Vladimir S. | Officer's Channel
How to not suck at an audit? • x.com/xyz_remedy/status/1793947549432472034 #audit #offtopic
Just a bunch of freshly released web3 security tools:
• getrecon.substack.com/p/introducing-recon-invariant-testing
• x.com/msolomon44/status/1793071526167843069
• x.com/swissknifexyz
• x.com/youfelll/status/1795117529783791876
• github.com/ioterw/tracevm
More here: github.com/OffcierCia/tips-solidity-code-auditors
#audit #solidity #web3
• getrecon.substack.com/p/introducing-recon-invariant-testing
• x.com/msolomon44/status/1793071526167843069
• x.com/swissknifexyz
• x.com/youfelll/status/1795117529783791876
• github.com/ioterw/tracevm
More here: github.com/OffcierCia/tips-solidity-code-auditors
#audit #solidity #web3
Recon
Introducing Recon: Invariant Testing Made Easy
I’m Alex The Entreprenerd, I’ve been developing on the EVM since 2019, having worked with BadgerDAO in shipping eBTC, Building multiple Yield Strategies, one of which was used in production by Yearn, as well as multiple small Open Source Contributions
Vladimir S. | Officer's Channel
Velocore on zksync and linea got hack, aronund 10m! TX hash: 0xce7125b2104e5dd8156357be6febe6ee59ddcbd79ae010166df69487ae17b5bc All LPs gone: x.com/officer_cia/status/1797068809959854340 #security #alert
X (formerly Twitter)
Officer's Notes (@officer_cia) on X
@BlockSecTeam @krakovia_evm Update on the situation!
I am the Wild West's fastest 🔫 🔫 🔫 🔫 🔫 gunslinger!
Appreciate the honorable mention from the rekt.news team!
• rekt.news/velocore-rekt
#security #web3
Appreciate the honorable mention from the rekt.news team!
• rekt.news/velocore-rekt
#security #web3
Please open Telegram to view this post
VIEW IN TELEGRAM
Just a bunch of freshly released web3 security tools! ⚒️
• x.com/officer_cia/status/1798421885769908672
#security #audit #web3 #solidity
• x.com/officer_cia/status/1798421885769908672
#security #audit #web3 #solidity
X (formerly Twitter)
Officer's Notes (@officer_cia) on X
Just a bunch of freshly released web3 security tools! ⚒️
• https://t.co/ZtRFhPL4KA
• https://t.co/D5AlqeCGgv
• @swissknifexyz
• https://t.co/rVsfMbbaZa
• https://t.co/0ECisOy4qX
• https://t.co/lpv9Ow7qcT by @xyz_remedy
More tools below!
https://t.co/AxVmisHn4Y
• https://t.co/ZtRFhPL4KA
• https://t.co/D5AlqeCGgv
• @swissknifexyz
• https://t.co/rVsfMbbaZa
• https://t.co/0ECisOy4qX
• https://t.co/lpv9Ow7qcT by @xyz_remedy
More tools below!
https://t.co/AxVmisHn4Y
WANTED Web3 researchers, authors, writers, and hunters!
Your one-of-a-kind opportunity to provide public value while increasing the number of people who read your writings. Please add them to our wiki.r.security, and let us work together to keep this place safe!❤️
#audit #web3
Your one-of-a-kind opportunity to provide public value while increasing the number of people who read your writings. Please add them to our wiki.r.security, and let us work together to keep this place safe!
#audit #web3
Please open Telegram to view this post
VIEW IN TELEGRAM
WEB3 Vulnerapedia
Main Page
Looks like UwU_Lend is being attacked/drained right now!
So far drained around $18M!
• x.com/officer_cia/status/1800141530356928987
#alert #security #web3
So far drained around $18M!
• x.com/officer_cia/status/1800141530356928987
#alert #security #web3
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_cia) on X
Looks like @UwU_Lend is being attacked/drained right now!
So far drained around $14M!
H/T: @CyversAlerts
So far drained around $14M!
H/T: @CyversAlerts
Vladimir S. | Officer's Channel
Looks like UwU_Lend is being attacked/drained right now! So far drained around $18M! • x.com/officer_cia/status/1800141530356928987 #alert #security #web3
Vladimir S. | Officer's Channel
Attacker has executed 3 transactions and was able to get around $19.5M. But hack is still ongoing! Amount might increase. Right now attacker is swapping stolen digital assets to $ETH. Attacker has been funded by TornadoCash 2 days ago! #alert #security #web3
The attacker deposited much of the tokens into CurveFinance's LlamaLend protocol.
The situation and effects are being unpacked and analyzed in realtime!
• x.com/officer_cia/status/1800170718602432796
#security #web3
The situation and effects are being unpacked and analyzed in realtime!
• x.com/officer_cia/status/1800170718602432796
#security #web3
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_cia) on X
@CurveFinance @ArkhamIntel @Phalcon_xyz The attacked deposited much of the tokens into @CurveFinance's @LlamaLend protocol.
The situation and effects are being unpacked and analyzed in realtime!
The situation and effects are being unpacked and analyzed in realtime!
Vladimir S. | Officer's Channel
WANTED Web3 researchers, authors, writers, and hunters! Your one-of-a-kind opportunity to provide public value while increasing the number of people who read your writings. Please add them to our wiki.r.security, and let us work together to keep this place…
We need to implement something similar for Bug Bounty Hunters, WDYT?
• x.com/xyz_remedy/status/1799787781608374556?1
#security #web3
• x.com/xyz_remedy/status/1799787781608374556?1
#security #web3
X (formerly Twitter)
Remedy (@xyz_remedy) on X
We need to implement something similar for Bug Bounty Hunters, WDYT?
We know a lot of you do this on boomer jobs; don't worry, we won't tell anyone! 😅
We know a lot of you do this on boomer jobs; don't worry, we won't tell anyone! 😅
Vladimir S. | Officer's Channel
Analysis (in real time) by @ETHSecurity community: - Yeah, I believe this price oracle is UwU's: etherscan.deth.net/address/0xd252953818bdf8507643c237877020398fa4b2e8 - This is the "typical" plugged to the system, very weirdly configured etherscan.io/ad…
Detailed review (yet unofficial postmortem): x.com/skywinder/status/1800616345903493530
#security #web3
#security #web3