Cryptospace Spotlight

1. 2 Mar - Blockchain-based game / company, The Sandbox, warned its users that of phishing email as a result of a security breach. The company noted that an unauthorized third party gained access to an employee's computer on 26 Feb and used it to email users. [more][more-Sandbox]

2. 1 Mar - Ethereum developer, Yoav Weiss, announced ERC-4337, or “smart accounts” after 9 years since the concept was first surfaced. ERC-4337 (previously EIP-4337) is also referred to as account abstraction. It provides the foundation for a variety of features, including account recovery and group-access wallets. [more]

   1. ERC-4337 enables platforms to offer crypto services without requiring users to manually create a traditional wallet and store their seed phrase or private key. Instead, account abstraction stores keys locally on the user’s hardware security module (HSM) and are, therefore, as secure as a self-custodial crypto wallet.

   2. It also allows for two-factor authentication, signing transactions on your phone with a fingerprint or face scan, and playing blockchain games without constantly having to approve transactions.

3. 1 Mar - The cryptocurrency phishing scammer, Monkey Drainer, posted to their Telegram channel on March 1 that they “will be shutting down immediately” and all “files, servers and devices” related to the drainer “will be destroyed immediately” and it “will not return”. [more][more-MonkeyDrainer]

   1. Monkey Drainer is understood to have operated since late 2022 and is estimated to have stolen up to $13 million worth of cryptocurrencies and nonfungible tokens since that time.

4. 28 Feb - MyAlgo, a native wallet for the Algorand blockchain network, has advised users to withdraw funds after tokens were reported drained from the use of its wallet. It was noted that 19.5 million ALGO and 3.5 million USDC worth $9.6 million have been stolen. [more][more-2][more-securityanalysis]

   1. John Woods, chief technology officer of the Algorand Foundation, said that 25 wallets have been affected and that the exploit is "not the result of an underlying issue with the Algorand protocol or SDK (software development kit)". MyAlgo said that it doesn't know the root cause of the exploit.

5. 27 Feb - BNB Chain-based DeFi protocol LaunchZone was attacked and $700,000 worth of tokens was drained from LaunchZone liquidity pool. [more]

6. Indian exchange Bitbns admits it was hacked last February. The estimated loss was $7.5 million. Bitbns CEO brushed off the hack as something that’s “not abnormal” in the crypto space since most major exchanges including Binance have been compromised at certain times.[more]

7. Solana network faced a slowdown in block production after an upgrade in the validator software (on Feb 25). The incident has resulted in disruptions to transactions. Validators had to downgrade the software in an attempt to restore network performance. [more]

Techwatch Select

1. New flaws in TPM 2.0 library pose threat to billions of IoT and enterprise devices. [more]

2. Artificial Intelligence (AI) and machine-learning experts are warning against the risk of data-poisoning attacks that can work against the large-scale datasets commonly used to train the deep-learning models in many AI services.[more]

   1. Data poisoning occurs when attackers tamper with the training data used to create deep-learning models. This action means it's possible to affect the decisions that the AI makes in a way that is hard to track.

3. Thales said to be successfully experimented end-to-end encrypted phone calls, tested to be resilient in the Post Quantum era. The pilot was performed with the Thales ‘Cryptosmart’ secure mobile app and 5G SIM cards installed in today's commercial smartphones, employs hybrid cryptography, as recommended by the NIST (National Institute of Standards and Technology). ‘CRYSTALS-Kyber’, one of the four algorithms selected by the NIST. [more]

4. According to a paper published by the KTH Royal Institute in Sweden, CRYSTALS-Kyber is vulnerable to side-channel attacks, which use information leaked by a computer system to gain unauthorized access or extract sensitive information. Instead of trying to guess a secret key, a side-channel technique analyzes data such as small variations in power consumption or electromagnetic radiation to reconstruct what the machine is doing and find clues that would enable access. [more][more-2][paper]

5. CISA Red Team shared key approach to improve security posture. [more]

   1. Establish a security baseline of normal network activity; tune network and host-based appliances to detect anomalous behavior.

   2. Conduct regular assessments to ensure appropriate procedures are created and can be followed by security staff and end users.

   3. Enforce phishing-resistant MFA to the greatest extent possible.

TRG Learn

• Blockchain basics and concepts [more]