Greetings dear readers! Today’s essay is the next in a series exploring creative solutions to challenges that an Auditor can encounter. In our previous article, we described Slither and how to use it; but today, we’d like to discuss fuzzing and the tool for it, Echidna.
First and foremost, we would like to express our sincere gratitude to the creators of this tool, everyone who supports it, the authors of all the resource materials, and of course our staff auditors who have helped us by revealing much-needed information and lifting the curtain of secrecy. And today, dear readers, it will be made available to you.
Greetings, dear readers! Today we would like to start a series of articles on what we call the audit methodology. At first, we want to say that in this series we will focus only on those aspects that can be really useful for auditing and bug bounty hacking and that are not described anywhere.
❗️ Other articles in the series will be coming out at blog.pessimistic.io - hope you enjoy!
Greetings dear readers! Today we are going to discuss with you an unusual question, something that we, people who are sometimes far from social networks, have to deal with partly. I am talking about Discord. With its growing popularity and its 350 million users, Discord has now become a magnet for hackers and fraudsters. What can go wrong, you ask? Many things, it turns out — you can even lose your account.
Since I myself specialize in investigating incidents and hacks related to Web3, I often have to deal with it, however, I do everything exclusively on-chain while in Discord a whole world of dangers awaits us. Many attacks are also coordinated, which makes defending against them unusually difficult, why? It's simple:
And if we have a coordinated organization against us, we need to be on our guard. This is the only way out that has a real effect. Got scared? Me as well. But let's face it with no fear - if we finally want to give people the opportunity to be their own bank, we must realize that in this case, people must be able to replace all those services and actions for which traditional banks get money.
Operational security professionals work to figure out where their information can be breached. Looking at operations from a malicious third-party’s perspective allows us to spot vulnerabilities we may have otherwise missed so that we can implement proper countermeasures.
The most important thing to understand here is the path of the cyber attack – its vector. Let's take a closer look.
“Spoof” sounds like a sound effect for an airbag going off in a car or something. Sure, “spoofing” sounds like a funny word but when it comes to security it is anything but. It is the intentional act of camouflaging malicious actors and intent under the guise of legitimate behavior.
Spoofing is an advanced persistent threat and if you’re identified as a vulnerable target with multiple weak links and attack vectors, hackers will continue to come after you until you either give them an opening or close up your weaknesses.
It seems like hackers are coming up with new attack methods every single day and it’s hard to keep up with their endless creativity. Security researchers call it “creativity” because you have to have an inventive mind to search and think up new ways to exploit the vulnerable.
This is my fifth GitCoin round!
Today we will deal with what we in our arthouse understanding of the web3 security is called the “blue button of death” and then Ortem will talk about this type of attack using the signature function, which uses EIP-712 — in our subjective opinion, very underestimated danger!
First, I would like you to study these 2 sources to get an understanding of the issue before reading article:
typefully.com/korpi87/iHknFMq — Important to read for everyone
officercia.mirror.xyz/M0QAuwwbppAFj2KWZV02DEC8CtrxaX3R47kdpcTspvE — Especially important if you are in NFT
Operational security professionals work to figure out where their information can be breached. That said, it doesn’t really matter what industry you’re in. If you have any sensitive, proprietary information at all, then you could very well be a target. This is a good thing to always keep in mind!
All of the information on my blog and on my social media sites, including this article, is strictly for introductory purposes!
Looking at operations from a malicious third-party’s perspective allows us to spot vulnerabilities we may have otherwise missed so that we can implement proper countermeasures…
The most important thing to understand here is the path of the cyber attack – its vector. Let's take a closer look at various problems associated with OpSec and its implementation to modern life!
I am very glad that you are reading my article again, dear friends! It would seem, what danger can a QR code pose? It turns out that you can even lose your cryptocurrency as well as fiat money and internet logins because of several attacks, which are based on the mechanics of QR codes.
Let's study these attacks and see how we can successfully defend against them!
In this article, I will be referring to various amazing Authors and resources I strongly recommend that you separately study them on your own. The references list is at the end of the article, enjoy reading!
For modern society, instant messaging is a necessary and familiar phenomenon in everyday life. Let me recall the most significant milestones in the development of communications, see how hackers are using the Morse code, its smart contract & blockchain modern implementations and what are the most secure ways of communication exist nowadays!
This is rather atypical article and I want to warn you this kind of experience is new for me and I hope you like it! We'll be looking at several important issues and also look to science in order to substantiate these conclusions. So these are the questions we'll consider: Is there a life in blockchain? What does it think about the most? What is its morality? Is it worth fearing? What can we learn from this Creature?
This topic has interested me in one way or another for quite long already and it is not even about the fact that the very idea of the possibility of the existence of life in the blockchain but more about our rapidly transforming reality and our common future.
The main thing is to remember your health - it is above all - do not let your principles be shaken by what you see! You are an observer. Here we'll help to understand the psychology of SCP researchers & Net-Stalkers: when nothing is clear, but the scientific method helps to put everything in its place. Try to understand the theory that the apocalypse has already happened, but no one has noticed it and everyone is trying to live as before...
It is no secret that hackers can find out which keys you press. To do this, a hacker needs to install a key-logger (See 1 & 2) on the victim's computer. However, it is already possible to simply find out what a person is typing just by the sound from the microphone or, let's say, an IoT device speakers.
But how does it work exactly? Let's get to the bottom of it!
Each key on the keyboard has a unique sound. The distance between the keys, the microphone, and the rate at which they are pressed are different for each symbol. In short, a spectrogram analysis is able to distinguish the keys from each other and determine which buttons corresponds to a particular sound.
The algorithm would analyze the parameters of each sound if a hacker gained access to a microphone or speakers. To protect against audio key-loggers, try using Unclack on MacOS and Hushboard for Linux. They will mute the microphone when you are typing.
In my favorite chat room recently I was asked, in light of recent events, would it be safer to use MacOS & IOS for work? Is it true that they have better security? I don't have a definite answer here - both yes and no. Let's get to the bottom of it!
First of all, There are a lot of malware for MacOS/IOS, the thing is that exploits 0days/1day for MacOS/IOS costs slightly more in than Windows/Android.
There is no difference, just a difference in the price of preparation and in the price of different exploits (including file gluing exploits or delivery exploits - they always cost more), I suggest you go to Zerodium and see the prices.
In general, the toolkit is more or less the same so don't assume that MacOS is more secure. Again, it is based on FreeBSD. In other words, know who is working against you and what they are capable of.
Greetings dear readers! I rarely use other people’s content, but today I came across an interesting investigation. Since the topic is well known, I am sure you will find it interesting to go through the Author’s steps and follow the conclusions. I have personally verified all of the information below and confirm the validity of the transactions cited, however, I do not draw any conclusions.
Thank you! After the article (thanks deepl.com!) you will find a very special set of transaction analysis and investigation tools!
« On Saturday July 2 at 06:03 there were transactions from 2 wallets that have been sleeping since 2015. The amounts in these wallets are not significant — 100BTC each. But what could they be of interest to us and what does Silk Road have to do with it?
Today I want to remind you about an old scam implementation which is called a scavenging. Just remember as a golden rule — the 12-word or private key scam is a pretty common one on TG and if anyone giving you their private key/seed — he is scamming you!
Any funds you transfer in to facilitate the swap will be immediately drained via contract before you can make a tx with it! Do not try to withdraw funds on those wallets!
Greetings dear readers! Today I would like to discuss with you an important thing, but to understand the topic, please read my previous articles first, especially about the OpSec view through history. As you might have guessed from the title I would like to immerse you in the world of spies and KGB agents leading an eternal confrontation, then to tell you about the very essence of our conversation - Steganography.
We are gonna learn about about what it is, how it was used in ancient times and how hackers and ordinary users use it now, and most importantly, for what and why. And we will finish with a discussion of how we as normal people and average internet users can apply the above mentioned methods to secure our crypto or fiat assets, passwords and make our lives easier in general.
The cover for this article was done by my good friend and artist — RegulLion. I would be very happy if you buy NFTs from him on OpenSea — they are all classically hand-drawn, and all the money raised will go to our joint public good project. We know each other well so in case I disappear, he’ll have the exact details of me. Consider this my canary.
Today I would like to discuss with you such a little discussed point as OpSec mindset, how it can be developed and why it is all needed on the example of ancient English, Greek and ancient Christian folklore and some modern references.
"I can resist everything but temptation." - Oscar Wilde
Operational security professionals work to figure out where their information can be breached. Looking at operations from a malicious third-party’s perspective allows us to spot vulnerabilities we may have otherwise missed so that we can implement proper countermeasures. The most important thing to understand here is the path of the cyber attack – its vector. Let's take a closer look.
Сheck out my recent article:
I am often asked why in my recent articles: about secure cryptocurrency storage, about an attack on old-and-forgotten hard-drives and on how hackers are caught I do not recommend using Trezor or Ledger devices for a main cold storage.
So there's some background information. I was seeking for a company that recovers data from broken hard drives and cold crypto storage devices such as Ledger/Trezor, and I had made a few posts on well-known clear-net and deep-web forums when I came across an interesting guy with whom I had a conversation.
As is customary, our acquaintance began with a reaction to my unusual nickname (I remind you that this is a joke and a simulacrum; I do not work or have ever worked for any government, nor have I ever worked for comparable entities) and a general curiosity in the Bitcoin business. He offered me some links to some decent manuals that he used and I'll include them as a bonus at the end of the interview.
Imagine the situation: you are an employee of a secret service, and your task is to calculate a particularly dangerous criminal, engaged in blackmail and appearing in the network periodically and only for the transfer of data. For his criminal activity he has a separate laptop from which he "cut out" the microphone, speakers and camera. A sensible decision, given that the speakers can also listen.
He uses Tails as his operating system, although he should have used Whonix for maximum anonymity. Anyway, all the traffic goes via Tor, he doesn't trust VPN or only trusts his VPN and he needs Tor for the DarkWeb "work" anyway.
Today I would like to talk about how to become a good OSINT investigator, but to continue the conversation I would like to make a small disclaimer - I will tell you only some aspects because the topic is very vast and I can not describe everything in one article, however, I will try to show you the way and how to pass this path.
To begin with, I want to say that I will consider OSINT as a set of skills or a mindset, because it can be directly related to doxing, military GEO-INT performed by a security company employee or just media OSINT performed by a VC fund employee in order to find new projects for investment, taking the theory of handshakes as a basis. Or even a crypto-forensics specialist investigating a major Web3.0 hack case. In other words, it can be used in all spheres of life because it is only a method of working with, assessing and ranking information - do not ever forget that we are all living in the Information Era.
| Here I will tell you exactly how I investigate crypto hacks and security incidents, and describe methodology:
Usually in blockchain investigation I use tools first for manual analysis such as tenderly.co, ethtective.com, breadcrumbs.app, 9000.hal.xyz, dune.xyz, nansen.ai, , bloxy.info, github.com/naddison36/tx2uml, github.com/ApeWorX/evm-trace.
I seen also a rather unusual method - the use of VR, which will empower the first step: ethresear.ch/t/open-source-3d-and-vr-blockchain-visualizations/3297/2
As a third step, I check contracts/addresses through the impersonator, the unrekt.net or revoke.cash checker and other tools. As an example, tutela.xyz github.com/TutelaLabs tool can help in tacking funds behind TornadoCash
When investigating an incident, it is also important to conduct a classic OSINT (2) investigation, for example, if we are investigating a hack - it is necessary to check messages from chats, interview employees and eyewitnesses. Sometimes this yields data: www.1337pwn.com/how-to-investigate-cryptocurrency-crimes-using-blockchain-explorers-and-osint-tools/
A) Understand that all sorts of blockchain.info, TrustWallet, MetaMask and other wallets are just interfaces.
B) Consider cold wallets, personally I do not trust Ledger or Trezor. There is a hardcore version BitLox Ultimate, which is literally stuffed with security-related features, lets the traffic through Tor, and has several levels of encryption. Or an ascetic cold card which is a good choice for those, who love simple and clear mechanics.
D) Check what are you signing, if we speak about ETH and similar chains, never use your main cold storage for casual work, but if you have to (for example, sign a gnosis-safe multi-sig (2) (3) transaction), always check if there are no allowance approve (which allows to drain your wallet) or proxy (behind which mentioned function may be hiding). Revoke approvals here.