CertiK Blog and News

Join Our Community Today!

An Analysis of How Attackers Stole 337 BTC From Cashaa’s Bitcoin Wallets

CertiK | Jul 16

In just half a day, attackers stole a total of 337 BTC stored in Cashaa-owned wallets. CertiK’s security researchers investigate and analyze the attack in detail.

[Webinar] Towards Building Trustworthy Blockchain Systems with Professor Ronghui Gu

CertiK | Jul 9

CertiK Co-Founder, Professor Ronghui Gu, spoke at the Columbia University Alumni Weekend Reinvented about security issues in blockchain, how formal verification can help solve those issues, and the work that CertiK is doing towards building trustworthy blockchain systems.

CVE-2020-5902 Analysis, F5 BIG-IP RCE Vulnerability

CertiK | Jul 7

The cybersecurity sphere was in a buzz about the new entry in the Common Vulnerabilities and Exposures database: CVE-2020-5902, a remote code execution vulnerability in F5 BIG-IP devices. Read on to learn what our security researcher discovered.

Copycat Attack on Balancer: Why DeFi Needs to Change

CertiK | Jul 2

Unlike the prior Balancer attack, attackers cleverly used the Compound financial model and spontaneously generated COMP tokens. Because these three attacks on Balancer occurred within a span of just two days, it certainly raises concerns about the future of DeFi.

Vulnerability in Electron-based Application: Unintentionally Giving Malicious Code Room to Run

CertiK | Jul 1

One of our security engineers discovered a remote code execution vulnerability in the Symbol desktop wallet and reported the vulnerability through their bug bounty program. Though the HackerOne report is not yet public, we give many thanks to the Symbol team for allowing us to disclose and share our findings.