Zombie dApps: Abandoned Web3 Sites Revived as Wallet Drainers
Attackers are registering expired dApp domains, linked from DeFi aggregators and old socials, to trick users into connecting wallets and draining their funds.
Blog
-
-
Wallet Security Ranking: Second Edition — April 2025
The second edition of Coinspect’s Crypto Wallet Security Ranking is live featuring 74 wallet apps across iOS, Android, and browser extensions. -
Critical Wallet Bugs Expose Users to Silent Crypto Drains
Discover how critical vulnerabilities in browser-based crypto wallets allowed attackers to drain funds without user interaction. -
Liquity v2 Governance Smart Contract Audit
Liquity engaged Coinspect to audit Liquity v2 Governance smart contracts, enhancing decentralized governance with modular initiatives and security measures. -
Liquity V2 Smart Contract Audit
Liquity V2 Smart Contract Audit -
Wallet Security Ranking: A New Unique Tool for Web3 Safety
We're excited to release the first results of the Crypto Wallet Security Ranking, our uniquely comprehensive ranking framework for crypto wallet security. -
The Making of Our Crypto Wallet Security Ranking
Discover how Coinspect developed the Crypto Wallet Security Ranking to elevate web3 security with scalable, objective wallet evaluations. -
The Hidden Dangers of God Mode in Smart Contracts
Smart contracts are often seen as immutable but the hidden 'God Mode' used by developers can undermine the decentralization promises of blockchain. -
How Crypto Wallet Security Improvements Can Stop Most Scams
Crypto wallet security improvements can block common scams that cost users millions. Discover how secure web3 wallets can protect you from phishing attacks. -
Bitcoin DoS Attack: Crash Competing Miners for Just 0.14 BTC
Bitcoin Core developers fixed and revealed a high-risk DoS vulnerability allowing attackers to crash 17% of mainnet nodes at a cost of just 0.14 BTC. -
Learn How To Make Secure Upgradeable Smart Contracts
Upgradeable smart contracts offer flexibility but introduce security risk. Learn common pitfalls in proxy patterns, storage management, and initialization. -
EUCLEAK Impact on Hardware Wallet Security
The EUCLEAK attack allows attackers to steal private keys with just minutes of physical access and bypassing crucial secure hardware attestation protocols. -
Bitcoin L2: Critical Merged-Mining Bugs We Uncovered
This article explores the mechanics of merged-mining, its security benefits, and the critical vulnerabilities identified by Coinspect in real-world implementations. With a focus on the Bitcoin L2 movement, we offer actionable insights for blockchain designers, developers, and researchers working to build secure, interconnected networks. -
How Coinspect Helped Secure Babylon's 1000 BTC Cap
Discover how Coinspect collaboration with Babylon have fortified the platform, ensuring a safe and successful launch of their Bitcoin-native staking protocol. Read about our contributions and the future of secure innovation in the Bitcoin L2 ecosystem. -
Soroban Source Code Audit - Tricorn Bridge
Coinspect conducted comprehensive security reviews of projects built on Soroban, Stellar's new smart contracts platform. Key findings from our audit of the Tricorn Bridge include the identification and resolution of critical vulnerabilities, contributing valuable insights to the Soroban security community. -
You are at risk. The Truth About Web3 Wallets
Web3 wallet security research: Identifying vulnerabilities and proposing standardized crypto wallet security score. -
Tari Layer 1 Blockchain and Wallet Security Audit
Tari blockchain and wallet audit: Comprehensive review revealing multiple security issues -
A UI Flaw in Top Crypto Wallets We Need to Address
EIP-712 text injection vulnerability affecting multiple crypto wallets: Analysis and implications -
OpenZeppelin Governor Smart Contract Denial of Service Flaw
Analysis of OpenZeppelin's Governor smart contract vulnerability discoverd by Coinspect Security -
Arbitrum's Seatbelt fastening after Tornado Cash attack
Analyzing Arbitrum's governance vulnerability and mitigation strategies -
Unveiling Transaction Simulation Challenges: Blowfish Case Study
Phantom wallet vulnerability: Exploiting transaction simulation in Solana -
EIP-712 implementation issue impacting 40+ wallet vendors
Coinspect's wallet security research project uncovered an EIP-712 implementation issue affecting over 40 web3 wallets. This widespread vulnerability could allow malicious actors to trick users into signing unintended transactions. The blog post details the research methodology, provides a comprehensive list of affected vendors with their response metrics, and offers insights into the varying approaches to bug report handling. -
Exactly Protocol Smart Contract Audits
Exactly Protocol smart contract audits: Findings from our year-long smart contract security review. -
Algorand Rekeying Attacks Explained
Analyzing Algorand's transaction validation and potential account control vulnerabilities -
Zendoo Layer 1 Blockchain Security Audit
Horizen's Zendoo sidechain: Source code review and security analysis -
Tempus DeFi Protocol Smart Contract Audit
Tempus DeFi protocol: Security review of smart contract implementation -
Incognito Bridge Smart Contract Audit
Security review of Incognito-Ethereum bridge smart contracts: Key findings -
Aragon ANT2, Minter, and Protocol Smart Contract Audit
Security review of Aragon systems: Key findings from our smart contract audit -
Liquity DeFi System Smart Contract Audit
Liquity DeFi system: Findings from our smart contract security audit -
Vesper Pools Smart Contract Audits
Vesper Pool's smart contracts under review: Our real-time security audit during development phase. -
Grin Layer 1 Blockchain Security Audit
Grin's MimbleWimble implementation: Critical vulnerability found and fixed. Our security audit reveals all. -
Zcash Overwinter Layer 1 Blockchain Audit
Zcash Overwinter upgrade: Security audit focusing on consensus and incentives -
Lesfex Exchange Penetration Test Results
Lesfex Cryptocurrency Exchange: Results of our week-long penetration test -
Zcash Layer 1 Blockchain Security Audit Results
Zcash launch imminent: Our security audit of this groundbreaking Zerocash protocol implementation. -
Bitcoin L2: Blockchain Database Best Practices
Explore best practices for building robust and reliable blockchain databases using the Bitcoin node API, an essential tool for those who Bitcoin L2. Learn how to avoid common pitfalls, handle blockchain reorganizations, and implement secure cloning methods. -
Capture the Coins Challenge 1: SIGHASH_SINGLE
Copay wallet vulnerability: Implications of our test transactions on Bitcoin security -
Copay wallet emptying vulnerability
Security analysis of Copay's multi-signature Bitcoin wallet implementation
-
Wallet Security Ranking: Second Edition — April 2025
The second edition of Coinspect’s Crypto Wallet Security Ranking is live featuring 74 wallet apps across iOS, Android, and browser extensions. -
Critical Wallet Bugs Expose Users to Silent Crypto Drains
Discover how critical vulnerabilities in browser-based crypto wallets allowed attackers to drain funds without user interaction. -
Liquity v2 Governance Smart Contract Audit
Liquity engaged Coinspect to audit Liquity v2 Governance smart contracts, enhancing decentralized governance with modular initiatives and security measures. -
Liquity V2 Smart Contract Audit
Liquity V2 Smart Contract Audit -
Wallet Security Ranking: A New Unique Tool for Web3 Safety
We're excited to release the first results of the Crypto Wallet Security Ranking, our uniquely comprehensive ranking framework for crypto wallet security. -
The Making of Our Crypto Wallet Security Ranking
Discover how Coinspect developed the Crypto Wallet Security Ranking to elevate web3 security with scalable, objective wallet evaluations. -
The Hidden Dangers of God Mode in Smart Contracts
Smart contracts are often seen as immutable but the hidden 'God Mode' used by developers can undermine the decentralization promises of blockchain. -
How Crypto Wallet Security Improvements Can Stop Most Scams
Crypto wallet security improvements can block common scams that cost users millions. Discover how secure web3 wallets can protect you from phishing attacks. -
Bitcoin DoS Attack: Crash Competing Miners for Just 0.14 BTC
Bitcoin Core developers fixed and revealed a high-risk DoS vulnerability allowing attackers to crash 17% of mainnet nodes at a cost of just 0.14 BTC. -
Learn How To Make Secure Upgradeable Smart Contracts
Upgradeable smart contracts offer flexibility but introduce security risk. Learn common pitfalls in proxy patterns, storage management, and initialization. -
EUCLEAK Impact on Hardware Wallet Security
The EUCLEAK attack allows attackers to steal private keys with just minutes of physical access and bypassing crucial secure hardware attestation protocols. -
Bitcoin L2: Critical Merged-Mining Bugs We Uncovered
This article explores the mechanics of merged-mining, its security benefits, and the critical vulnerabilities identified by Coinspect in real-world implementations. With a focus on the Bitcoin L2 movement, we offer actionable insights for blockchain designers, developers, and researchers working to build secure, interconnected networks. -
How Coinspect Helped Secure Babylon's 1000 BTC Cap
Discover how Coinspect collaboration with Babylon have fortified the platform, ensuring a safe and successful launch of their Bitcoin-native staking protocol. Read about our contributions and the future of secure innovation in the Bitcoin L2 ecosystem. -
Soroban Source Code Audit - Tricorn Bridge
Coinspect conducted comprehensive security reviews of projects built on Soroban, Stellar's new smart contracts platform. Key findings from our audit of the Tricorn Bridge include the identification and resolution of critical vulnerabilities, contributing valuable insights to the Soroban security community. -
You are at risk. The Truth About Web3 Wallets
Web3 wallet security research: Identifying vulnerabilities and proposing standardized crypto wallet security score. -
Tari Layer 1 Blockchain and Wallet Security Audit
Tari blockchain and wallet audit: Comprehensive review revealing multiple security issues -
A UI Flaw in Top Crypto Wallets We Need to Address
EIP-712 text injection vulnerability affecting multiple crypto wallets: Analysis and implications -
OpenZeppelin Governor Smart Contract Denial of Service Flaw
Analysis of OpenZeppelin's Governor smart contract vulnerability discoverd by Coinspect Security -
Arbitrum's Seatbelt fastening after Tornado Cash attack
Analyzing Arbitrum's governance vulnerability and mitigation strategies -
Unveiling Transaction Simulation Challenges: Blowfish Case Study
Phantom wallet vulnerability: Exploiting transaction simulation in Solana -
EIP-712 implementation issue impacting 40+ wallet vendors
Coinspect's wallet security research project uncovered an EIP-712 implementation issue affecting over 40 web3 wallets. This widespread vulnerability could allow malicious actors to trick users into signing unintended transactions. The blog post details the research methodology, provides a comprehensive list of affected vendors with their response metrics, and offers insights into the varying approaches to bug report handling. -
Exactly Protocol Smart Contract Audits
Exactly Protocol smart contract audits: Findings from our year-long smart contract security review. -
Algorand Rekeying Attacks Explained
Analyzing Algorand's transaction validation and potential account control vulnerabilities -
Zendoo Layer 1 Blockchain Security Audit
Horizen's Zendoo sidechain: Source code review and security analysis -
Tempus DeFi Protocol Smart Contract Audit
Tempus DeFi protocol: Security review of smart contract implementation -
Incognito Bridge Smart Contract Audit
Security review of Incognito-Ethereum bridge smart contracts: Key findings -
Aragon ANT2, Minter, and Protocol Smart Contract Audit
Security review of Aragon systems: Key findings from our smart contract audit -
Liquity DeFi System Smart Contract Audit
Liquity DeFi system: Findings from our smart contract security audit -
Vesper Pools Smart Contract Audits
Vesper Pool's smart contracts under review: Our real-time security audit during development phase. -
Grin Layer 1 Blockchain Security Audit
Grin's MimbleWimble implementation: Critical vulnerability found and fixed. Our security audit reveals all. -
Zcash Overwinter Layer 1 Blockchain Audit
Zcash Overwinter upgrade: Security audit focusing on consensus and incentives -
Lesfex Exchange Penetration Test Results
Lesfex Cryptocurrency Exchange: Results of our week-long penetration test -
Zcash Layer 1 Blockchain Security Audit Results
Zcash launch imminent: Our security audit of this groundbreaking Zerocash protocol implementation. -
Bitcoin L2: Blockchain Database Best Practices
Explore best practices for building robust and reliable blockchain databases using the Bitcoin node API, an essential tool for those who Bitcoin L2. Learn how to avoid common pitfalls, handle blockchain reorganizations, and implement secure cloning methods. -
Capture the Coins Challenge 1: SIGHASH_SINGLE
Copay wallet vulnerability: Implications of our test transactions on Bitcoin security -
Copay wallet emptying vulnerability
Security analysis of Copay's multi-signature Bitcoin wallet implementation