11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Support me by trying my proven partners:
1. Get an audit from hexens.io (EVM - Solidity) or guvenkaya.co (Solana/Near - Rust)
2. Host on r.xyz - tier1 bug bounty platform
3. If funds stolen/blocked on CEX, contact my lawyer @rata0x for crypto legal advice or/and investigation
4. Best service for on-chain investigations: legalblock.com
5. Exchange crypto/cash worldwide via @Mr_Hermes1
Feel free to cross-check everything! The best thing is to support me directly by donating to any address from the list below:0x1191b7d163bde5f51d4d2c1ac969d514fb4f4c62 - Ethereum, all EVM chains17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - BitcoinTYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - TronBLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB - Solana
Thank you!
My own list: https://x.com/officer_cia/status/1905020458182885509?1234
#security #investigation
Media coverage: https://cointelegraph.com/news/polymarket-trump-ukraine-bet-whale-governance-attack
#security #opsec
A governance attack occurred on Polymarket , where a UMAprotocol tycoon used his voting power to manipulate the oracle, allowing the market to settle false results and successfully profit.
The tycoon cast 5 million tokens through three accounts, accounting for 25% of the total votes. Polymarket is committed to preventing this from happening again.
On the other hand, one of the users claims that it wasn't an attack, and it was the same validators who voted in every other market as well. Just that the instructions on what to vote for this market came too late: https://x.com/officer_cia/status/1904829643599098256?s=46
#security #web3
Official statement: https://x.com/MIM_Spell/status/1904535586532180434?1
#security #web3
Toolset by @zachxbt ⬇️
• https://x.com/officer_cia/status/1904485373985616116?s=46
#investigation #tool
🔒Top 9 Cryptocurrency Hardware Wallets of 2025 🔒
• https://x.com/patrickalphac/status/1904075663318847785
#opsec #security
Drop your best OpSec-related resources in replies ⬇️
• https://x.com/officer_cia/status/1903902236440502745?s=46
#opsec #security
It looks like zoth has been hacked… 8,3 M$ gone.
Hacker’s address & more information ⬇️
• https://x.com/officer_cia/status/1903035914932179228?12
#security #alert
Announcing the debut of a new service!
Now you can contact me and my friend @rata0x for legal services and advice. We've known my dear friend @rata0x for 5 years, and we've helped a lot of individuals in the most desperate situations!
So, if you need to:
1. Resolve the issue of unauthorized blocking of funds on the exchange.
2. You have had a huge sum of money stolen from you and must immediately block it on exchanges and return it as soon as possible.
3. You or your project require legal assistance and advice.
Contact @rata0x ! When I refer him, I use my name because I've worked with him for a long time and know him well.
The last year two different people were strugling to find a lawyer who can really unblock their frozen funds at some big tier1 exhanges, after trying numerous lawyers they finally reached me out, l recommended @rata0x and he was succesfully was able to solve their legal problem and save their funds!
#legal #aml #investigation
Pectra Upgrade Community Hangout!
Join us today to discuss the Ethereum Pectra Upgrade from a security perspective:
📅 March 19, 2025 | Today
⏰ 15:00 GMT | in 3 hours
📍 Discord: Remedy Community Events channel
Bring a drink, get comfy, and let’s chat! ☕
Go to Discord to join.
New Malware Alert — Microsoft warns of StilachiRAT, a stealthy remote access trojan that:
• Steals browser passwords & clipboard data;
• Targets crypto wallets;
• Executes remote commands & monitors RDP sessions;
• Evades detection by clearing event logs.
• https://x.com/officer_cia/status/1902036244479230132?s=46
#security #opsec
Current state of on-chain privacy solutions ⬇️
• https://x.com/officer_cia/status/1901947962973946023?s=46
#security #privacy #web3
Yet another awesome OpSec rule:
Don't let perfect be the enemy of good.
100% solutions are rare in cybersecurity. Security solutions, each with their own shortcomings, are OK when layered together to supplement coverage.
Quoting Kerckhoff's principle, "A cryptosystem should remain secure even if everything about the system, except the key, is public."
If revealing a system substantially increases its risk of being broken, then perhaps it needs to be rethought.
• https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
#opsec #privacy #security
The proxy pattern is a crucial design pattern in Ethereum smart contracts.
A large-scale study analyzed 50M+ smart contracts and 1.6B transactions to reveal how proxy patterns shape DApp development.
Key insights for web3 security researchers: 👇
• x.com/xyz_remedy/status/1905198304989761927
#web3 #security
Please remain vigilant. This NickLFranklin guy is a DRPK agent 99%
• https://x.com/k06a/status/1904884377357627621?s=46
#alert #security
Dear friends, you can order an OpSec audit from me for you and your team/project.
Slots available for April! Thank you!
• https://x.com/officer_cia/status/1904930442769314274?s=46
• https://x.com/officer_cia/status/1848380292366561783?s=46
#opsec #security
Root cause: https://x.com/hklst4r/status/1904541046643495240?s=46
#security #investigation
It looks like GMX / MIM Spell related contracts have been hacked for ~3,260 ETH (worth ~$6.5M) - https://x.com/officer_cia/status/1904499709051322578?s=46
#alert #security
Listed here: https://web3privacy.github.io/personalstack/stacks/vladimir-s
#opsec #security
Join my chat for more cool OpSec stuff: t.me/+C6RfnbB33AYzNGIy
#opsec #security
Root cause: https://x.com/xyz_remedy/status/1903172169531543827?s=46
#security #investigation
Interesting read 👀
Link: https://www.dlnews.com/research/internal/defi-platforms-return-lazarus-swap-fees/
#security #investigation
GM! With all the recent talk around Safe and delegatecall risks, I was looking into ways to prevent or better control delegatecalls to untrusted contracts.
What do you think?
• https://x.com/officer_cia/status/1902263385229570113?s=46
#security #web3
Deep hardware wallet testing for security-conscious developers and protocols ⬇️
• https://x.com/patrickalphac/status/1902225293336576314?s=46
#security #opsec
You asked, I delivered– the legendary chat room is back! 🚀 The last one may be history, but this time, let’s make it last. Join the fun! 🎉
Link: t.me/+C6RfnbB33AYzNGIy
#opsec #ai #web3 #crypto #offtopic
Last week, multiple suspicious sandwich trades were executed in Uni V3 (6 sandwiches for $750k in 5 minutes)
Short thread about the research
https://x.com/muststopye/status/1901908053911322716
tool from last post in thread: https://payload.de/
Tokenomics simulators, transaction simulators ⬇️
• https://x.com/officer_cia/status/1901338291888095676?s=46
#offtopic #web3
Use this list of fantastic telegram channels I've put together in order to discover them as your own personal Web3-Google!
Feel free to use this folder to onboard your non-web3 friends to Web3, as the majority of the channels are maintained by independent researchers. There are also additional channels for news, CT reviews, and more!
Link: t.me/addlist/uesom31GM1I4Yjgy
#telegram #offtopic