With record-high crypto breaches starting 2022 amounting over $1b in Q1, crypto pioneers Six and Silur pushed CCTF, the largest legal crypto hacking competition to the next level. Organized for the 8th time, the hacking competition has a history of creating real-world cryptocurrency and blockchain puzzles for security experts in order to raise general awareness in this new type of critical infrastrucutre.
The winners of the preliminary round are gathering in Dubai on 7th of May to conduct the final hacking showdown for the $15.000 prize on a yacht, provided with a Web3 environment for the puzzles with the addition of some social engineering elements.
In the past we’ve seen challenges involving breaking weak cryptography, reversing smart-contract bytecode and fuzzing networks, but this time the team also made part of the challenge happening in the Metaverse. In the preliminary round, which happened on April 8. 2022, players were expected to solve OSINT tasks inside Decentraland, which introduced cybersecurity inside metaverse for the first time.
“Sometimes the best hackers stay invisible either working at Big Four companies or in a completely non-technical environment, and only show off their real skills on IRC chats and CTFs. But as CTF games lately began to decline in quality, the security industry is losing access to these people. We wanted to show both the competitors and the sponsors how we can hack the old way of matchmaking with the games centered around the players, not the organizers HR needs”. ~ Silur
The story of CCTF originally started as a fun home project, which quickly drew attention both in number of competitors and sponsorships, and became the largest CTF that focuses on cryptocurrency and blockchain. The main organizers, which consist of Security expert and auditor David (Six) Pethes and former Ethereum developer Silur, are committing to CCTF remaining a non-profit event that benefits from the security awareness it creates trough their realistic challenges. In their opinion, the CTF scene has become focused on exercises tailor-made around exotic exploits in order for HR to find security experts, but these type of hacks are rarely seen in the wild and creates confusion in the industry.