officer_cia | Unsorted

Telegram-канал officer_cia - Vladimir S. | Officer's Channel

11364

• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia

Subscribe to a channel

Vladimir S. | Officer's Channel

Exposing bombardiro crocodilo Crocodilus: New Device Takeover Malware Targeting Android Devices

Initial campaigns observed by our Mobile Threat Intelligence team show targets primarily in Spain and Turkey, along with several cryptocurrency wallets!

https://x.com/officer_cia/status/1907481205043507452?s=46

#security #privacy

Читать полностью…

Vladimir S. | Officer's Channel

Deq was added on Remedy

- Max Bounty: $50,000
- Languages:
- Tags: #bugbounty

Start Date: 31-03-2025

X | Aggregation Platform | Telegram

Читать полностью…

Vladimir S. | Officer's Channel

A victim lost $510,294 due to copying the wrong address from transaction history!

Victim:
0x0d534863a71d5e68d5c919a4c2ef47c3a7a792c0

Fake address:
0x4049Ebf479Fa49924e120490d119f0827cAa9aeC

Legitimate address:
0x40491fe2bA81621475c894Ebe8bcad56C7da9aec


How transaction history poisoning works:

1. Scammer sends fake/dust transfer with similar address;
2. Their fake address appears in your history;
3. You copy address from history thinking it's legitimate;
4. Funds get sent to scammer instead.

How to stay protected:

1. Always double-check the addresses you're sending funds to;
2. Never copy addresses from transaction histories;
3. Use a wallet that supports whitelisting or bookmarks.

My article on topic: https://officercia.mirror.xyz/n-sXszeDoNU3wtUUxRQEYvxQlZ6loaFElILzm2gnMzw

#security #privacy

Читать полностью…

Vladimir S. | Officer's Channel

ZKLend hacker gets phished for 2,930 ETH after trying to use a fake version of Tornado Cash - 𝕏/@officer_cia

Читать полностью…

Vladimir S. | Officer's Channel

Immediately update your Apple devices!

Update with a fix for an actively exploited vuln(s):
iPadOS 17.7.6, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, IOS 15.8.4, IPadOS 15.8.4, IOS 16.7.11, IPadOS 16.7.11, IPadOS 17.7.6

H/T @AppleActivelyExploited

https://x.com/officer_cia/status/1906768145622135138?s=46

Читать полностью…

Vladimir S. | Officer's Channel

Solution and Precautions to prevent from this scam :

1. Stop Automatic Downloads from Chrome Settings:
•Open Chrome.
•Click the three dots in the top right → Settings → Privacy and Security → Site Settings.
•Scroll down and click Automatic Downloads under “Additional content settings.”
•Set “Do not allow sites to download multiple files automatically” to Block.
This prevents sites from downloading multiple files without your permission.

Clarification:

You will NOT get drained upon completing the "tick box" CAPTCHA.

After downloading, you woukd have to install the file as a 2nd step and thats when you get drained.

You can mitigate this issue by disabling auto-downloads on google chrome.

Link: https://x.com/officer_cia/status/1906756451563126921?s=46

#security #alert

Читать полностью…

Vladimir S. | Officer's Channel

An MCP for Wireshark.

Now any LLM can analyze network traffic for you. Automate threat detection, anomalies, and IOC attribution all with one click: https://x.com/0xkoda/status/1905411779024585143?s=46

#opsec #security

Читать полностью…

Vladimir S. | Officer's Channel

Front-running — Making trades based on insider information that the rest of the market doesn’t have access to or before it can respond. In crypto, front-running is part of MEV.


Check out my compilation ⬇️

https://graph.org/MEV-PACK-06-10

#mev #security

Читать полностью…

Vladimir S. | Officer's Channel

The proxy pattern is a crucial design pattern in Ethereum smart contracts.

A large-scale study analyzed 50M+ smart contracts and 1.6B transactions to reveal how proxy patterns shape DApp development.

Key insights for web3 security researchers: 👇

• x.com/xyz_remedy/status/1905198304989761927

#web3 #security

Читать полностью…

Vladimir S. | Officer's Channel

Please remain vigilant. This NickLFranklin guy is a DRPK agent 99%

https://x.com/k06a/status/1904884377357627621?s=46

#alert #security

Читать полностью…

Vladimir S. | Officer's Channel

Dear friends, you can order an OpSec audit from me for you and your team/project.

Slots available for April! Thank you!

https://x.com/officer_cia/status/1904930442769314274?s=46

https://x.com/officer_cia/status/1848380292366561783?s=46

#opsec #security

Читать полностью…

Vladimir S. | Officer's Channel

Root cause: https://x.com/hklst4r/status/1904541046643495240?s=46

#security #investigation

Читать полностью…

Vladimir S. | Officer's Channel

It looks like GMX / MIM Spell related contracts have been hacked for ~3,260 ETH (worth ~$6.5M) - https://x.com/officer_cia/status/1904499709051322578?s=46

#alert #security

Читать полностью…

Vladimir S. | Officer's Channel

Listed here: https://web3privacy.github.io/personalstack/stacks/vladimir-s

#opsec #security

Читать полностью…

Vladimir S. | Officer's Channel

Join my chat for more cool OpSec stuff: t.me/+C6RfnbB33AYzNGIy

#opsec #security

Читать полностью…

Vladimir S. | Officer's Channel

Date: 2025-04-02
Bug bounty program was added to Remedy:
USDFC Bug Bounty by Secured Finance

Читать полностью…

Vladimir S. | Officer's Channel

The very first search result of Rabby wallet in Microsoft Bing is a phishing site!

It's time to set up an ad-blocker and jot down your must-visit websites in your notes app: https://x.com/officer_cia/status/1907189919639843227?s=46

#security #privacy

Читать полностью…

Vladimir S. | Officer's Channel

An investigation on topic: https://x.com/officer_cia/status/1906866848962077062?s=46

#security #investigation

Читать полностью…

Vladimir S. | Officer's Channel

Lmaoo 😅

https://x.com/officer_cia/status/1906759967543382517?12

Читать полностью…

Vladimir S. | Officer's Channel

Literally 😅

Читать полностью…

Vladimir S. | Officer's Channel

It seems that the 2,930 ETH stolen from zkLend was deposited into Phishing website imitating TornadoCash and was immediately taken away by the phishing website’s operators: https://x.com/officer_cia/status/1906759967543382517?12

#security

Читать полностью…

Vladimir S. | Officer's Channel

Best crypto books & researchers for newcomers ⬇️

https://telegra.ph/Books--Researches-01-30

#defi #web3

Читать полностью…

Vladimir S. | Officer's Channel

Support me by trying my proven partners:

1. Get an audit from hexens.io (EVM - Solidity) or guvenkaya.co (Solana/Near - Rust)
2. Host on r.xyz - tier1 bug bounty platform
3. If funds stolen/blocked on CEX, contact my lawyer @rata0x for crypto legal advice or/and investigation
4. Best service for on-chain investigations: legalblock.com
5. Exchange crypto/cash worldwide via @Mr_Hermes1

Feel free to cross-check everything! The best thing is to support me directly by donating to any address from the list below:

0x1191b7d163bde5f51d4d2c1ac969d514fb4f4c62 - Ethereum, all EVM chains

17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - Bitcoin

TYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - Tron

BLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB - Solana

Thank you!

Читать полностью…

Vladimir S. | Officer's Channel

My own list: https://x.com/officer_cia/status/1905020458182885509?1234

#security #investigation

Читать полностью…

Vladimir S. | Officer's Channel

Media coverage: https://cointelegraph.com/news/polymarket-trump-ukraine-bet-whale-governance-attack

#security #opsec

Читать полностью…

Vladimir S. | Officer's Channel

A governance attack occurred on Polymarket , where a UMAprotocol tycoon used his voting power to manipulate the oracle, allowing the market to settle false results and successfully profit.

The tycoon cast 5 million tokens through three accounts, accounting for 25% of the total votes. Polymarket is committed to preventing this from happening again.

On the other hand, one of the users claims that it wasn't an attack, and it was the same validators who voted in every other market as well. Just that the instructions on what to vote for this market came too late: https://x.com/officer_cia/status/1904829643599098256?s=46

#security #web3

Читать полностью…

Vladimir S. | Officer's Channel

Official statement: https://x.com/MIM_Spell/status/1904535586532180434?1

#security #web3

Читать полностью…

Vladimir S. | Officer's Channel

Toolset by @zachxbt ⬇️

https://x.com/officer_cia/status/1904485373985616116?s=46

#investigation #tool

Читать полностью…

Vladimir S. | Officer's Channel

🔒Top 9 Cryptocurrency Hardware Wallets of 2025 🔒

https://x.com/patrickalphac/status/1904075663318847785

#opsec #security

Читать полностью…

Vladimir S. | Officer's Channel

Drop your best OpSec-related resources in replies ⬇️

https://x.com/officer_cia/status/1903902236440502745?s=46

#opsec #security

Читать полностью…
Subscribe to a channel