Fighting Scams with Data Sharing at the Security Alliance

Why SEAL?

SEAL has been working tirelessly in the shadows for more than a year under the leadership of samczsun, an accomplished Whitehat Hacker and Head of Security at the crypto venture firm, Paradigm.

In February 14th 2024, SEAL launched publicly as a registered non-profit, with donors including: Vitalik Buterin, Paradigm, Ethereum Foundation, a16z Crypto, Dragonfly Capital, Electric Capital, and many more.

All members of the Security Alliance abide by a strict Code of Conduct, which brings together a trusted circle of contributors across the crypto industry. This neutral environment has bridged gaps between individual researchers, cryptocurrency exchanges and trading platforms, wallet and infrastructure providers, cybersecurity firms, and legal and compliance experts.

1. Be Accountable
2. Act Ethically
3. Protect Sensitive Information
4. Speak The Truth
5. Respect Others
6. Stay Informed

Security Alliance fosters an environment that facilitates the sharing of critical threat intelligence data. New Tactics, Techniques, and Procedures (TTPs) are discovered every day by security researchers across various organizations in crypto, and SEAL provides a safe environment for information sharing and collaboration.

This collaborative effort and our ongoing partnership with SEAL members is a testament to our shared commitment to safeguarding Web3. Open security data is the best way to provide real-time protection against new phishing attacks.

SEAL's website explains the philosophy and method that is used to bring together collaborators in a social space to engage in practical solutions with meaningful adoption

SEAL’s Initiatives

SEAL 911

A free 24/7 emergency hotline for help with incident response, vulnerability disclosure, or any other security problem. Operators from the SEAL community are available as first responders via Telegram bot to connect individuals, companies, and protocols with security questions to trusted and knowledgeable security experts that abide by the SEAL 911 Code of Conduct.

SEAL Wargames

A set of free exercises conducted by SEAL acting as the “red team” (a group that plays the role of potential attackers) to help prepare your developers for the next war room. Simulated incident drills run by SEAL help test teams’ response time and help refine processes for dealing with security incidents.

Most recently, SEAL has collaborated with the Base and Optimism (OP) teams to test their response to a simulated vulnerability in bridge withdrawals, resulting in key learnings to enhance security posture and response capabilities.

Whitehat Safe Harbor Agreement

The Whitehat Safe Harbor Agreement is a framework designed to protect whitehat hackers who help recover stolen funds during an active exploit. By adopting this agreement, protocols provide a clear set of guidelines for ethical hackers to follow, incentivizing them to assist in on-chain rescue efforts.

This preemptive security measure (akin to a bug bounty program but specifically for active exploits), offers legal protection for Whitehats, ensuring they won't face repercussions for their actions in good faith. The agreement ultimately fosters a safer environment for protocols and their users, encouraging swift action during security breaches.

SEAL-ISAC

An Information Sharing and Analysis Center (ISAC) providing a central resource for gathering information on cyber and related threats to the blockchain and cryptocurrency ecosystem.

Over the past few months, SEAL 911 has helped several protocols and hundreds of users with their security needs. Many of these cases end up generating some useful artifacts such as information about the exploit itself, attacker’s wallet addresses, and related signatures like phishing websites and C2 servers.

However, most of this useful threat intel is hidden away in private messages and notebooks, and inaccessible to other Whitehats, researchers, or sleuths.

The SEAL-ISAC provides a database where the SEAL community can collect, organize, correlate, and distribute threat intel across the crypto ecosystem in a way that is easily reachable and built on top of industry-standard tooling.

https://x.com/tayvano_/status/1780616827238064257

ChainPatrol @ SEAL

Our partnership with SEAL begins with our contributions to two very important SEAL initiatives: SEAL 911 and SEAL-ISAC.

Our commitment to brand protection extends to our work with SEAL 911. We actively support cases involving phishing, impersonation, and account takeovers—all of which pose significant threats to Web3 companies and their customers.

We provide SEAL 911 with access to our cyber-threat intelligence database via our API, which feeds SEAL’s Telegram support bot data about malicious domains, and allows it to submit domains which are identified as suspicious to our systems for further review and enforcement actions.

Additionally, with the launch of the SEAL-ISAC initiative, cyber threat intelligence data from ChainPatrol is now available for all members of the SEAL collective for use in their own threat detection tools and analysis. Curated by staff at SEAL, the ISAC is a centralized repository that allows analysts to enrich and connect sources of threat intelligence data from related threat actors in Web3.

And we’re just getting started!

Our collaboration with SEAL members like samczsun, pcaversaccio, Fabio (Blowfish), Niv (Hexagate), and other industry partners within the Security Alliance continues to open new avenues for enhancing security measures. Together, we are designing innovative strategies to secure the blockchain ecosystem for everyone involved!

"ChainPatrol is one of the leading companies in the crypto brand protection space and has been an extremely valuable partner in our efforts to reduce the damage caused by phishing attacks. We're extremely excited to continue working together to make crypto safer for everyone"

samczsun
Security Alliance

We encourage all in the Web3 ecosystem to learn more about the Security Alliance on their Website.

To stay up-to-date with the latest activities, follow both SEAL and ChainPatrol on X (Formerly Twitter), and engage with us through one of the many initiatives that are already making a huge impact on safety and security in Web3.