Learn practical cyber security skills during SANS 2021 - Live Online. Choose from 30+ courses and three types of NetWars!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SEC554: Blockchain and Smart Contract Security - How to lose $280 million with a single line of code

  • Thursday, November 05, 2020 at 3:30 PM EST (2020-11-05 20:30:00 UTC)
  • Steven Walbroehl

You can now attend the webcast using your mobile device!



Blockchain and Smart Contracts are both emerging technologies filled with opportunity and innovation. However, like most new technology, it introduces new and unforeseen security vulnerabilities. At the end of 2017, one of the most infamous of these security failures was the Parity Bug in which a user accidently exploited the code of a multi-signature wallet. This small code flaw ended up losing users of the wallet over $280 million USD.

In this Webcast, Steven Walbroehl, Chief Information Security Officer at Halborn Inc, will discuss the series of events around the Parity Bug, and talk about how it happened, how it was exploited, and how $280 million dollars could be locked forever. Then, after diving into some of the solidity code, he will perform a live demonstration, ethically exploiting similar vulnerabilities found in Ethereum smart contracts that are deployed on the blockchain.  

Speaker Bio

Steven Walbroehl

Steven Walbroehl is a 15 year veteran in cybersecurity, and CISO/co-founder of Halborn Inc, a blockchain focused security firm. With expertise in penetration testing, web application security, cloud security, and smart contract auditing, Steven has helped protect some of the largest technology, financial, and utility companies in world. Over the past 5 years, he has earned many SANS GIAC certifications, including GXPN, GAWN, GWAPT, GPYC, and has been a NetWars Tournament Champion at several of their recent CTF events. Currently, Steven is developing the content and exercises for a new class, SEC554, which will be the first blockchain and smart contract security course in the SANS curriculum. Steven resides in Miami, FL, and enjoys playing guitar, producing music, collecting rare comics, and golfing in his free time. Before focusing on his security career, Steven was lead guitarist for rock band Stellar Revival, signed with Capitol Records, and toured the world performing with his band.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.