In Week 13 of 2024, the cybersecurity landscape faced a significant threat as almost $75M was stolen from six projects, primarily by malicious insiders. Let’s delve into some of the noteworthy hacks that occurred during this time.
One of the major incidents involved a carefully inserted backdoor in the xz library used by sshd, almost compromising every major piece of web2 infrastructure. Fortunately, the malicious code was detected by an individual debugging long execution times and valgrind errors. This serves as a reminder to consider such scenarios in threat models, especially for entities relying on third-party infrastructure.
Moreover, nation-state actors have been targeting crypto projects for the past two years, with one such incident involving a malicious insider at Blast project resulting in a loss of $62.5M for Munchables. Fortunately, the full amount was returned within 8 hours of the theft, possibly due to the attacker’s awareness of past hacks where stolen funds were frozen.
In another breach, Prisma Finance lost $11.6M, prompting a negotiation with the attacker who made non-financial demands, showcasing their ego and self-righteousness. The importance of transparent communication and taking responsibility for security lapses was emphasized through the necessity of holding an online press conference to address users, investors, and the public.
To keep abreast of comprehensive vulnerability write-ups, post-mortems, and exploit proof of concepts related to these incidents, subscribing to the premium plan is recommended.
In conclusion, the cybersecurity landscape in Week 13 of 2024 witnessed significant breaches and insider threats, underscoring the importance of robust security measures and proactive risk mitigation strategies. Stay informed, stay secure.
