Officer's Notes
Llama drama TLDR (neutral) ⬇️ • https://vxtwitter.com/darrenlautf/status/1637442766077849601 #offtopic #blockchain
My thread on topic FYI
• https://threadreaderapp.com/thread/1637448388584042497.html
#offtopic #blockchain
• https://threadreaderapp.com/thread/1637448388584042497.html
#offtopic #blockchain
Threadreaderapp
Thread by @officer_cia on Thread Reader App
@officer_cia: Important info from Llama 🦙 (it has been forked) FYI Anyway tldr on the situation ⬇️ Suggest joining our live discussion in @10b57e6da0 via the link below ⬇️ t.me/lobsters_chat Statement from the other...…
Officer's Notes
My thread on topic FYI • https://threadreaderapp.com/thread/1637448388584042497.html #offtopic #blockchain
A balanced assessment of the situation ⬇️
• https://vxtwitter.com/tendeeno_/status/1637453565508608003
#offtopic
• https://vxtwitter.com/tendeeno_/status/1637453565508608003
#offtopic
vxTwitter
Tendeeno (@Tendeeno_)
Going to try my best to give a TLDR on whats happening at DeFiLlama in an unbiased way
remember, i'm just a small unpaid contributor, not on any official team, etc. I just like the llamas and want to see them succeed
So here's my best attempt:
💖 51 🔁 15
remember, i'm just a small unpaid contributor, not on any official team, etc. I just like the llamas and want to see them succeed
So here's my best attempt:
💖 51 🔁 15
Looks like ndxfi DEGEN token has been exploited in a series of transactions for an attacker profit of approx ~110 ETH. The original attacker submitted to mempool with low gas and was brutally front run by a MEV bot 😅
Our Spotter system detected this attack before it actually happened! Meaning we could have prevented it!
• https://vxtwitter.com/pessimistic_io/status/1637832890162593792
More on topic:
• officercia.medium.com/spotter-digest-2-5e4efb2c0340
#security #blockchain
Our Spotter system detected this attack before it actually happened! Meaning we could have prevented it!
• https://vxtwitter.com/pessimistic_io/status/1637832890162593792
More on topic:
• officercia.medium.com/spotter-digest-2-5e4efb2c0340
#security #blockchain
vxTwitter
Pessimistic Security (@pessimistic_io)
Gm! Our @sadspotter system just detected another attack before it actually happened! Meaning we could have prevented it 🙂
【QRT of Spreek (Denver 28th-6th) (@spreekaway):】
'Looks like @ndxfi DEGEN token has been exploited in a series of transactions for…
【QRT of Spreek (Denver 28th-6th) (@spreekaway):】
'Looks like @ndxfi DEGEN token has been exploited in a series of transactions for…
My friend's team, with whom I once began my Web3 journey, has launched a new project! 🫡
Info: medium.com/spiral-dao/introducing-spiral-dao-548f86caf114
This is not an advertisement; I simply thought you might be interested in knowing about it because the team is talented and needs feedback!
Thank u 🙏
#offtopic #dao #defi
Info: medium.com/spiral-dao/introducing-spiral-dao-548f86caf114
This is not an advertisement; I simply thought you might be interested in knowing about it because the team is talented and needs feedback!
Thank u 🙏
#offtopic #dao #defi
vxTwitter
Spiral DAO (@Spiral_DAO)
Introducing Spiral DAO 🌀
Our novel DAO model aims to optimize the bribe market and reduce inflationary pressures. With a two-token structure and savvy use of market inefficiencies, we're poised to be a foundation stone in DeFi 2.0.
More info:
https://m…
Our novel DAO model aims to optimize the bribe market and reduce inflationary pressures. With a two-token structure and savvy use of market inefficiencies, we're poised to be a foundation stone in DeFi 2.0.
More info:
https://m…
Officer's Notes
Looks like Euler Finance exploiter started returning stolen assets! 🫡 https://vxtwitter.com/officer_cia/status/1637043562645733376 #security #blockchain
Euler exploiter started talking again!
• https://fxtwitter.com/inversebrahfan/status/1637860811526791185
Tx: etherscan.io/tx/0xcc73d182db1f36dbadf14205de7d543cfd1343396b50d34c768529aaab46a1c0
#security #investigations
• https://fxtwitter.com/inversebrahfan/status/1637860811526791185
Tx: etherscan.io/tx/0xcc73d182db1f36dbadf14205de7d543cfd1343396b50d34c768529aaab46a1c0
#security #investigations
FixTweet
✨ •̥/ᐠ。ꞈ。ᐟ\ (@inversebrahfan)
Euler exploiter just sent a message on-chain
Gm! Please let me know if I missed anything important here (arb airdrop):
• https://vxtwitter.com/officer_cia/status/1637983015186976768
#MEV #arbitrum #web3 #security
• https://vxtwitter.com/officer_cia/status/1637983015186976768
#MEV #arbitrum #web3 #security
vxTwitter
Officer's Notes (@officer_cia)
Gm! A lot of you DMed me and asked if I can help with recovering arb airdrops from the never-ending compromised wallets.
Well, first of all, there are actually no mempool for bots to frontrun (poor MEV).
Secondly, Arbitrum currently has a centralized…
Well, first of all, there are actually no mempool for bots to frontrun (poor MEV).
Secondly, Arbitrum currently has a centralized…
Gm fam! We continue our series of instructive articles with some special recommendations for both developers and auditors using Chainlink VRF integration!
blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1
#blockchain #security
blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1
#blockchain #security
Medium
Oracles, Entropy & Chainlink VRF Secure Integration Tips
In this article, we present tips that we have acquired over the years of auditing similar integrations. We also intend to discuss the…
Officer's Notes
Gm fam! We continue our series of instructive articles with some special recommendations for both developers and auditors using Chainlink VRF integration! blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1 #blockchain…
We understand and respect your limited time, therefore we created a specific article with nothing superfluous for an easier access! ❤️
blog.pessimistic.io/chainlink-vrf-secure-integration-tips-specifications-eafd63e87022
#blockchain #security
blog.pessimistic.io/chainlink-vrf-secure-integration-tips-specifications-eafd63e87022
#blockchain #security
Medium
Chainlink VRF Secure Integration Tips: Specifications
In this article, we present tips that we have acquired over the years of auditing similar integrations. We understand and respect your…
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally…
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#blockchain #security #wtf #cringe
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#blockchain #security #wtf #cringe
vxTwitter
Officer's Notes (@officer_cia)
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally 😅
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
Officer's Notes
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally… • https://vxtwitter.com/officer_cia/status/1638235897438019607 #blockchain #security #wtf #cringe
Adding some context on topic FYI
• https://fxtwitter.com/hudsonjameson/status/1638240083496038409
#security #wtf
• https://fxtwitter.com/hudsonjameson/status/1638240083496038409
#security #wtf
FixTweet
Hudson Jameson (@hudsonjameson)
The repo linked by the Ronin hacker has a vulnerability in the elliptic library. It is a trick so they can steal money from the Euler exploiter.
https://security.snyk.io/package/npm/elliptic/6.4.0
↘️ Quoting Officer's Notes (@officer_cia)
Looks like a…
https://security.snyk.io/package/npm/elliptic/6.4.0
↘️ Quoting Officer's Notes (@officer_cia)
Looks like a…
Officer's Notes
Adding some context on topic FYI • https://fxtwitter.com/hudsonjameson/status/1638240083496038409 #security #wtf
Exploiter responded to Euler: We still want to do the right thing returning funds to the Euler team. Will communicate shortly.
TX (click show more then view input as UTF-8): https://etherscan.io/tx/0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a
#security #blockchain #wtf
TX (click show more then view input as UTF-8): https://etherscan.io/tx/0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a
#security #blockchain #wtf
Ethereum (ETH) Blockchain Explorer
Ethereum Transaction Hash (Txhash) Details | Etherscan
Ethereum (ETH) detailed transaction info for txhash 0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a. The transaction status, block confirmation, gas fee, Ether (ETH), and token transfer are shown.
Officer's Notes
Adding some context on topic FYI • https://fxtwitter.com/hudsonjameson/status/1638240083496038409 #security #wtf
A quick summary on topic…
• https://vxtwitter.com/TheDEFIac/status/1638243240166948865
#security #blockchain
• https://vxtwitter.com/TheDEFIac/status/1638243240166948865
#security #blockchain
vxTwitter
DeFiac (@TheDEFIac)
Grab your popcorn.
Euler Finance situation getting interesting as the exploiter received an encrypted message from the Ronin Bridge Exploiter - which is believed to be Lazarus - DPRK hacking group.
💖 9 🔁 1
Euler Finance situation getting interesting as the exploiter received an encrypted message from the Ronin Bridge Exploiter - which is believed to be Lazarus - DPRK hacking group.
💖 9 🔁 1
Officer's Notes
Exploiter responded to Euler: We still want to do the right thing returning funds to the Euler team. Will communicate shortly. TX (click show more then view input as UTF-8): https://etherscan.io/tx/0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a…
Hello Euler’s Hackers, this is @officer_cia speaking.
You should know that @rata0x is an awesome lawyer with relevant experience who can ensure your safety and assist you to turn funds to the team. Feel free to reach out to me/him.
No obligations. Feel free to choose another option if you’d like (just return assets and that’s it).
Proofs: https://officercia.mirror.xyz/X5Q0uPwvlgZ6BrvCmyqXlXHFgLAWrMtzAHSvjzrDS7c
You should know that @rata0x is an awesome lawyer with relevant experience who can ensure your safety and assist you to turn funds to the team. Feel free to reach out to me/him.
No obligations. Feel free to choose another option if you’d like (just return assets and that’s it).
Proofs: https://officercia.mirror.xyz/X5Q0uPwvlgZ6BrvCmyqXlXHFgLAWrMtzAHSvjzrDS7c
officercia.mirror.xyz
If you have been scammed…
Save & share this note if you know someone who has been scammed or hacked or/and lost crypto!
Officer's Notes
Adding some context on topic FYI • https://fxtwitter.com/hudsonjameson/status/1638240083496038409 #security #wtf
Follow my thread (updating)…
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#security #blockchain #wtf
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#security #blockchain #wtf
vxTwitter
Officer's Notes (@officer_cia)
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally 😅
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
Officer's Notes
Gm fam! We continue our series of instructive articles with some special recommendations for both developers and auditors using Chainlink VRF integration! blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1 #blockchain…
officercia.mirror.xyz
Oracles, Entropy & Chainlink VRF Integration Tips
In this article, we intend to discuss the history of the Chainlink VRF V2 and contrast it with earlier V1 iteration!
Officer's Notes
We understand and respect your limited time, therefore we created a specific article with nothing superfluous for an easier access! ❤️ blog.pessimistic.io/chainlink-vrf-secure-integration-tips-specifications-eafd63e87022 #blockchain #security
officercia.mirror.xyz
Chainlink VRF Secure Integration Tips: Specifications
We continue our series of instructive articles with some special recommendations for both developers and auditors using ChainLink VRF integration!
If you're using Cloudflare for your web3 product, stop what you're doing right now.
You NEED to:
1. Rotate the Global API Key for all your accounts
2. Remove all accounts added to your Cloudflare unless you rotated their Global API Key in step 1
• https://vxtwitter.com/officer_cia/status/1639076696623030273
#security #blockchain
You NEED to:
1. Rotate the Global API Key for all your accounts
2. Remove all accounts added to your Cloudflare unless you rotated their Global API Key in step 1
• https://vxtwitter.com/officer_cia/status/1639076696623030273
#security #blockchain
vxTwitter
Officer's Notes (@officer_cia)
Check out this if you're utilizing Cloudflare for your project. That’s important!
【QRT of Tay 🦊 💖 (@tayvano_)☑️:】
'🚨 If you're using Cloudflare for your web3 product, stop what you're doing right now.
You NEED to:
1. Rotate the Global API Key for all…
【QRT of Tay 🦊 💖 (@tayvano_)☑️:】
'🚨 If you're using Cloudflare for your web3 product, stop what you're doing right now.
You NEED to:
1. Rotate the Global API Key for all…
Hacked vanity addresses used to siphon $500K!
Sources:
• twitter.com/jackqack/status/1638933532763381765
• ct.com/bh16
Read more about vanity attacks:
• officercia.medium.com/profanity-clarifications-df3972c8c006
• officercia.mirror.xyz/p1ieZdxQWH4yHCNOXNPHyT8So1cY0X_wMGKwdmavi7s
#blockchain #security
Sources:
• twitter.com/jackqack/status/1638933532763381765
• ct.com/bh16
Read more about vanity attacks:
• officercia.medium.com/profanity-clarifications-df3972c8c006
• officercia.mirror.xyz/p1ieZdxQWH4yHCNOXNPHyT8So1cY0X_wMGKwdmavi7s
#blockchain #security
Twitter
Someone made $500k+ by claiming Arbitrum airdrop with hacked vanity addresses