Автор: Crypto Deep Tech

ChatGPT has become an integral tool that most people use daily to automate various tasks. If you have used ChatGPT for any length of time, you would have realized that it can provide wrong answers and has limited to zero context on some niche topics. This brings up the question of how we can tap into chatGPT…

In this article, we will show in detail on slides how to install "SageMath" on a Fedora 30 64bit (10GB) cloud virtual server. For example, we will use the "DIGITAL RUBLE TECH" server . Previously, we used the Google Colab cloud service to install "SageMath" , but unfortunately, due to the latest updates, not all components for cryptanalysis of the Bitcoin blockchain work properly. Registration: First we need…

Front-Running AKA Transaction-Ordering Dependence The University of Concordia considers front-running to be, "a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades." This knowledge of future events in a market can lead to exploitation. For example, knowing that a very large purchase of a specific token is…

In this article, we will implement a Twist Attack using example #2, according to the first theoretical part of the article, we made sure that with the help of certain points on the secp256k1 elliptic curve, we can get partial values ​​​​of the private key and within 5-15 minutes restore a Bitcoin Wallet using the “Sagemath pollard rho function :…

The rise of fake cryptocurrency apps and how to avoid them. Scammers are using fake crypto apps to steal funds from investors. Some malicious apps find their way into official app stores. And, according to the latest fraud report, fraudsters are using fake crypto apps to steal money from unsuspecting crypto investors. It highlights that American investors have lost…

Background on Log4j Alibaba Cloud Security Team publicly disclosed a critical vulnerability (CVE-2021-44228) enabling unauthenticated remote code execution against multiple versions of Apache Log4j2 (Log4Shell). Vulnerable servers can be exploited by attackers connecting via any protocol such as HTTPS and sending a specially crafted string. Log4j crypto-mining campaign Darktrace detected crypto-mining on multiple customer deployments which occurred…

Not so long ago, the elliptic (6.5.4) package for standard elliptic curves was vulnerable to various attacks , one of which is the Twist Attack . The cryptographic problem was in the implementation of secp256k1. We know that the Bitcoin cryptocurrency uses secp256k1 and this attack did not bypass Bitcoin, according to the CVE-2020-28498 vulnerability, the confirming parties of the ECDSA algorithm transaction through certain points on the secp256k1…

But is actually just a trap. Honeypots work by luring attackers with a balance stored in the smart contract, and what appears to be a vulnerability in the code. Typically, to access the funds, the attacker would have to send their own funds, but unbeknownst to them, there is some kind of recovery mechanism allowing the smart…

In the last article: “Blockchain Attack Vectors & Vulnerabilities to Smart Contracts” we reviewed all known attacks on the blockchain, in this article we will talk about crypto threats again and we will talk about identifying vulnerabilities for Cold wallets, as well as for Hot wallets. Blockchain is the underlying tech layer made up of a decentralized…

</p> In this article, we will talk about all known attacks on the blockchain, as well as smart contract vulnerabilities. Blockchain isn't really as secure as we tend to think. Though security is integrated throughout all blockchain technology, even the strongest blockchains come under attack by modern cybercriminals. Blockchains can resist traditional cyber attacks quite well, but…