The 8220 Gang, aka Water Sigbin, a China-based threat actor group, is exploiting vulnerabilities CVE-2017-3506 and CVE-2023-21839 in Oracle WebLogic servers to deploy the XMRig cryptocurrency miner. They use sophisticated obfuscation techniques, including .Net Reactor for code protection, to hide malicious code and evade detection. Protect your system against this threat and find out how here: https://bit.ly/45RMDZd
Trend Micro’s Post
More Relevant Posts
-
🔗 CyVers 》Proactive Web3 Security have recently dropped their security report and there is a lot of information people should know. "Smart Contract Vulnerabilities, with a total financial impact of $607M, represent another major attack vector in the Web3 space. These attacks exploit flaws or weaknesses in the code of smart contracts or other blockchain components. The significant financial toll of these incidents highlights the ongoing challenges in ensuring the security and integrity of smart contract code." Great work Deddy Lavid & Meir Dolev. Recommend everyone gives it a read! #blockchainsecurity #fraud #crypto
To view or add a comment, sign in
-
-
IT plays a critical role in digital transformation in the web3 space, particularly in ensuring security. Security is of paramount importance in web3 as it involves decentralized systems, smart contracts, and digital assets. IT professionals implement robust security measures, conduct audits, and establish secure coding practices to protect against vulnerabilities and attacks. By safeguarding user data, digital assets, and the integrity of decentralized applications, IT enhances trust, fosters adoption, and mitigates risks, thereby enabling the secure and sustainable growth of the web3 ecosystem. #innovation #web3 #web3audit #blockchain
To view or add a comment, sign in
-
Starting a smart contract security audit? 🕵️♀️ Here are 3 fundamental questions to ask about the project/ protocol: 1️⃣ What are the contract's intended functionalities and objectives? Understanding its purpose is crucial for identifying potential vulnerabilities. 2️⃣ How does the contract handle user input and external data? Ensuring robust input validation is key to thwarting common attack vectors. 3️⃣ What external dependencies does the contract rely on? Assessing third-party interactions helps uncover possible risks. #smartcontracts #development #blockchain #web3security #ethereum #solidity #security #web3
To view or add a comment, sign in
-
Smart contract developers are wired to think: "How do we write smart contracts that do what we want?" Smart contract auditors are wired to think: "How do we break down smart contracts and find the security vulnerabilities?" Smart contract developers are not smart contract auditors. #blockchain #smartcontracts #smartcontractauditor #smartcontractdeveloper
To view or add a comment, sign in
-
🏦 How to store UBD and UBDN? Bugs in smart contracts, security vulnerabilities, various kinds of defects, and shortcomings in solutions that offer profitability for owners of crypto assets have been easy prey during the last couple of years for computer geniuses who do not want to play by the rules. 💰 By the end of 2022, about $3 billion had been stolen by hackers. Malicious attacks remain a big blockchain problem that spills over from year to year, the only thing that changes is the direction the hackers take. 📝 Therefore, for our users we have implemented one of the main UBD Network rules Hold and Gain, according to which the user should always keep his assets in the wallet and never transfer them to anyone, and our special UBD Network Algorithm monitors whether the funds have been moving or not. This simplifies usability for users and significantly increases the level of security of funds, reducing the risk of possible attacks many times over. https://lnkd.in/dkBZZbUc
To view or add a comment, sign in
-
-
Ethical hackers uncover potential threats in Lamassu Bitcoin ATMs, prompting swift action to safeguard users. https://wix.to/ok5C5Q0 #web3 #bitcoinatm #atm #cryptoatm #Lamassu #Lamassubitcoin #btcatm #safeusers #cryptocurrency #cryptowallet #withdrawcrypto #bitcoinmachine #web3 #web3technology #blockchaintechnology #blockchain #vulnerability #hackers #hack #hacking #blockonome #coindesk #bitcoinnews #cryptonews
To view or add a comment, sign in
-
A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive ,allowing the hackers to breach online cryptocurrency trading accounts. It allowed threat actors to create malicious.RAR and .ZIP archives that displayed seemingly innocous files such as JPG(.jpg) images,text files(.txt),or PDF(.pdf) documents. The zero-day was fixed in WinRAR version 6.23 .The latest version is 7.0
To view or add a comment, sign in
-
-
Explore the ultimate list of the top 10 smart contract security tools to fortify your blockchain projects. From static analysis to dynamic scanning, these tools provide robust protection against vulnerabilities, ensuring the integrity of your smart contracts. 🎯 𝐊𝐧𝐨𝐰 𝐌𝐨𝐫𝐞 👉 https://lnkd.in/g5CW-T3A #SmartContractSecurity #BlockchainDevelopment #SecurityTools #SmartContractAuditing #BlockchainSecurity #SecureCoding #Solidity
To view or add a comment, sign in
-
-
Our express audit service is designed to deliver timely results without compromising on quality.
Do you think audits of smart contracts are optional? 🤔 While smart contracts execute automatically based on their original logic, flawless execution doesn't guarantee total security. Read about the most common smart contract vulnerabilities in 2024 on our blog: https://lnkd.in/eTdDNnJa We offer a free express audit of smart contracts to take the security of your projects to the next level! 🛡 It includes: 🔍 A review using static analysis tools 🔍 Code review for compliance with best practices (including gas optimizations and linter checks) Duration: 1-2 days 📅 🤝Condition: Smart contracts must undergo functional testing and should not exceed a total of 1000 lines of code. Learn more: https://lnkd.in/ecyzNUBa #blockchainsecurity #smartcontracts #security #audit #blockchain #web3 #decentralized #decentralization #cybersecurity #crypto
To view or add a comment, sign in
-
-
The quick turnaround time of 1-2 days for the audit is particularly appealing for developers looking to expedite the security assessment process.
Do you think audits of smart contracts are optional? 🤔 While smart contracts execute automatically based on their original logic, flawless execution doesn't guarantee total security. Read about the most common smart contract vulnerabilities in 2024 on our blog: https://lnkd.in/eTdDNnJa We offer a free express audit of smart contracts to take the security of your projects to the next level! 🛡 It includes: 🔍 A review using static analysis tools 🔍 Code review for compliance with best practices (including gas optimizations and linter checks) Duration: 1-2 days 📅 🤝Condition: Smart contracts must undergo functional testing and should not exceed a total of 1000 lines of code. Learn more: https://lnkd.in/ecyzNUBa #blockchainsecurity #smartcontracts #security #audit #blockchain #web3 #decentralized #decentralization #cybersecurity #crypto
To view or add a comment, sign in
-
--
3dAbsolutely Amen 🙏 🙌 👏 ❤️.