Ethereum’s Create2: A Double-Edged Sword In Blockchain Security

Ethereum’s CREATE2 function is being exploited by attackers to compromise the security of digital wallets, bypassing traditional security measures and facilitating unauthorized access to funds. The attack method involves tricking users into approving transactions for smart contracts that haven’t been Read More …

Decentralized Robbery: Dissecting the Nomad Bridge Hack and Following the Money

In this blog post, Mandiant takes a deeper look into how the Nomad bridge smart-contract was exploited and analyzes the on-chain transactions post-compromise using cybercrime prevention company Cyber Team Six’s (CT6) blockchain investigative software, CryptoVoyant. Background In early August 2022, Read More …

TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Treasury Department (Treasury) are issuing this joint Cybersecurity Advisory (CSA) to highlight the cyber threat associated with cryptocurrency thefts and tactics used by a Read More …

‘Ice phishing’ on the blockchain

The technologies that connect us are continually advancing, and while this brings tremendous new capabilities to users, it also opens new attack surfaces for adversaries and abusers. Social engineering represents a class of threats that has extended to virtually every Read More …

Gemalto reports increase in blockchain use for securing the Internet of Things

The use of blockchain-based technology to help secure Internet of Things (IoT) data, devices, and services doubled last year, a report from Gemalto has revealed. According to the company’s The State of IoT Security report, released on Tuesday, blockchain has emerged as Read More …