Tech Risk Reading Picks

1. Cloud risk: Cloud technology has transformed business operations, enabling scalability, innovation, and remote collaboration. However, the increasing reliance on the cloud has made it a prime target for cybercriminals, posing significant cybersecurity challenges. The use of AI by attackers has escalated the sophistication of threats, with a notable rise in social engineering attacks. Defending cloud environments is complex due to their scale and intricate configurations, leading to exploitable misconfigurations. The U.S. government recognizes the potential catastrophic disruptions to the economy and government if the cloud is compromised. There is a shortage of cybersecurity professionals with cloud expertise, emphasizing the need for investment in skilled personnel. Businesses must adopt a proactive cybersecurity strategy, including hiring experts, fostering a culture of cybersecurity awareness, and implementing real-time, cloud-native threat detection. A comprehensive incident response plan tailored for cloud-related threats is crucial for effective mitigation. As we enter the new year, business leaders and CISOs must prioritize securing the cloud to counter evolving cyber threats and protect valuable assets. [more]

2. Quantum readiness roadmap: The National Institute of Standards and Technology's (NIST) National Cybersecurity Center of Excellence has published two draft volumes as part of its project on transitioning to post-quantum cryptography. The focus is on preparing for the shift to quantum-safe encryption by creating cryptographic inventories and testing approved algorithms for interoperability and performance. The initiative aims to offer practical guidance and tools to help organizations develop a migration plan, also known as a quantum readiness roadmap. [more]

3. Virtual kidnapping: The increasing complexity of cyber threats includes a new danger known as virtual kidnapping, where AI-driven voice manipulation tools are used alongside SIM hijacking. Perpetrators can replicate a victim's voice, making distress calls for help. SIM hijacking involves taking control of a person's phone number by exploiting vulnerabilities. The convergence of these techniques poses challenges for law enforcement and individuals trying to verify the authenticity of distress calls. [more]

Web3 Cryptospace Spotlight

1. IOSCO policy recommedation on DeFi: The International Organization of Securities Commissions (IOSCO) has issued policy recommendations for regulating decentralized finance (DeFi). Due to the anti-centralized nature of DeFi, IOSCO suggests identifying "responsible persons" behind leaderless protocols. The report emphasizes that regulators should pinpoint individuals and entities exercising control or influence over DeFi arrangements to apply relevant regulatory frameworks. This recommendation addresses concerns raised in the US, where some argue that DeFi operations have been unfairly treated as individuals. [more][more-IOSCO]

2. Top 5 DeFi hacks in 2023 [more]

   1. Mixin Network (Hong Kong): Exploited for $200 million in September. Released a new system with enhanced security, offering a $20 million bounty to the hacker for the stolen assets.

   2. Euler Finance: Victim of a $197 million flash loan attack. Attacker returned all stolen funds after a $1 million reward bounty was offered by Euler.

   3. Poloniex (Justin Sun-owned exchange): Experienced a $126 million hack in mid-November. Promised full reimbursement and offered a 5% white hat bounty to the hacker. Services have resumed for select tokens on the TRON network.

   4. Multichain: $126 million moved from its bridges to an unidentified address after private keys were compromised. Founder and CEO missing for a month; services stopped indefinitely.

   5. Atomic Wallet: North Korean hackers stole an estimated $100 million. After downplaying the incident, the wallet provider is being sued by a group of investors.

3. ZachXBT impostors: Following ZachXBT's decision to deactivate his official social media account, numerous fraudulent impersonators have surfaced, taking advantage of his absence. These impostors are attempting to scam people in the cryptocurrency community by posing as the well-known blockchain investigator. The impersonators use ZachXBT's name and claim to offer assistance, aiming to exploit individuals facing cryptocurrency-related issues for personal gain. [more]

4. Phishing through Google Ads and X Advertising: Crypto drainer or cryptocurrency stealer malware attacks have exploited Google Ads and Twitter Advertising (formerly known as X), leading to the theft of around $59 million from 63,210 victims. The attacks used malicious ads redirect users to phishing pages, enabling attackers to steal cryptocurrency by tricking users into approving unauthorized transactions. Scam Sniffer, an anti-scam solutions provider, identified the campaign and highlighted the various techniques employed by crypto drainers, such as deceptive websites, wallet connections, smart contract interaction, asset transfer, and obscuration. [more]

5. Trading platform Thunder lost over $200K: 27 Dec - Crypto trading platform Thunder suffered an exploit resulting in the theft of 86 ETH and 439 SOL (worth over $239,000). The hacker claimed to possess user data including private keys, threatening to delete it. However, Thunder denied any compromise of private keys and only 1% of wallets were impacted. Affected users are assured that the stolen fund will be compensated. [more]

6. Telcoin hacked: 26 Dec - The Telcoin app experienced targeted attacks, resulting in a 65% drop in Telcoin's price ($TEL) and an estimated loss of $1.3 million. Telcoin promptly frozen the app for investigation and deploy a fix to remediate the issue. Telcoin, regulated in Singapore, Canada, and Australia, faced a market reaction with a 65% price decline, later recovering to $0.001457. The exploit's root cause was a proxy implementation issue on Polygon affecting wallets with no prior transactions. [more]

   1. The exploited vulnerability is linked to the address 0x35d2775e5f95596509951b140d68fc5b9185ff98.