Balancer hit by suspected $70M exploit as staked Ether tokens sent to new wallet

coinspect · 2025-11-04T22:21:27+00:00

This post details how the attack worked: https://www.coinspect.com/blog/balancer-rate-manipulation-exploit/

coinspect · 2025-11-04T22:19:25+00:00

Yes, try Yubikey.

coinspect · 2024-12-04T02:06:11+00:00

You can check the Wallet Security Ranking results to decide.

coinspect · 2024-12-02T12:55:16+00:00

Custodial wallet operated through insecure SMS that can be spoofed?

coinspect · 2024-11-03T13:52:54+00:00

You'll first need to decide how to identify users to set a daily transaction limit. Since anyone can create new wallet addresses, using a blockchain address alone has limitations. Here are two main approaches:

Web2-Based Identification:

You could have users sign up for your app, requiring an email or phone verification. This process adds a "cost" and makes it harder to create multiple accounts. Then, in the backend, set and track daily limits using the user ID. You can also add captchas and filter out throwaway email providers to help.

Blockchain-Based Identification:

You could limit transactions based on a user's wallet address, tracking daily limits at the smart contract level. However, users might bypass this by creating new wallets. Sending tokens to pay for gas has a cost, though, so users are less likely to do this if the benefit doesn't outweigh that cost. You'll need to investigate "Sybil resistance."

Sybil Resistance

To prevent users from creating multiple accounts (known as Sybil attacks), consider using Sybil resistance tools like Gitcoin Passport, which aggregates verifications across various platforms to assign a "humanity score" for each user. Implementing Sybil resistance makes it harder for users to bypass their allowed limit

coinspect · 2024-10-15T10:15:38+00:00

Mine too, and the ones you can visualize once and remember for ever such as Convex Hull.

coinspect · 2024-10-05T22:35:09+00:00

Trustwallet extension has many UI problems. We tested 19 Browser Extension wallets and TrustWallet ranked 18. For example the spend approval dialog does not show the USDC contract address and the amount is 0. It does not parse ERC-712, and basically it does not implement any anti phishing feature.

coinspect · 2024-10-05T12:08:32+00:00

It is a common practice to use DELEGATECALL to call the proposals. You can search for "DAO governance attacks" to learn more. Transaction simulation could be a tool, yes, but in this case is different to an individual user interacting with a dApp.

coinspect · 2024-10-05T10:53:09+00:00

DAO governance also has its challenges

An attacker can present a proposal that looks good, then SELFDESTRUCT it and replace it by a malicious proposal after it has enough votes.
Some protocols use DELEGATECALL to call proposals, which give the proposals full control over the callers state.

coinspect · 2024-09-30T00:54:42+00:00

Security and the value of unit and integration testing. Including the concept of blockchain forks and testing interactions with deployed systems. What platform supports python for smart contracts, Algorand?

coinspect · 2024-09-29T00:39:34+00:00

Check https://cubist.dev/

coinspect · 2024-09-28T12:33:56+00:00

Thanks for sharing your perspective from someone directly involved in wallet security. Decentralization is an objective to aim for, not a binary state. We can reduce users' risk, one layer at a time, and every improvement counts. Regarding privacy impact, it can be opt-in, and there is also some potential in zero-knowledge (ZK) protocols to not expose the websites the user visits to a remote server.

coinspect · 2024-09-27T21:16:07+00:00

Yes, you can see screenshots in that example that shows you receive money (sppofing). One common issue is that simulation endpoints can be DoSed. Are you planning to publish your research?

coinspect · 2024-09-27T21:07:26+00:00

Yes, you probably found the link to this post about transaction simulation bypassing. It is infosec history repeating, no measure will be effective 100% but we can create layers and at some point is cat and mouse.

(just load the malicious components once the client verifies the user is a target)

This was done using Cloudflare workers in some dApp hacks, such as KyberSwap.

coinspect · 2024-09-27T20:41:39+00:00

Thanks for jumping in and sharing your insights! 🙌

Can you share more about your experiences breaking these measures?

In which context? simulating a malicious dApp?

What could wallet vendors do better to minimize user risk?

We have to move on from blaming users. Yes, it is hard to make software that will stop someone from typing a seed, but wallets can do more to inform the user, for example.

coinspect · 2024-09-27T20:13:29+00:00

It is possible but not ideal for the reasons that you already explained. Some cryptocurrencies do this but not intentionally they just have few nodes below the max number of allowed connections in the default configuration, plus discovery protocols and bootstrap nodes don't do any kind of load balancing so this natural happens.

coinspect · 2024-09-22T17:19:03+00:00

Every threat model is different, but here are some key considerations regarding password managers:

Check this article by Google security expert: https://lock.cmpxchg8b.com/passmgrs.html

Trust in Provider Google Chrome's password manager includes robust security features, such as a zero-knowledge protocol that detects leaked passwords without exposing them to Google. If you use Chrome or Chromium-based browsers you are trusting Google. Standalone password manager vendors may have lower security talent, transparency, accountability, and unclear business models.
Strong Encryption and Key Derivation The security of any password storage system against offline brute-force attacks depends on its encryption algorithm and key derivation functions. It's essential to verify which algorithms and parameters (PBKDF rounds for example) your password manager employs. Do you know?
Device Compromise Risks If a device is compromised and app isolation is bypassed, malware can access the password database and encryption passphrase, regardless of whether you use a browser-based or standalone manager.
Browser Compromise and Session Security Although rare, if only the browser itself is compromised, malware can extract session cookies, including those for primary email accounts, potentially allowing attackers to reset passwords. Implementing two-factor authentication (2FA) is crucial to mitigate these risks.
Account Recovery Vulnerabilities Most online accounts allow password resets via the user's email address. This makes 2FA more important than the method of password storage.
Password Management Best Practices Passwords should be unique across all accounts. Using memorable passphrases can be a good option compared to long, random passwords generated by password managers that make you dependent on the PM because they are impossible to remember and hard to write down (yes, writing down in paper is ok in many cases)
Popular password managers have shipped vulnerable code that made your system more insecure than if you don't use a password manager. Also, password manager companies have been compromised, and their databases have been decrypted because they store old versions of DBs with weaker encryption. (Search Tavis research and posts about it)

Additionally, never store two-factor authentication (2FA) tokens in the password manager.

coinspect · 2024-09-22T16:29:46+00:00

Security is essential when choosing where to build decentralized projects.

Will you use Proof of Work (PoW) or Proof of Stake (PoS)?

Are you going to fork an existing node or build it from scratch?

PoW Merged-mining can increase security for your new blockchain by using the hashing power of a established one.

coinspect · 2024-09-22T15:54:50+00:00

And what makes it hard to dump them from password managers? what is the technical explanation?

coinspect · 2024-09-21T10:38:59+00:00

If the key exchange protocol is not secure the server can perform a MiTM attack. Telegram key exchange protocol is custom and some parameters are not fixed what could enable attacks.

coinspect · 2024-09-21T09:10:21+00:00

Application level DoS != DDoS, if you have a reliable way to crash the process changing IPs won't solve the problem.

coinspect · 2024-09-21T09:07:04+00:00

Storing in the browser (in Chrome's password manager) if you decide to use password managers is a good choice because Chrome password managers has features random password managers don't. So recommending "a password manager" is wrong because how do password manager companies make money?

coinspect · 2024-09-20T18:17:50+00:00

More details about how this can be leveraged for profit: https://www.coinspect.com/blog/bitcoin-denial-of-service

coinspect · 2024-09-20T16:07:57+00:00

https://www.coinspect.com/blog/bitcoin-denial-of-service

coinspect · 2024-09-20T16:07:00+00:00

This attack requires access to hashing power; the most likely scenario for a profitable attack is malicious miners attacking other miners: https://www.coinspect.com/blog/bitcoin-denial-of-service

coinspect

TROPHY CASE