. Deribit was hacked for $28 million. Skyward Finance was hacked for $3 million. 50,000 BTC were confiscated from a hacker who allegedly stole them from the Silk Road.