A caution for anyone using Convex!
Use revoke.cash or approved.zone if you think you might have been effected!
Read my thread: twitter.com/officer_cia/status/1540075983461662721
I’ve already explained how this attack works in my recent article (attack No. 1)
Use revoke.cash or approved.zone if you think you might have been effected!
Read my thread: twitter.com/officer_cia/status/1540075983461662721
I’ve already explained how this attack works in my recent article (attack No. 1)
Officer's Channel
Check out my own methodology 👀 mirror.xyz/officercia.eth/BFzv17UwH6QG4q711NAljtSiP8eKR17daLjTdmAgbHw Special «Blockchain Investigations» Compilation: • Deanon ETH • ETH Gossip • Profiling Ethereum users • All transaction analysis tools • How to investigate…
Just updated my old article 👀 It's time to learn how to become an on-chain detective!
FYI All opensea.io users emails are now public, be extremely accurate when interacting with emails received from opensea.io 🚨
TLDR: www.theblock.co/linked/155010/opensea-hit-by-data-breach
OpenSea statement
1 - Hackers may use email spoofing;
2 - Hackers may use email appender!
3 - You may get an IP-logger/canary token.
Hackers may not only use spoofing/appender, but also a simple phishing. Examples. If you're on OpenSea you should get a new email to use for it and change it in the settings!
Also, don't forget that hackers can compare your email with other leaks (if you didn't use a clean email) and find other data. For example, an address or something else that can be used for ransom letters, doxxing or phishing emails impersonating other services. Keep this in mind!
No info on if they got address-email data or no but it seems that OpenSea’s DLP/SIEM probably have spotted leak being sold on new beached/raidforums forum implementation or something…
But. Most likely bad actors got the corresponding wallet addresses as well, because bored ape holders were receiving emails with their bored apes attached to the email. But that not 100% info. Keep that in mind and let’s wait for comments from
@opensea
How to not to get doxxed if so you may ask? Well, if you assume your email+address or email+data from other leaks can disclose you then implement counter-OSINT defence tactics. In short, you should add your email to bases with 100+ diff names, diff agendas (use imagination): thread & tip, tip2.
#blockchain #security #NFT
TLDR: www.theblock.co/linked/155010/opensea-hit-by-data-breach
OpenSea statement
1 - Hackers may use email spoofing;
2 - Hackers may use email appender!
3 - You may get an IP-logger/canary token.
Hackers may not only use spoofing/appender, but also a simple phishing. Examples. If you're on OpenSea you should get a new email to use for it and change it in the settings!
Also, don't forget that hackers can compare your email with other leaks (if you didn't use a clean email) and find other data. For example, an address or something else that can be used for ransom letters, doxxing or phishing emails impersonating other services. Keep this in mind!
No info on if they got address-email data or no but it seems that OpenSea’s DLP/SIEM probably have spotted leak being sold on new beached/raidforums forum implementation or something…
But. Most likely bad actors got the corresponding wallet addresses as well, because bored ape holders were receiving emails with their bored apes attached to the email. But that not 100% info. Keep that in mind and let’s wait for comments from
@opensea
How to not to get doxxed if so you may ask? Well, if you assume your email+address or email+data from other leaks can disclose you then implement counter-OSINT defence tactics. In short, you should add your email to bases with 100+ diff names, diff agendas (use imagination): thread & tip, tip2.
#blockchain #security #NFT
The Block
OpenSea hit by data breach after email delivery partner leaks addresses
NFT marketplace OpenSea has suffered a data breach after an employee at its email delivery vendor leaked user data.
Attention please, attack on 0xPolygon is ongoing right now!
Users see an RPC error asking users to urgently reset their seed on polygonapp.net (looks like this is wether DNS hijack or a form of a supply chain attack).
Just a scam popup to bring you to a page to put your seed.
It also gives the attacker information which could be used to link your accounts.
See derp.hoprnet.org
New attack vector discovered*
✅
* Bitcoin wallet Electrum has had this issue in the past - dishonest nodes phishing. First time on “modern chains”.
Use your own RPCs. You can get one for free with POKTnetwork or AlchemyPlatform!
Literally the same attack is ongoing now on Fantom!
rpc.ftm.tools is having issues at the moment and should not be used.
If you're using that RPC, please change it to the following: rpc.ankr.com/fantom
It resolves to the same IP so this is the same hacker’s actions:
#blockchain #security #privacy
Users see an RPC error asking users to urgently reset their seed on polygonapp.net (looks like this is wether DNS hijack or a form of a supply chain attack).
Just a scam popup to bring you to a page to put your seed.
It also gives the attacker information which could be used to link your accounts.
See derp.hoprnet.org
New attack vector discovered*
✅
* Bitcoin wallet Electrum has had this issue in the past - dishonest nodes phishing. First time on “modern chains”.
* Server certificate:
* subject: CN=polygon-rpc.com
* start date: Jul 1 07:39:10 2022 GMT (‼️)
* expire date: Sep 29 07:39:09 2022 GMT
* subjectAltName: host "polygon-rpc.com" matched cert's "polygon-rpc.com"
* issuer: C=US; O=Let's Encrypt; CN=R3
Very suspicious certificate, issued today by Let’sEncrypt
TUse your own RPCs. You can get one for free with POKTnetwork or AlchemyPlatform!
Literally the same attack is ongoing now on Fantom!
rpc.ftm.tools is having issues at the moment and should not be used.
If you're using that RPC, please change it to the following: rpc.ankr.com/fantom
It resolves to the same IP so this is the same hacker’s actions:
;; ANSWER SECTION:
rpc.ftm.tools. 78316 IN A 186.2.171.14
Here is an awesome alternative RPCs list. Stay Safe Fam!
UPD: The service has been restored but DNS propagation might take some time. Gandi (customer agent compromise?) transferred control of Ankr's account to the attacker and that was the root cause of the DNS Hijack.
Ankr acted swiftly and has regained access to the account.. #blockchain #security #privacy
Officer's Channel
mirror.xyz/officercia.eth/GtKNkmRDR_hhCqrnSENjqfPDHHb0W1M2SVeXDp4swCQ
Today is a great day to reread my most-rated #OpSec article 👀
https://mirror.xyz/officercia.eth/GtKNkmRDR_hhCqrnSENjqfPDHHb0W1M2SVeXDp4swCQ
#opsec #blockchain #privacy
https://mirror.xyz/officercia.eth/GtKNkmRDR_hhCqrnSENjqfPDHHb0W1M2SVeXDp4swCQ
#opsec #blockchain #privacy
officercia.mirror.xyz
Key principles of storing crypto, cold wallet security
A) Understand that all sorts of blockchain.info, TrustWallet, MetaMask and other wallets are just interfaces.
GM fam! ❤️ Today, someone tried to hack SamCzSun with a crypto stealer, fortunately, attack wasn’t successful, but all it would've taken was three clicks.
The first step was to create an urgent and compelling hook. When placed under pressure, even trained security professionals might act instinctively instead of rationally. You must have good self-control and feel when someone is trying to make you rush or feel strong emotions (anger, desire to help, love, envy, and so on). Remember that time works for you and you can always wait 1-2 days for a similar request.
You should also understand that if you are in a vulnerable position (not sleeping, not resting, starving, sick) you must not work. And you must not do any activities that require urgency.
You can see the message on the screenshot. If he had clicked the link, then he was only in two clicks away from being pwned. Clicking the link automatically downloads malicious file to computer.
There were two files in the archive. If you have file extensions enabled, then you'll see the first as a URL. If you don't, then you'll see the second as a PDF.
Both of these are malicious, and opening either of them would give the attacker full access to your PC and thus tokens, socials, sensitive data.
The example used wasn't very advanced, but would have tricked a few users nevertheless. The more targeted, the harder to distinguish from legit requests.
This was very likely a Redline malware or a Raccoon Stealer.
Original Tweet
Read my OpSec roadmap to avoid such situations, never download files on your working machine. You should understand all 25 rules!
• How to store crypto securely - tips from CIA_Officer
• 2 Violent attack vectors in Crypto: a detailed review
• OpSec in Crypto: Thoughts
…and never forget to use dangerzone.rocks when working with PDF! Always use a separate, clean, airgapped in a maximum possible way machine for work.
Stay safe!
#blockchain #privacy #OpSec #security
The first step was to create an urgent and compelling hook. When placed under pressure, even trained security professionals might act instinctively instead of rationally. You must have good self-control and feel when someone is trying to make you rush or feel strong emotions (anger, desire to help, love, envy, and so on). Remember that time works for you and you can always wait 1-2 days for a similar request.
You should also understand that if you are in a vulnerable position (not sleeping, not resting, starving, sick) you must not work. And you must not do any activities that require urgency.
You can see the message on the screenshot. If he had clicked the link, then he was only in two clicks away from being pwned. Clicking the link automatically downloads malicious file to computer.
There were two files in the archive. If you have file extensions enabled, then you'll see the first as a URL. If you don't, then you'll see the second as a PDF.
Both of these are malicious, and opening either of them would give the attacker full access to your PC and thus tokens, socials, sensitive data.
The example used wasn't very advanced, but would have tricked a few users nevertheless. The more targeted, the harder to distinguish from legit requests.
This was very likely a Redline malware or a Raccoon Stealer.
Original Tweet
Read my OpSec roadmap to avoid such situations, never download files on your working machine. You should understand all 25 rules!
• How to store crypto securely - tips from CIA_Officer
• 2 Violent attack vectors in Crypto: a detailed review
• OpSec in Crypto: Thoughts
…and never forget to use dangerzone.rocks when working with PDF! Always use a separate, clean, airgapped in a maximum possible way machine for work.
Stay safe!
#blockchain #privacy #OpSec #security
Officer's Channel via @Inlinebuttons_bot
Welcome to my channel! ❤️ I'm glad to see you here! 😊 · Check out my GitHub · Follow my Twitter · Track all my activities · All my Socials Tag Cloud: #tip #marketing #tool #crosspr #privacy #security #opsec #offtopic #forensics #OSINT #blockchain #MEV…
Support is very important to me, with it I can spend less time at work and do what I love - educating DeFi & Crypto users 💖
If you want to support my work, please send me a direct donation to the address:
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A or officercia.eth - ETH, Subchains
17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - BTC
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds - Monero XMR
You can also support me by minting one of my Mirror articles NFTs or via GitCoin!
Thank you 🙏
#offtopic
If you want to support my work, please send me a direct donation to the address:
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A or officercia.eth - ETH, Subchains
17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - BTC
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds - Monero XMR
You can also support me by minting one of my Mirror articles NFTs or via GitCoin!
Thank you 🙏
#offtopic
GitHub
GitHub - OffcierCia/support: SupportMe
SupportMe. Contribute to OffcierCia/support development by creating an account on GitHub.
Welcome to my channel! ❤️ I'm glad to see you here! 😊
· Check out my GitHub
· Follow my Twitter
· Track all my activities
· All my Socials
Tag Cloud:
#tip #marketing #tool #crosspr #privacy #security #opsec #offtopic #forensics #OSINT #blockchain #MEV #defi #nft
· Check out my GitHub
· Follow my Twitter
· Track all my activities
· All my Socials
Tag Cloud:
#tip #marketing #tool #crosspr #privacy #security #opsec #offtopic #forensics #OSINT #blockchain #MEV #defi #nft
Officer's Channel
This wallet controls the stolen funds https://etherscan.io/address/0x098b716b8aaf21512996dc57eb0615e2383e2f96
This was one of the most successful phishing attacks ever performed 😱
How a fake job offer took down the world’s most popular crypto game
#blockchain #security #forensics
How a fake job offer took down the world’s most popular crypto game
#blockchain #security #forensics
The Block
How a fake job offer took down the world’s most popular crypto game
An engineer’s interest in joining what turned out to be a fictitious company led to March’s $540 million Axie Infinity hack.
A new article co-authored with @ortomich_links is out fam ❤️ In it we'll break down one of the methods to steal your Ethers and ways to defend against it! 😎
#blockchain #security #nft
#blockchain #security #nft
officercia.mirror.xyz
How hackers may steal your ETH & why does eth_sign matter?
Today we're going to look into a new scam method! Do not confuse it with allowance approve scam which targets ERC20 tokens, but not Ethers.
Officer's Channel
Ge fam! 👀 It's time to revisit my articles! Check out my Mirror Blog: https://officercia.mirror.xyz Visit my LinkTree as well ❤️
This media is not supported in your browser
VIEW IN TELEGRAM
While I'm preparing some fascinating articles for you, I suggest you visit my blog & read latest articles once again ❤️
#offtopic
#offtopic
Today in my new viamirror article I would like to discuss with you an OpSec mindset, how it can be developed and why it is all needed on the example of ancient English, Greek and ancient Christian folklore and some modern references!
I have never yet cited resources from pre-Christian times as references! I promise this will be an interesting read!
#Blockchain #OpSec #privacy #security
I have never yet cited resources from pre-Christian times as references! I promise this will be an interesting read!
#Blockchain #OpSec #privacy #security
officercia.mirror.xyz
An OpSec: A Close View Through the Prism of Time
An OpSec mindset: How it can be developed, and why it is all needed on the example of ancient and modern references.
Officer's Channel
Today in my new viamirror article I would like to discuss with you an OpSec mindset, how it can be developed and why it is all needed on the example of ancient English, Greek and ancient Christian folklore and some modern references! I have never yet cited…
This media is not supported in your browser
VIEW IN TELEGRAM
Officer's Channel
Ge fam! 👀 It's time to revisit my articles! Check out my Mirror Blog: https://officercia.mirror.xyz Visit my LinkTree as well ❤️
Gm fam! For your convenience, I have posted all of my the best articles on Medium, I hope you enjoy reading them 😉
officercia.medium.com/list/best-from-cia-officer-9db7b1958a64
#offtopic #blockchain #privacy
P.S. Looks like thre is an account which is probably impersonating me (or I am too suspicious but anyways) this is not me - @cia_officer, please keep in mind that my only one real account on tg is @farm42 and my channel is @officer_cia!
officercia.medium.com/list/best-from-cia-officer-9db7b1958a64
#offtopic #blockchain #privacy
P.S. Looks like thre is an account which is probably impersonating me (or I am too suspicious but anyways) this is not me - @cia_officer, please keep in mind that my only one real account on tg is @farm42 and my channel is @officer_cia!
Greetings dear community! ❤️ Today I would like to discuss with you an important thing which is called a Steganography, but to understand the topic, please read my previous articles first, especially about the #OpSec view through history.
We are gonna learn about about what it is, how it was used in ancient times and how hackers and ordinary users use it now, and most importantly, for what and why. And we will finish with a discussion of how we as normal people and average internet users can apply the above mentioned methods to secure our crypto or fiat assets, passwords and make our lives easier in general.
#privacy #security #Blockchain
We are gonna learn about about what it is, how it was used in ancient times and how hackers and ordinary users use it now, and most importantly, for what and why. And we will finish with a discussion of how we as normal people and average internet users can apply the above mentioned methods to secure our crypto or fiat assets, passwords and make our lives easier in general.
#privacy #security #Blockchain
officercia.mirror.xyz
How to win the war, trick the KGB and protect your crypto-assets from theft by Steganography
Steganography: from tricking KGB agent to storing your crypto assets seed phases in a secure and safe way.