In today's session, Gregory Piet, a renowned cybersecurity expert and former black hat hacker, shares his insights from the Web3 battlefield. As the founder and head of cybersecurity operations for Hellfire Security, Gregory brings a wealth of experience, having presented research at over 17 international conferences and spoken at prestigious events like Defcon and Black Hat. Attendees are encouraged to actively participate by posting questions in the chat box for Gregory to address during or after the session
.
Here is the verbatim discussion:
Globally today's session is on stories from the web3 battle field a hacker's point of view by Gregory Piet Gregory Piet is a blackhead USA speaker cissp GCI gpen he is the founder and head of cyber security operations for Hellfire security he has presented research at over 17 International conferences he is a six-time speaker at Defcon and three time speaker at black hat we request all attending members to to please post question throughout the session in the chat box and we'll address those questions to the speaker from time to time or at the end of the session thank you Gregory for joining us today I would request you to take it forward from here I will assist with the Q&A towards the end thank you uh we had some technical pool now this particular price Oracle was using the balance in the liquidity pool to determine the price right so if you have less of one token on one side say you put your usdt in there and you take out your Nua you have less Nua and according to the law of scarcity Nua being more scarce is more valuable right that by pushing USD into that pool you pull no out NOA becomes more uh valuable right you distorted that exchange rate in that instance and then of course if you have a very favorable exchange rate at that point in time right if you have new already you can then trade that in other direction to get more USD than you normally would have if right that pricing orle was that manipulatable right it was basing uh the price based on just that liquidity pool bounce this happened to be a case just like that someone put usct in took out the NOA due to the law of scarcity new is now more valuable value of newa goes up if you happen to get newa at the going rate from another source right for the price that is more reasonable at least the market might consider more reasonable at that lower price original price uh before was lower now you've got a particular exchange though is trading it higher now because of the manipulation and you run your Nua back through that to pull usct out more now than you would have gotten because of the restored exchange rate.
Highlights:
Manipulation of Cryptocurrency Prices: Gregory discusses a case where a hacker manipulated the price of the cryptocurrency Nua by exploiting a liquidity pool imbalance and pricing oracle vulnerability. By unbalancing the pool, the hacker distorted the exchange rate, making Nua more valuable. This manipulation allowed the hacker to profit by trading Nua for more USD than they originally invested.
Gregory's insights shed light on the strategies and tactics employed by hackers in the Web3 landscape. By understanding the vulnerabilities in systems like liquidity pools and pricing oracles, cybersecurity professionals can better defend against such attacks. The session underscores the importance of vigilance and proactive security measures in safeguarding digital assets and maintaining trust in the evolving world of cryptocurrency and decentralized finance (DeFi).
Speaker:
Gregory Pickett is a renowned expert in the field of cybersecurity, currently serving as the Head of Cybersecurity. With extensive experience in identifying and mitigating security threats, Pickett is recognized for his deep understanding of both offensive and defensive cybersecurity strategies.
His leadership and insights have been instrumental in safeguarding digital assets and ensuring robust security protocols across various organizations.
Comments