Looks like ndxfi DEGEN token has been exploited in a series of transactions for an attacker profit of approx ~110 ETH. The original attacker submitted to mempool with low gas and was brutally front run by a MEV bot 😅
Our Spotter system detected this attack before it actually happened! Meaning we could have prevented it!
• https://vxtwitter.com/pessimistic_io/status/1637832890162593792
More on topic:
• officercia.medium.com/spotter-digest-2-5e4efb2c0340
#security #blockchain
Our Spotter system detected this attack before it actually happened! Meaning we could have prevented it!
• https://vxtwitter.com/pessimistic_io/status/1637832890162593792
More on topic:
• officercia.medium.com/spotter-digest-2-5e4efb2c0340
#security #blockchain
vxTwitter / fixvx
Pessimistic Security (@pessimistic_io)
Gm! Our @sadspotter system just detected another attack before it actually happened! Meaning we could have prevented it 🙂
【QRT of Spreek (@spreekaway):】
'Looks like @ndxfi DEGEN token has been exploited in a series of transactions for an attacker profit…
【QRT of Spreek (@spreekaway):】
'Looks like @ndxfi DEGEN token has been exploited in a series of transactions for an attacker profit…
My friend's team, with whom I once began my Web3 journey, has launched a new project! 🫡
Info: medium.com/spiral-dao/introducing-spiral-dao-548f86caf114
This is not an advertisement; I simply thought you might be interested in knowing about it because the team is talented and needs feedback!
Thank u 🙏
#offtopic #dao #defi
Info: medium.com/spiral-dao/introducing-spiral-dao-548f86caf114
This is not an advertisement; I simply thought you might be interested in knowing about it because the team is talented and needs feedback!
Thank u 🙏
#offtopic #dao #defi
Officer's Channel
Looks like Euler Finance exploiter started returning stolen assets! 🫡 https://vxtwitter.com/officer_cia/status/1637043562645733376 #security #blockchain
Euler exploiter started talking again!
• https://fxtwitter.com/inversebrahfan/status/1637860811526791185
Tx: etherscan.io/tx/0xcc73d182db1f36dbadf14205de7d543cfd1343396b50d34c768529aaab46a1c0
#security #investigations
• https://fxtwitter.com/inversebrahfan/status/1637860811526791185
Tx: etherscan.io/tx/0xcc73d182db1f36dbadf14205de7d543cfd1343396b50d34c768529aaab46a1c0
#security #investigations
FixTweet
cat ✨ •̥/ᐠ。ꞈ。ᐟ\ (@inversebrahfan)
Euler exploiter just sent a message on-chain
Gm! Please let me know if I missed anything important here (arb airdrop):
• https://vxtwitter.com/officer_cia/status/1637983015186976768
#MEV #arbitrum #web3 #security
• https://vxtwitter.com/officer_cia/status/1637983015186976768
#MEV #arbitrum #web3 #security
vxTwitter / fixvx
Officer's Notes (@officer_cia)
Gm! A lot of you DMed me and asked if I can help with recovering arb airdrops from the never-ending compromised wallets.
Well, first of all, there are actually no mempool for bots to frontrun (poor MEV).
Secondly, Arbitrum currently has a centralized…
Well, first of all, there are actually no mempool for bots to frontrun (poor MEV).
Secondly, Arbitrum currently has a centralized…
Gm fam! We continue our series of instructive articles with some special recommendations for both developers and auditors using Chainlink VRF integration!
blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1
#blockchain #security
blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1
#blockchain #security
Medium
Oracles, Entropy & Chainlink VRF Secure Integration Tips
In this article, we present tips that we have acquired over the years of auditing similar integrations. We also intend to discuss the…
Officer's Channel
Gm fam! We continue our series of instructive articles with some special recommendations for both developers and auditors using Chainlink VRF integration! blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1 #blockchain…
We understand and respect your limited time, therefore we created a specific article with nothing superfluous for an easier access! ❤️
blog.pessimistic.io/chainlink-vrf-secure-integration-tips-specifications-eafd63e87022
#blockchain #security
blog.pessimistic.io/chainlink-vrf-secure-integration-tips-specifications-eafd63e87022
#blockchain #security
Medium
Chainlink VRF Secure Integration Tips: Specifications
In this article, we present tips that we have acquired over the years of auditing similar integrations. We understand and respect your…
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally…
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#blockchain #security #wtf #cringe
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#blockchain #security #wtf #cringe
vxTwitter / fixvx
Officer's Notes (@officer_cia)
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally 😅
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
Officer's Channel
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally… • https://vxtwitter.com/officer_cia/status/1638235897438019607 #blockchain #security #wtf #cringe
Adding some context on topic FYI
• https://fxtwitter.com/hudsonjameson/status/1638240083496038409
#security #wtf
• https://fxtwitter.com/hudsonjameson/status/1638240083496038409
#security #wtf
FixTweet - 🆕 x.com link? Try fixupx.com
Hudson Jameson (@hudsonjameson)
The repo linked by the Ronin hacker has a vulnerability in the elliptic library. It is a trick so they can steal money from the Euler exploiter.
https://security.snyk.io/package/npm/elliptic/6.4.0
↘️ Quoting Officer's Notes (@officer_cia)
Looks like a…
https://security.snyk.io/package/npm/elliptic/6.4.0
↘️ Quoting Officer's Notes (@officer_cia)
Looks like a…
Officer's Channel
Adding some context on topic FYI • https://fxtwitter.com/hudsonjameson/status/1638240083496038409 #security #wtf
Exploiter responded to Euler: We still want to do the right thing returning funds to the Euler team. Will communicate shortly.
TX (click show more then view input as UTF-8): https://etherscan.io/tx/0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a
#security #blockchain #wtf
TX (click show more then view input as UTF-8): https://etherscan.io/tx/0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a
#security #blockchain #wtf
Ethereum (ETH) Blockchain Explorer
Ethereum Transaction Hash (Txhash) Details | Etherscan
Ethereum (ETH) detailed transaction info for txhash 0x47708ec86525944dc5d3085aa58d8164e6065b99d1fb88ba95762033c393c01a. The transaction status, block confirmation, gas fee, Ether (ETH), and token transfer are shown.
Officer's Channel
Adding some context on topic FYI • https://fxtwitter.com/hudsonjameson/status/1638240083496038409 #security #wtf
A quick summary on topic…
• https://vxtwitter.com/TheDEFIac/status/1638243240166948865
#security #blockchain
• https://vxtwitter.com/TheDEFIac/status/1638243240166948865
#security #blockchain
vxTwitter / fixvx
DeFiac (@TheDEFIac)
Grab your popcorn.
Euler Finance situation getting interesting as the exploiter received an encrypted message from the Ronin Bridge Exploiter - which is believed to be Lazarus - DPRK hacking group.
💖 165 🔁 38
Euler Finance situation getting interesting as the exploiter received an encrypted message from the Ronin Bridge Exploiter - which is believed to be Lazarus - DPRK hacking group.
💖 165 🔁 38
Officer's Channel
Adding some context on topic FYI • https://fxtwitter.com/hudsonjameson/status/1638240083496038409 #security #wtf
Follow my thread (updating)…
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#security #blockchain #wtf
• https://vxtwitter.com/officer_cia/status/1638235897438019607
#security #blockchain #wtf
vxTwitter / fixvx
Officer's Notes (@officer_cia)
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally 😅
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
【QRT of laurence (@functi0nZer0):】
'If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay…
Officer's Channel
Gm fam! We continue our series of instructive articles with some special recommendations for both developers and auditors using Chainlink VRF integration! blog.pessimistic.io/oracles-entropy-chainlink-vrf-secure-integration-tips-13c27d8fde48?1 #blockchain…
officercia.mirror.xyz
Oracles, Entropy & Chainlink VRF Integration Tips
In this article, we intend to discuss the history of the Chainlink VRF V2 and contrast it with earlier V1 iteration!
Officer's Channel
We understand and respect your limited time, therefore we created a specific article with nothing superfluous for an easier access! ❤️ blog.pessimistic.io/chainlink-vrf-secure-integration-tips-specifications-eafd63e87022 #blockchain #security
officercia.mirror.xyz
Chainlink VRF Secure Integration Tips: Specifications
We continue our series of instructive articles with some special recommendations for both developers and auditors using ChainLink VRF integration!
If you're using Cloudflare for your web3 product, stop what you're doing right now.
You NEED to:
1. Rotate the Global API Key for all your accounts
2. Remove all accounts added to your Cloudflare unless you rotated their Global API Key in step 1
• https://vxtwitter.com/officer_cia/status/1639076696623030273
#security #blockchain
You NEED to:
1. Rotate the Global API Key for all your accounts
2. Remove all accounts added to your Cloudflare unless you rotated their Global API Key in step 1
• https://vxtwitter.com/officer_cia/status/1639076696623030273
#security #blockchain
vxTwitter / fixvx
Officer's Notes (@officer_cia)
Check out this if you're utilizing Cloudflare for your project. That’s important!
【QRT of Tay 💖 (@tayvano_):】
'🚨 If you're using Cloudflare for your web3 product, stop what you're doing right now.
You NEED to:
1. Rotate the Global API Key for all your…
【QRT of Tay 💖 (@tayvano_):】
'🚨 If you're using Cloudflare for your web3 product, stop what you're doing right now.
You NEED to:
1. Rotate the Global API Key for all your…
It appears that eulerfinance exploiter has just returned another sum, this time - 51.000 ETH!
UPD: (another 7k ETH been sent as well, in addition to 51.000).
• https://vxtwitter.com/officer_cia/status/1639649107781230592
#blockchain #security #investigations
UPD: (another 7k ETH been sent as well, in addition to 51.000).
• https://vxtwitter.com/officer_cia/status/1639649107781230592
#blockchain #security #investigations
vxTwitter / fixvx
Officer's Notes (@officer_cia)
Wow it appears that @eulerfinance exploiter has just returned another sum, this time - 51.000 ETH.
TX: 0xb0308ee113c541e7c6f4623e833417524d68fd6267d23f43d9041f583c14343f
【QRT of BlockSec (@BlockSecTeam):】
'Euler exploiter just returned 51000 Eth to Euler…
TX: 0xb0308ee113c541e7c6f4623e833417524d68fd6267d23f43d9041f583c14343f
【QRT of BlockSec (@BlockSecTeam):】
'Euler exploiter just returned 51000 Eth to Euler…
Officer's Channel
It appears that eulerfinance exploiter has just returned another sum, this time - 51.000 ETH! UPD: (another 7k ETH been sent as well, in addition to 51.000). • https://vxtwitter.com/officer_cia/status/1639649107781230592 #blockchain #security #investigations
Also four each ~10,7xx,465 DAI on the EOA:
0xc4e04ac48639ff077ebb36e7cfe0c4993b7b208e
0x46e0be2df97dac791fc8e30cf2b2e4f58c50cf55
0x8765a35394c98e81b9d56d44248e1199d8e38a4c
0xa1b44d4b5b4c361f51e029b81bf2db9cf4d8e676
Info: twitter.com/1nf0s3cpt
#security #blockchain
0xc4e04ac48639ff077ebb36e7cfe0c4993b7b208e
0x46e0be2df97dac791fc8e30cf2b2e4f58c50cf55
0x8765a35394c98e81b9d56d44248e1199d8e38a4c
0xa1b44d4b5b4c361f51e029b81bf2db9cf4d8e676
Info: twitter.com/1nf0s3cpt
#security #blockchain
Officer's Channel
It appears that eulerfinance exploiter has just returned another sum, this time - 51.000 ETH! UPD: (another 7k ETH been sent as well, in addition to 51.000). • https://vxtwitter.com/officer_cia/status/1639649107781230592 #blockchain #security #investigations
Here we discuss how one can investigate crypto hacks and security incidents, and collect all the possible tools and manuals!
PRs are welcome! If any tool is missing - please open PR!
• github.com/OffcierCia/On-Chain-Investigations-Tools-List
#blockchain #security
PRs are welcome! If any tool is missing - please open PR!
• github.com/OffcierCia/On-Chain-Investigations-Tools-List
#blockchain #security
GitHub
GitHub - OffcierCia/On-Chain-Investigations-Tools-List: Here we discuss how one can investigate crypto hacks and security incidents…
Here we discuss how one can investigate crypto hacks and security incidents, and collect all the possible tools and manuals! PRs are welcome! If any tool is missing - please open PR! - OffcierCia/O...
Officer's Channel
It appears that eulerfinance exploiter has just returned another sum, this time - 51.000 ETH! UPD: (another 7k ETH been sent as well, in addition to 51.000). • https://vxtwitter.com/officer_cia/status/1639649107781230592 #blockchain #security #investigations
Cointelegraph
Euler Finance exploiter returns over 58,000 stolen Ether
The hacker behind the $196 million exploit on lending protocol Euler Finance has returned most of the stolen assets.