A relatively quiet week with just one high profile yet unsuccessful attack on the BCH network. In this edition of the newsletter I will look into several scam and malware trends as well as a a few fun research articles including James Lopp going on a destruction rampage against several popular metal wallets.

Hacks:

Scams:

Scammers luring people into buying ‘discounted stolen Bitcoins’ - a variation of the “free crypto” scam promising discounted Bitcoins from the Binance hack.

Fake Block One address transaction - a creative scam managed to trick EOS block explorers into displaying a transaction which appeared to be coming from the official B1 address by creating a custom contract.

Phishing links in Electrum’s Github issues - yet another scam attempt at getting users of the most phished wallet project to download malware.

Malware:

Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud - the blog by Intezer contains a wealth of indicators on malware samples used by the Pacha Group to target various cloud infrastructure services. It is interesting that the Pacha group is well aware and is actively blacklisting its competition.

Research:

Metal Bitcoin Seed Storage Stress Test (Part II) - a second installment of James Lopp testing various metal wallets by heating them up to extreme temperatures, throwing metal plates into baths of acid, crushing plates under hydraulic press, and then rating readability of surviving mnemonic words.

Breaking Monero series Episode 03: 0-Decoy and Chain Reactions - a detailed look into zero decoy attacks and how Monero was hardened against them.

That’s all for this week. Feel free to drop me a line on how this newsletter could be improved or any stories that you would like to see in the future: iphelix[at]blockthreat[.]net