All your Ether belong to us (a.k.a Hacking Ethereum-based DApps)


Authors:   Luis Quispe Gonzales


The presentation discusses the security vulnerabilities of Ethereum-based decentralized applications (DApps) and how to protect against them.
  • Blockchain technology is complex and adoption is still scarce
  • DApps are emerging as candidates to change the game due to their ease of use and ability to leverage the power of blockchains
  • The presentation focuses on Ethereum-based DApps and their vulnerabilities
  • The ultimate goal is to understand how to attack these applications and how to protect against attacks
  • Secure design patterns, continuous security training, and manual security testing are important for creating and maintaining secure smart contracts
The presenter shares his experience as a lead offensive security engineer at a specialized company for cybersecurity in blockchain and cryptoworld


Abstract:​Blockchain technology is extremely fascinating... has captured our imaginations because of its huge potential to revolutionize industries such as logistics, food safety, music, insurance, banking, and even voting systems; however, its adoption is still very scarce. The reason is simple: blockchains are complex to use by end users.During recent years, decentralized applications (DApps) have been emerging as candidates to change the rules of the game, mainly because of their ease of use and capability to leverage the full power of blockchains. The big question is... are DApps really secure?This presentation will show how Ethereum-based DApps work, the technology behind them and some of their most common vulnerabilities. The ultimate goal will be to understand how to attack these applications and, especially, what to do to be protected.​​​


Post a comment

Related work

Conference:  RSA Conference 2023
Authors: Miroslav Kiš, Bobby Singh

Authors: Dan Murphy, Frank Catucci

Conference:  Defcon 31
Authors: Christien 'DilDog' Rioux Cult Of The Dead Cow, Katelyn 'Medus4' Bowden Cult Of The Dead Cow