Peter Kacherginsky

Jan 15, 2024 | newsletter.blockthreat.io | Peter Kacherginsky

This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts

Jan 15, 2024 | newsletter.blockthreat.io | Peter Kacherginsky

Greetings!Mass X account compromises continue with SEC getting hacked resulting in volatile market movements. The reported attack vector was lack of 2FA and a sim-swapped phone number associated with the account. If only they followed the Twitter Security Self-Audit by the good folks at Security Alliance. Did you? Solana network is experiencing a rise in drainer and airdrop phishing attacks all too familiar in the EVM world.

Jan 4, 2024 | newsletter.blockthreat.io | Peter Kacherginsky

Greetings!Crypto spring is back. Unfortunately that means exploiters, scammers, and other criminal elements are about to refocus their efforts on the blockchain industry. The number of compromises is starting to really pick up going from just 61 in 2023 ‘Q1 to 104 in 2023 ‘Q4. We are still far behind in total value lost from the same quarter last year ($641M vs. $1.37B), but as asset valuations pick up this number will follow.

Dec 29, 2023 | newsletter.blockthreat.io | Peter Kacherginsky

This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts

Dec 29, 2023 | newsletter.blockthreat.io | Peter Kacherginsky

An interesting case study on vulnerability disclosure. CertiK announced a critical remote code execution vulnerability in OKX iOS Wallet on the same day the patch became available. How long does it take for Apple users to apply a patch? Let’s take Safari browser as an example. Safari 17.2 was released on December 11 which also includes a patch for an arbitrary code execution vulnerability.