The CoinSec Podcast-logo

The CoinSec Podcast

United States

More Information


United States




Episode 14: Special Guests Maurelian and Bernhard from ConsenSys

In episode 14 we are joined by Maurelian and Bernhard from ConsenSys. They brought their knowledge around smart contract security to the show. Bernhard recently published a paper titled "Smashing Ethereum Smart Contracts for Fun and Real Profit" that introduces a security analysis tool for Ethereum smart contracts called "Mythril". Discussion around auditing smart contracts and how to get started in smart contract security was also had. Show Notes:...


Episode 13: Top 10 Smart Contract Vulns (DASP), Flaw in Zerocoin, ACINQ Losing Their Code Signing Key, & $3.3 Million in Bitcoin Stolen from CoinSecure

A cryptographic flaw was found in Zerocoin. Hosts discuss the top 10 smart contract vulnerabilities as detailed in the Decentralized Application Security Project (DASP). ACINQ lost their code signing key forcing them to push a new Android app. $3.3 million worth of Bitcoin was allegedly stolen from the CoinSecure exchange. Honk Kong by Taseh is licensed under a Attribution-NonCommercial-ShareAlike License. Based on a work at Business Box by Audeka is licensed...


Episode 12: Special Guest Sneakerhax, Wallet Software Security, Android App Mining Malware, and Verge Hacked

In episode #12 we welcome special guest Sneakerhax to the CoinSec Podcast! We discuss some of the security issues around cryptocurrency wallet software. Malicious coin-miners have been found embedded into semi-legitimate Android applications. Lastly, we discuss Verge cryptocurrency being hacked. Honk Kong by Taseh is licensed under a Attribution-NonCommercial-ShareAlike License. Based on a work at Business Box by Audeka is licensed under a...


Episode 11: Cryptocurrency Hidden in Artwork, Atlanta Ransomware, Drupalgeddon 2.0, and Fileless Crypto-Malware

This week on the CoinSec Podcast Brian Krebs investigates who and what Coinhive is. The city of Atlanta is fighting a ransomware attack. Drupalgeddon 2.0 is happening as a new RCE has surfaced. Fileless crypto-mining malware has surfaced. All that and more on CoinSec Ep. 11. Honk Kong by Taseh is licensed under a Attribution-NonCommercial-ShareAlike License. Based on a work at Business Box by Audeka is licensed under a Attribution-Noncommercial-Share Alike 3.0...


Episode 10: Ledger & Trezor Vulns, Illegal Content on the Blockchain, Epic Coinbase Bug Bounty, $20 Million in Eth stolen, and More

A fifteen-year-old found some pretty epic vulnerabilities in both of the leading hardware wallets Ledger Nano S and Trezor One. Research was released detailing how there is potentially illegal content being posted on the Bitcoin blockchain. A $10,000 bug bounty was payed out by Coinbase to a researcher who found a vulnerability that would have allowed an attacker to steal millions in Ether. Over the past two years attackers have been stealing over $20 million in Ether from publicly facing...


Episode 9: IOTA Signature Issues, Monero ASICs, Echidna Fuzzer, CryptoSecure ICO, and CryptoHex Steel Rod Seed Backup

This week Beau and Ralph discuss a new vulnerability patched in IOTA related to signature issues. Monero is forking due to ASIC mining systems hitting the market for the CryptoNight algorithm. Trail of Bits released a new smart contract fuzzer called Echidna. A Kickstarter for a steel rod called CryptoHex to store BIP39 seeds is running. Additional topics covered this week were the CryptoSecure ICO, Google banning cryptocurrency ads, and more!


Episode 8: Bitcoin Private, Binance Stop Hackers, Ethereum Eclipse Attacks, and Electroneum Hardcoded Hash

Bitcoin Private is a fork of a fork of a fork that merges the ZClassic and Bitcoin blockchains. The Binance exchange protected its' users against a major hack this week. Researchers found that the Ethereum network was vulnerable to 'Eclipse' attacks. Electroneum re-implemented a bug where a hardcoded hash was copied over from Monero. Lastly, $2 million worth of cryptocurrency mining equipment was stolen from a mining farm in Iceland.


Episode 7: Cracking Bitcoin Wallet Passwords, Key Collisions, Ethereum Honeypots, and Jaxx/ Wallet Vulns

How to crack Bitcoin wallets with BTCRecover was discussed by the hosts on this week's episode of the CoinSec Podcast. Hackers hacking hackers with Ethereum honeypots was talked about. Discussion around the potential of generating keys that match wallet addresses was had. Lastly, don't store your mnemonic recovery keys on your disk or your going to have a bad day (Looking at you and Jaxx wallets).


Episode 6: Cryptocurrency Sidechains, Bitgrail Hacked, Bitmessage 0-day, and the Next Dark Web Currency

Sidechains in cryptocurrency have been a relatively hot topic recently with currencies like Cardano and Lisk building functionality around them. Security concerns around sidechains were discussed in this episode. The crew talked about the Bitgrail hack, a 0-day vulnerability in Bitmessage, and the next dark web currency. Also discussed was how SETI (Search for Extraterrestrial Intelligence) is upset about the lack of availability of GPU's to use in their search for aliens.


Episode 5: Travis Lelle (Host of Bitbull) Interview, Verge Wraith Protocol, Russian Supercomputer Mining, and Predictable PRNG's in Smart Contracts

The CoinSec Podcast welcomes Travis Lelle (host of The Bitbull Podcast) to the show for an interview. Steve gave a rundown of the Verge cryptocurrency Wraith Protocol. A Russian engineer tried to use a supercomputer to mine Bitcoin. More mining malware, a Ledger hardware wallet vulnerability, predicting PRNG's in Ethereum Smart Contracts, and more on this week's episode!


Episode 4: Smart Contract Security Issues, Coincheck Hack, NIST Guidance on Blockchain, Coinhive in Google Ads, and WannaMine

On this episode Mike Felch (@ustayready) details some of the critical vulnerabilities that can be introduced into Ethereum smart contracts. The largest cryptocurrency hack ever happened to Coincheck. Coinhive made it's way into Google ads, and a new malware called WannaMine is using the NSA Eternal Blue exploit to compromise more hosts to mine on. Also, NIST put out guidance on Blockchain & cryptocurrency.


Episode 3: Intro to Mining, Sia ASICs, VeChain DRP Plan, Hacken, and North Korea Hacking South Korean Exchanges

Steve Borosh (@424f424f) gives an introduction to mining cryptocurrencies. The hosts chat about the idea of splitting up private keys in different physical locations. News items for the week included VeChain's first ever cryptocurrency disaster recovery plan, reports of North Korea hacking South Korean exchanges, Sia ASIC miner drama, and discussion around millions being stolen from ICO's every month. Lastly the group chats about the penetration testing and bug bounty token


Episode 2: Chris Gates (carnal0wnage), Blackwallet Hack, Lisk Vuln, and Cryptocurrency Mining Malware

This episode welcomes Chris Gates (AKA carnal0wnage) to the show to discuss how he got into cryptocurrency, and his new cryptocurrency project "The Great Altcoin Chase" ( Oracle WebLogic servers were being exploited to mine Monero, and Checkpoint states that Coinhive was the most prevalent malware of December, 2017. The Stellar Lumens wallet was DNS hijacked, and a vulnerability related to hijacking Lisk accounts was discussed.


Episode 1: Intro to CoinSec!

In this inaugural episode of the CoinSec Podcast each host provided a brief history of their involvement in the InfoSec industry, and how they each got into cryptocurrency. Discussions were had around the latest vulnerabilities in the crypto space. Critical Electrum & Parity wallet vulns were discovered. had a critical vulnerability specifically related to Bitcoin payments. Also discussed was how malware authors are moving away from Bitcoin to Monero as a form of payment. The...


Try Premium for 30 days

Live games for all NFL, MLB, NBA, & NHL teams
Commercial-Free Music
No Display Ads