11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Grafana compromised!
• https://x.com/officer_cia/status/1916478375327150104?s=46
#security #web2 #alert
LegalBlock’s Dr. Rasit Tavus warns crypto market makers could face charges as some liquidity tactics blur into price manipulation amid sharp token declines. - DL News
🏷️ Market, Manipulation
Another day, another exploit…
Today - on BNB. 60k USD already drained: https://x.com/officer_cia/status/1915140574019043439?s=46
#security #alert
Stolen money is being bridged to Ethereum, here's an example address:
0x00AeB2fAc3dBB8C3A300e65B272C9b2d7CE26D3B
I cannot personally confirm this vulnerability. Most likely it requires XSS on the telegram side as well... Anyway - opening links and doing it in the built-in browser is a bad idea anyway.
• https://x.com/officer_cia/status/1914672569711579305?s=46
#security #opsec
Dear friends, I need your support! The best thing is to support me directly by donating to any address from the list below:0x1191b7d163bde5f51d4d2c1ac969d514fb4f4c62
- Ethereum, all EVM chains17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - BitcoinTYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - TronBLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB - Solana
Thank you!
By the way. I have launched a partnership with a service of crypto exchange to cash (and vice versa) - we work all over the world.
So if you need such services - I will be very glad! Proof: t.me/officer_cia/2873 just contact @Mr_Hermes1 and let me know if any issues. Been working with them for years.
#offtopic
Update your Apple devices!
Information by @AppleActivelyExploited : https://x.com/officer_cia/status/1912572867797246188?1
#security #opsec
Attention affected by pig butchering or romance scams!
@rata0x and I can help you. In most cases, the money is still on-chain and can be seized at exchanges.
If you or someone you know has been impacted, please reach out to us. We're here to help! 💪
P.S. If you have been a victim of drainer or phishing - write to us too. We'll do our best to help
• https://x.com/officer_cia/status/1912519176888992236
#security #investigation
General Security PSA: https://x.com/etn0m1/status/1911823583950622834?s=46
#security #opsec
If you are interested in getting Glider API for your project - shoot me a DM: @farm42
The only one working blockchain-scale automated smart contract analysis tool 👀
#offtopic
Someone built an MEV bot to frontrun the Wayfinder PROMPT airdrop claims on Kaito, stealing $200,000 in ETH from 'yappers'.
According to @Lgr20 (ETHSecurity chat), the PROMPT airdrop bug is due to the TokenTable contract having no input validation.
Anyone can snipe the Merkle proofs from the mempool and resubmit them with their own address.
Looks like the contract was never audited, was coded with ChatGPT.
• https://x.com/officer_cia/status/1910456123628413039?12
#security #alert #mev
Check out this extremely detailed graphical breakdown of “the journey of a smart contract” - 𝕏/@officer_cia
Читать полностью…
A MEV bot 0x49e27d11379f5208cbb2a4963b903fd65c95de09 has lost 116.7 ETH due to the lack of access control - https://x.com/officer_cia/status/1909496459088830740?s=46
#security #alert
Here are a few somewhat vetted CSO alerts TG chats & channel if someone’s interested: /channel/addlist/AwdPTTgW_6UxY2Vi
#security #privacy
Impermax V3 code been hacked!
Basically, when you deleverage, the lenders funds are getting stolen…
• If your lending => Withdraw
• If your borrowing => Don't withdraw
Link: https://x.com/officer_cia/status/1916140714657820898
#security #alert
$128k in ZORA had been stolen so far: https://x.com/officer_cia/status/1915415136187121811?14
#security #alert
"Where is the line between market making and market manipulation?"
'Crime szn' no more; the Department of Justice is circling.
Dr. Rasit Tavus, founder of LegalBlock, explains how certain trading tactics could lead to criminal charges.
1.3m usd exploit on arbitrum 👀
• https://x.com/officer_cia/status/1914690926695362685?1
#security #alert
It looks like NumaMoney on the arbitrum chain on Apr-18-2025 09:10:28 PM +UTC got hacked for around $530K.
The attacker swapped all assets to ETH, bridged to ETH and deposited the funds to Tornado Cash ⬇️
• https://x.com/officer_cia/status/1913979776953356722
#security #alert
Update:
Hacker zkLend or Phishing Tornado scammer exchanged all his ETH, which were on his 5 addresses, for Token Pepe (PEPE). Now, on these addresses belonging to him, there is a total of about 660,569,826,987 PEPE.
If this total amount of PEPE was located on one address (instead of 5 addresses), then this hacker/scammer could have received Rank 77 among PEPE token holders.
• https://x.com/officer_cia/status/1913261846854865035?s=46
#security #investigation
https://officercia.mirror.xyz/Q00JH0s86d4KMS43cyqNxbl3VIM2s30qtwYfdSTXywE
Читать полностью…
Someone mined a 16 characters vanity address…
(Etherscan currently shows 17 characters as address preview)…
Such addresses are often used in two types of attacks. The first is address poisoning. The second is a clipper.
My thread: https://x.com/officer_cia/status/1912531979368640673?s=46
#security
Three Good Multisig Operations Tips: https://x.com/officer_cia/status/1912445368236654996?s=46
#security #privacy #opsec
The KiloEx Vault has been exploited. 7 million $ + loss…
The attacker’s main wallet address is:
0x00fac92881556a90fdb19eae9f23640b95b4bcbd
0x00faC92881556A90FdB19eAe9F23640B95B4bcBd
0x551f3110f12c763D1611d5A63B5F015d1c1a954C
Between October'24 and March'25, the number of unique verified smart contracts deployed on Ethereum increased from 700k to 830k, an 18% growth in 5 months.
Empowered by Glider, Hexens team did something that wasn't possible before - analyzed the industry's development focus: https://x.com/hexensio/status/1910643443090457003
#web3 #defi
Yet another awesome tip for Bitcoiners: https://x.com/officer_cia/status/1910454162703409522?s=46
#security #opsec
Via CT: https://cointelegraph.com/news/mev-bot-180k-loss-access-control-exploit
#security #opsec #mev
Sammy shares his tips on how to use LLMs to boost audit speed & efficiency!
📅 April 9, 2025 | Wed
⏰ 14:00 GMT
📍 Discord: Remedy Community Events channel
🎙️With: Sammy
See you <3
Go to Discord to join
This device looks cool 👀 WDYT?
• https://x.com/officer_cia/status/1908599251145220543?s=46
#security #privacy