• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Exposing bombardiro crocodilo Crocodilus: New Device Takeover Malware Targeting Android Devices
Initial campaigns observed by our Mobile Threat Intelligence team show targets primarily in Spain and Turkey, along with several cryptocurrency wallets!
• https://x.com/officer_cia/status/1907481205043507452?s=46
#security #privacy
Deq was added on Remedy
- Max Bounty: $50,000
- Languages:
- Tags: #bugbounty
Start Date: 31-03-2025
X | Aggregation Platform | Telegram
A victim lost $510,294 due to copying the wrong address from transaction history!
Victim:
0x0d534863a71d5e68d5c919a4c2ef47c3a7a792c0
Fake address:
0x4049Ebf479Fa49924e120490d119f0827cAa9aeC
Legitimate address:
0x40491fe2bA81621475c894Ebe8bcad56C7da9aec
ZKLend hacker gets phished for 2,930 ETH after trying to use a fake version of Tornado Cash - 𝕏/@officer_cia
Читать полностью…Immediately update your Apple devices!
Update with a fix for an actively exploited vuln(s):
iPadOS 17.7.6, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, IOS 15.8.4, IPadOS 15.8.4, IOS 16.7.11, IPadOS 16.7.11, IPadOS 17.7.6
H/T @AppleActivelyExploited
• https://x.com/officer_cia/status/1906768145622135138?s=46
Solution and Precautions to prevent from this scam :
1. Stop Automatic Downloads from Chrome Settings:
•Open Chrome.
•Click the three dots in the top right → Settings → Privacy and Security → Site Settings.
•Scroll down and click Automatic Downloads under “Additional content settings.”
•Set “Do not allow sites to download multiple files automatically” to Block.
This prevents sites from downloading multiple files without your permission.
Clarification:
You will NOT get drained upon completing the "tick box" CAPTCHA.
After downloading, you woukd have to install the file as a 2nd step and thats when you get drained.
You can mitigate this issue by disabling auto-downloads on google chrome.
Link: https://x.com/officer_cia/status/1906756451563126921?s=46
#security #alert
An MCP for Wireshark.
Now any LLM can analyze network traffic for you. Automate threat detection, anomalies, and IOC attribution all with one click: https://x.com/0xkoda/status/1905411779024585143?s=46
#opsec #security
Front-running — Making trades based on insider information that the rest of the market doesn’t have access to or before it can respond. In crypto, front-running is part of MEV.
The proxy pattern is a crucial design pattern in Ethereum smart contracts.
A large-scale study analyzed 50M+ smart contracts and 1.6B transactions to reveal how proxy patterns shape DApp development.
Key insights for web3 security researchers: 👇
• x.com/xyz_remedy/status/1905198304989761927
#web3 #security
Please remain vigilant. This NickLFranklin guy is a DRPK agent 99%
• https://x.com/k06a/status/1904884377357627621?s=46
#alert #security
Dear friends, you can order an OpSec audit from me for you and your team/project.
Slots available for April! Thank you!
• https://x.com/officer_cia/status/1904930442769314274?s=46
• https://x.com/officer_cia/status/1848380292366561783?s=46
#opsec #security
Root cause: https://x.com/hklst4r/status/1904541046643495240?s=46
#security #investigation
It looks like GMX / MIM Spell related contracts have been hacked for ~3,260 ETH (worth ~$6.5M) - https://x.com/officer_cia/status/1904499709051322578?s=46
#alert #security
Listed here: https://web3privacy.github.io/personalstack/stacks/vladimir-s
#opsec #security
Join my chat for more cool OpSec stuff: t.me/+C6RfnbB33AYzNGIy
#opsec #security
Date: 2025-04-02
Bug bounty program was added to Remedy:
USDFC Bug Bounty by Secured Finance
The very first search result of Rabby wallet in Microsoft Bing is a phishing site!
It's time to set up an ad-blocker and jot down your must-visit websites in your notes app: https://x.com/officer_cia/status/1907189919639843227?s=46
#security #privacy
An investigation on topic: https://x.com/officer_cia/status/1906866848962077062?s=46
#security #investigation
Lmaoo 😅
• https://x.com/officer_cia/status/1906759967543382517?12
It seems that the 2,930 ETH stolen from zkLend was deposited into Phishing website imitating TornadoCash and was immediately taken away by the phishing website’s operators: https://x.com/officer_cia/status/1906759967543382517?12
#security
Best crypto books & researchers for newcomers ⬇️
• https://telegra.ph/Books--Researches-01-30
#defi #web3
Support me by trying my proven partners:
1. Get an audit from hexens.io (EVM - Solidity) or guvenkaya.co (Solana/Near - Rust)
2. Host on r.xyz - tier1 bug bounty platform
3. If funds stolen/blocked on CEX, contact my lawyer @rata0x for crypto legal advice or/and investigation
4. Best service for on-chain investigations: legalblock.com
5. Exchange crypto/cash worldwide via @Mr_Hermes1
Feel free to cross-check everything! The best thing is to support me directly by donating to any address from the list below:0x1191b7d163bde5f51d4d2c1ac969d514fb4f4c62
- Ethereum, all EVM chains17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU
- BitcoinTYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN
- TronBLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB
- Solana
Thank you!
My own list: https://x.com/officer_cia/status/1905020458182885509?1234
#security #investigation
Media coverage: https://cointelegraph.com/news/polymarket-trump-ukraine-bet-whale-governance-attack
#security #opsec
A governance attack occurred on Polymarket , where a UMAprotocol tycoon used his voting power to manipulate the oracle, allowing the market to settle false results and successfully profit.
The tycoon cast 5 million tokens through three accounts, accounting for 25% of the total votes. Polymarket is committed to preventing this from happening again.
On the other hand, one of the users claims that it wasn't an attack, and it was the same validators who voted in every other market as well. Just that the instructions on what to vote for this market came too late: https://x.com/officer_cia/status/1904829643599098256?s=46
#security #web3
Official statement: https://x.com/MIM_Spell/status/1904535586532180434?1
#security #web3
Toolset by @zachxbt ⬇️
• https://x.com/officer_cia/status/1904485373985616116?s=46
#investigation #tool
🔒Top 9 Cryptocurrency Hardware Wallets of 2025 🔒
• https://x.com/patrickalphac/status/1904075663318847785
#opsec #security
Drop your best OpSec-related resources in replies ⬇️
• https://x.com/officer_cia/status/1903902236440502745?s=46
#opsec #security