gmee got hacked https://www.halborn.com/blog/post/explained-the-gamee-token-hack-january-2024 @EthSecurity1

In orbit accident I was wondering how keys compromised. This is post-mortem:
https://medium.com/orbit-chain/official-statement-regarding-orbit-bridge-exploit-551928f3dc52

And MIM hack analysis

https://x.com/kankodu/status/1752581744803680680?s=61
@EthSecurity1

It appears a Ripple insider was hacked for ~213M XRP ($112.5M)

Source address
rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm

So far the stolen funds have been laundered through MEXC, Gate, Binance, Kraken, OKX, HTX, HitBTC, etc

Update: Confirmation of the hack from Chris Larsen (Ripple Co-Founder & Executive Chairman)

Theft addresses
rGhR13XyM43WdDaSMznHd5rZ4cJatybvEg
rHQVKntyfkDCPhEBL2ctryuEAkDZgckmmV
rLsUemhuBZtF44rqqzneb2F9JgyrRYYd4t
rKPERax7t9iFvT3RHXn5nifyNpzp9a4hBa
rpjs4HLX1gJoEenH69PsQmXaXY22QhCYAT
rLRhugR4ysNa2xkt4E6fKN8krs9jatCp6w
rnCyeUNvfDbtTagGEPjBfTCBz6EqJjf2Uj
rHVjfYzTaB8MzSoQGqpzH9barZr85QsZW7

Vitalik wrote about risks of restaking in this article from May 2023.

Good to take a step back sometimes and look at the safety too

👇

https://vitalik.eth.limo/general/2023/05/21/dont_overload.html

Warpcast is strange! Get approves account keys onchain and store eth keys on it's server :(
Eth keys : hold asset(EOA)

@Ethsecurity1

- PlayDapp Heist: Attackers minted 200M PLA tokens, valuing a massive $31M loss. A significant portion, $5.9M worth, found its way to the Gate platform. The exploit was due to a security vulnerability. @EthSecurity1

considering Blast as clone of optimism ToB found only 1 Low on Blast, when Spearbit found 6 Crit, 6 H, 11 M and 14 L https://github.com/trailofbits/publications/blob/master/reviews/2024-01-metalayerblast-securityreview.pdf

https://github.com/spearbit/portfolio/blob/master/pdfs/report-blast-contracts-review-draft.pdf

Blast source code deep dive:
https://twitter.com/jarrodWattsDev/status/1727584394796323042?s=20

@EthSecurity1

#Scam
1- Create Github PR with scam massage
2- Tag targets
3- Scam message will be emailed to targets from Github
@Ethsecurity1

Affine Defi Hack explained https://medium.com/@0kage/hack-series-deep-dive-chapter-2-affine-da2d7b0bbefd and POC: https://github.com/0kage-eth/hacks-poc-database/blob/main/test/02-AffineExploit0224.t.sol Plonky2x Audit Report https://hackmd.io/qS36EcIASx6Gt_2uNwlK4A @EthSecurity1

Seneca Protocol has a critical approval exploit (open external call). $6m+ lost so far across eth/arb ADDRESSES TO REVOKE: 0xbc83f2711d0749d7454e4a9d53d8594df0377c05 (MAINNET)

0x2d99e1116e73110b88c468189aa6af8bb4675ec9 (ARBITRUM)

NOTE: contract was pausable but written in internal functions there is no way to call them.
@EthSecurity1

the "EVM from scratch" book. https://evm-from-scratch.xyz/intro.html ZK proofs ELI5. A fun way to understand circuits and even play with them directly in your browser. eli5.zksync.io @EthSecurity1

why TWAP oracle is unsuitable for the vast majority of DeFi use case https://smartcontentpublication.medium.com/twap-oracles-vs-chainlink-price-feeds-a-comparative-analysis-8155a3483cbd @EthSecurity1

some smartcontract Red Flags: -out of scope vulnerability -more comments than code -require(msg.sender == tx.origin); -Lot of typos => Lot of Criticals -It’s a minimal proxy but deployed straight from the command line with injected state. -Over complicated -Most of it being admin restricted -Uniswap v2 with 0 min amount -NO Test -safeMath & Division you can add too @EthSecurity1

WOOFi
got taken for a $8.5 Million ride, after a flash loan attack on Arbitrum.
The attacker exploited Woofi’s novel oracle design and low liquidity.

https://rekt.news/woo-rekt/ @EthSecurity1

Happy noroz and new year 2583 achaemenid
To all kurdish and persians

SSS Hacked on Blast. a kid wrote it. @EthSecurity1

Munchables keys on Blast was compromised. 62 m$ lost but Blast controls the bridge. attacker address : https://blastscan.io/address/0x6e8836f050a315611208a5cd7e228701563d09c5 @EthSecurity1

🔓☁️ unizen_io, a crypto exchange and trading platform, experienced a security breach on March 8 that resulted in the loss of more than $2.1 million.

The attack technique involved authorizing a trading aggregator running on the Ethereum ( $ETH ) blockchain network. The hacker exploited an open external challenge vulnerability in the contract.

Detailed analysis: https://x.com/amlbothq/status/1770102963521867916

#offtopic #security #investigations

1)Understanding Rug Pulls: An In-Depth Behavioral Analysis of Fraudulent NFT Creators 2)Another Solidity Attack Vectors https://github.com/Quillhash/Solidity-Attack-Vectors @EthSecurity1

Prisma Hack post-mortem https://hackmd.io/@PrismaRisk/PostMortem0328 @EthSecurity

A 5y/o Explanation of Ethereum Validation https://mirror.xyz/0xffE49cEe81e8CCa632C000588278eD9c3FeFf205/J0z2S06q7DdFYE6X9TXqjTKCEOBIfbSQSr-olXJbXD8 List of eigenlayer Risks https://x.com/hanni_abu/status/1742976353660531177?s=20 Emerging web3 attack vector: Restake Farming https://x.com/blockaid_/status/1752847514393522260?s=20 @EthSecurity1