Smart contracts are core tools for scammers and protocol attackers to steal digital assets.
As there is now more scrutiny by both users and security tools, scammers are answering with deception.
There is a long history of malware detection and evasion growing side-by-side in the binary and web2 spaces.
It is very likely web3 will follow the same path: this repository will detail the latest developments.
The current version of the report is available in PDF in the report subfolder.
It has 3 different variants based on the theme: dark / Forta / light.
The figures are also exported separately in the figures subfolder.
From the root directory of the repository:
cd sources/
lualatex --output-directory ../report/ dark.tex
lualatex --output-directory ../figures/ figures/light.texThe report can be built with pdflatex, xetex or lualatex.
The Forta theme requires either xetex or lualatex since it is using specific fonts.
Some techniques are illustrated with POC / real-world examples.
The goal is to build a labeled dataset of malicious code.