EthSecurity
@EthSecurity1
5.23K subscribers
112 photos
20 files
766 links
https://x.com/EthSecurity
@Web3privacyy
Download Telegram
About
Blog
Apps
Platform
Join
EthSecurity
5.23K subscribers
EthSecurity
- Retrospecting Arbitrary Position Cancellation Vulnerability in Perpetual Protocol - Upgradeable Smart Contracts (USCs): Exploring The Concept And Security Risks @EthSecurity1
Medium
Retrospecting Arbitrary Position Cancellation Vulnerability in Perpetual Protocol
In July 2022, ChainLight identified and reported a vulnerability caused by lock of authorization in cancelling positions.
782 viewsedited  
EthSecurity
An unknown project lost about 85k(about 150 BNB) https://bscscan.com/address/0x3c4e4fbc17a7caa22570e54b57ba42cf053a777a @EthSecurity1
👍1
797 views
EthSecurity
- DeFi: Stargate v2 Integration Checklist - some immunefi critical bug writeup @EthSecurity1
👍3
824 views
EthSecurity
seems wayback machine has been compromise! @EthSecurity1
🤔1
749 views
EthSecurity
- Characterizing Cryptocurrency-themed Malicious Browser Extensions. - An Empirical Study of Smart Contract Decompilers
@EthSecurity1
Proceedings of the ACM on Measurement and Analysis of Computing Systems
Characterizing Cryptocurrency-themed Malicious Browser Extensions | Proceedings of the ACM on Measurement and Analysis of Computing…
Due to the surging popularity of various cryptocurrencies in recent years, a large
number of browser extensions have been developed as portals to access relevant services,
such as cryptocurrency exchanges and wallets. This has stimulated a wild growth of…
🔥3
877 viewsedited  
EthSecurity
he claimed FBI wallets doxxed https://x.com/jconorgrogan/status/1844121150676218100 @EthSecurity1
876 views
EthSecurity
realy exited for OZ movement : ) https://x.com/0xCygaar/status/1844188445691822136 @EthSecurity1
869 viewsedited  
EthSecurity
fwdETH phishing attack and loss 35 $million https://www.binance.com/en-TR/square/post/2024-10-11-fwdeth-price-plummets-after-35-million-theft-incident-14711617819490 @EthSecurity1
Binance Square
FwDETH Price Plummets After $35 Million Theft Incident
According to BlockBeats, earlier today, the price of fwDETH, a wrapped ETH token on the Blast chain, experienced a significant drop following a theft incident involving $35 million worth of fwDETH. Th
911 viewsedited  
EthSecurity
twice P719 Token Incident
https://app.blocksec.com/explorer/tx/bsc/0x9afcac8e82180fa5b2f346ca66cf6eb343cd1da5a2cd1b5117eb7eaaebe953b3 @EthSecurity1
Blocksec
0x9afcac8e82180fa5b2 | Phalcon Explorer
Security suite for Protocols, Developers, LPs, & Traders - safeguarding your blockchain journey
817 viewsedited  
EthSecurity
- A deep dive into the main components of ERC-4337: Account Abstraction Using Alt Mempool — part1, Part 2
- OWASP Smart Contract Security
@EthSecurity1
Medium
A deep dive into the main components of ERC-4337: Account Abstraction Using Alt Mempool — Part 1
Account abstraction has been a highly desired feature within the Ethereum developer community for years, and it is seen by many as a…
👍3
1.09K viewsedited  
EthSecurity
some checklists: Beirao's Checklist
Decurity's Checklist
ETH Devs's Checklist
Hans's Checklist
Jeffrey's Checklist
Jonas's Checklist
Miguel's Checklist
Nisedo's Checklist
Owen's Checklist
Rahul's Checklist
Rajeev's Resource
Rareskill's Checklist
Roman's Checklist @EthSecurity1
GitHub
audit-checklist/ref/beirao.md at main · Cyfrin/audit-checklist
Aggregated audit checklist. Contribute to Cyfrin/audit-checklist development by creating an account on GitHub.
7
1.69K viewsedited  
EthSecurity
https://x.com/PabloSabbatella/status/1845586927065375004?t=we7UUYzD70JsMHnH_ayI7w&s=19
@EthSecurity1
X (formerly Twitter)
pablito.eth 🦇🔊 ♢ (@PabloSabbatella) on X
🚨ENS email phishing campaign:
Arrives at Gmail Inbox. Do not click, just mark as phishing
Domain: https:// expired.ens-idomains DOT com/
1K views
EthSecurity
https://x.com/omeragoldberg/status/1845515843787960661?s=46
@EthSecurity1
X (formerly Twitter)
Omer Goldberg (@omeragoldberg) on X
1/ $230K @MorphoLabs PAXG/USDC Market Oracle Exploit Breakdown

The Morpho PAXG/USDC market (tokenized gold via @Paxos) was exploited, leading to a $230K loss.

The root cause? A misconfigured oracle pricing gold at $2.6 trillion USD.
3
1.04K views
EthSecurity
EthSecurity
New phishing trick in Microsoft store https://x.com/LehmannLorenz/status/1841545179825942991 @EthSecurity1
https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7

@EthSecurity1
👍3
1.1K views
EthSecurity
Radiant hacked 51 $m loss

Seems private keys compromised

Exploited on BSC, ARBITRUM

Root cause: looks like the attacker just had control of 3 multisig signers allowing them to transfer ownership.

as owner, they could then call setLendingPoolImpl on the addresses provider to upgrade the implementation

@EthSecurity1
1👍1
1.59K viewsedited  
EthSecurity
https://www.justice.gov/usao-dc/pr/fbi-arrests-alabama-man-january-2024-sec-x-hack-spiked-value-bitcoin
@EthSecurity1
www.justice.gov
FBI Arrests Alabama Man in the January 2024 SEC X Hack that Spiked the
            WASHINGTON – Eric Council Jr., 25, of Athens, Alabama, was arrested this morning, in Athens, in connection with a January 2024 unauthorized takeover of the U.S. Securities and Exchange Commission’s (SEC) X account, formerly known as Twitter, in…
1.17K views
EthSecurity
- EVM LOW LEVEL VULNERABILITIES - ECDSA signature vulnerabilities @EthSecurity1
YouTube
EVM LOW LEVEL VULNERABILITIES
https://twitter.com/vn_martinez_
https://twitter.com/opensensepw

Don’t miss this amazing talk by @vn_martinez_ on EVM low-level vulnerabilities! 🔥 Learn how to write, debug, and test low-level code in Yul, Fuzzing, Bit safety, Memory Constraints. Discover…
5👍1
1.39K views
EthSecurity
Tapioca DAO hacked

vesting contract ownership transferred to exploiter, and then all vesting tokens emergency released

https://arbiscan.io/token/0x2c650dab03a59332e2e0c0c4a7f726913e5028c1?a=0x70285a11489bed93686410ebc727057cafb8129d
@EthSecurity1
Arbitrum One (ETH) Blockchain Explorer
TapToken (TAP) Token Tracker | Arbitrum One
TapToken (TAP) Token Tracker on Arbitrum One shows the price of the Token $0.0021, total supply 47,500,000, number of holders 5,074 and updated information of the token. The token tracker page also shows the analytics and historical data.
👍5
14K viewsedited  
EthSecurity
- Vulnerabilities every beginner Smart Contract Security Researcher should find - Retrospecting Unhealthy Order Allowance Vulnerability in Perpetual Protocol
- Solidity Smart Contract Unbounded Loops DOS Attack Vulnerability Explained with REAL Example
@web3privacy1
👍71
1.56K viewsedited  
EthSecurity
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Looks like $20M of seized funds tied to the US Government was likely stolen in the past hour. - @investigations

RT for visibility: x.com/officer_cia/status/1849534839319302453

#security #opsec
1.21K views
EthSecurity
Vladimir S. | Officer's Channel
Looks like $20M of seized funds tied to the US Government was likely stolen in the past hour. - @investigations RT for visibility: x.com/officer_cia/status/1849534839319302453 #security #opsec
Seems hacker returned funds
1.22K views