The Good Hackers of Crypto: I was having a conversation with the team at Amber Group recently and they told me a wild white hat story. I’ve asked them to put together a guest post to re-tell that story below. Enjoy!
It was 5:24 AM in Taipei, an early Wednesday morning on April 14th when the SQL filter started sending out alerts: A vulnerable Primitive user with 500 WETH is at risk. At 9:32 AM, a screenshot demonstrating the exploit was sent to ImmuneFi through Twitter and Telegram. At 10:03 AM, the problem was resolved and the victim was out of the risk. A total of over $1 million was rescued, in less than one hour.
It sounded like a miracle but it was not. If it was, it would be the magic of the white hats – those who are constantly screening protocols, finding bugs, and helping exploit protocols before funds can be stolen by malicious hackers.
White Hats – the Unsung Heroes in Crypto
With the booming of DeFi (Decentralized Finance) protocols, we have seen a dramatic increase in the number of hacks, and consequently a massive sum of financial losses in the space. If we just take a look at the recent high-profile attacks, you will see: Vee Finance was attacked on September 20 for a total of 8804.7 ETH (around $26 million) and 213.93 BTC (around $9 million). Cream Finance has lost over $34 million in cryptocurrency after an attacker exploited a vulnerability on August 31. Poly Network suffered an exploit on August 10, resulting in a record-breaking $600.3 million loss.
Searching a little bit further, you will find hundreds of thousands of more hacking stories, all adding to the oversold narrative that “Crypto can be scary. Be careful”, and eventually leading to the prevailing theory that hackers are always looking for ways to exploit vulnerabilities and cause harm. This type of bad hackers certainly exists and is commonly known as “black hats”, but in reality, they aren’t the only hackers lurking in the crypto ecosystem.
The other type of hackers is what we mentioned at the beginning of this article – the well-intentioned white hats. White hats do not simply launch malicious attacks for the sake of personal gains. Instead, they report all the vulnerabilities they find to protocols so as to fix the loopholes before they are exploited by any malicious actors. In a nutshell, white hats are playing a key role in protecting the community in the DeFi sector. However, compared with black hats whose stories are reported from time to time, white hats seem to get less attention and don’t get enough recognition they deserve. But the truth is, we need white hats more than ever in the DeFi ecosystem that is full of vulnerabilities.
Amber Group White Hat Team
Often, white hats are security researchers working independently or with other researchers. At Amber Group, we have a group of full-time white hats focusing on the research of vulnerabilities and exploits.
For those who don’t know, Amber Group is a market leader in pricing, trading, and hedging complex cryptocurrency products, with strong roots in both CeFi (Centralized Finance) and DeFi. Earlier this year, the firm hired Dr. Chiachih Wu, PeckShield co-founder, as Head of the Blockchain Security Research team to lead its white hat team. In the past five months, the team has safeguarded a dozen protocols and helped rescue millions of dollars from the hackers, including Primitive Finance mentioned above.
In the very beginning, the team just wanted to reproduce the whitehack and learn from it. Accidentally, they identified some hidden victims, including one vulnerable user with 500WETH at risk. By using the BigQuery service, the team was able to extract the events, arrive at a list of possible victims, and finally identify the potential one by running a periodical script. With the help of the Primitive team, the victim was notified and resolve the problem by resetting the approvals. The team was therefore awarded a bounty reward by the Primitive team, which was then donated to the India COVID-19 Relief Fund, run by co-founder and COO of Polygon Sandeep Nailwal.
Up to now, the Amber Group white hat team has reproduced over 50 protocol exploits such as Cream Finance exploit caused by the AMP token integration, the DeFiPIE incident on Binance Smart Chain, and Spartan Protocol exploit which saw $30M drained from its liquidity pool. To prevent similar attacks from happening again, the team breaks down the exploits in articles that are all available on Amber Group’s Medium.
Additionally, the team is now working on a platform that is designed to help security researchers easily reproduce security incidents that happened on blockchains. Since all transactions, state changes, and emitted events are perfectly recorded in archive nodes of most blockchains, we can encapsulate any specific time slot of the crypto world into a docker image and simulate transactions from that as a standalone side-chain.
For example, one can go back to June 2016 and reproduce the TheDAO incident on the exact victim contract and states. Besides, whitehats can easily demonstrate zero-day exploits to others without leaking information or messing up the states of possible victim smart contracts. So far, the team has prepared 50+ working encapsulations of known security incidents with a web-based console. Based on that, developers and junior security researchers are able to learn blockchain security by hacking real-world examples with zero environment setup efforts (e.g. syncing an archive node). Furthermore, the platform can also be tweaked for hosting CTF.
To build the platform, the team has actually integrated many existing tools like Eth-brownie and Ganache. In addition, the team has dived into blockchain clients for crafting the lightweight snapshot on arbitrary block height, which is the most challenging part. It is hoped that this platform will become one of the must-use tools for blockchain security researchers.
There’s no perfect system. We’ll keep seeing zero-days being identified as long as human beings keep coding. In the centralized banking system, a bad actor may control the online banking app and steal the credit card information by hacking a phone, but the stolen money could still be rolled back somehow. In the blockchain world, however, theft of over $10 million happens almost every week and almost none of them could be rolled back (except TheDAO). The good thing is, we still have the white hats with us – the good hackers in crypto.
Amber Group is a global FinTech unicorn backed by some of the best investors across the world including Tiger Global, DCM, China Renaissance, Coinbase, Paradigm, Pantera Capital, etc. The Amber App, which was launched by Amber Group last September, is an all-in-one application designed for users of all levels. Download Amber App today to earn, invest, swap, and trade crypto at your fingertips: https://ambercrypto.com/
Credit:GlobalCrypto.Exchange | AmberCrypto
All the credit goes to respective authorities. DM for any removal please.
Read More >>>