‘Ice phishing’ on the blockchain

The technologies that connect us are continually advancing, and while this brings tremendous new capabilities to users, it also opens new attack surfaces for adversaries and abusers. Social engineering represents a class of threats that has extended to virtually every technology that enables human connection. Our recent analysis of the Badger DAO attack (opens in new tab), a phishing attack that occurred in November-December 2021, during which the attacker was able to steal approximately 121 million US dollars from users, reaffirms the durability of these threats as well as the need for security fundamentals to be built into related future systems and frameworks, which we explore in this post.