11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
It seems that the 2,930 ETH stolen from zkLend was deposited into Phishing website imitating TornadoCash and was immediately taken away by the phishing website’s operators: https://x.com/officer_cia/status/1906759967543382517?12
#security
Best crypto books & researchers for newcomers ⬇️
• https://telegra.ph/Books--Researches-01-30
#defi #web3
Support me by trying my proven partners:
1. Get an audit from hexens.io (EVM - Solidity) or guvenkaya.co (Solana/Near - Rust)
2. Host on r.xyz - tier1 bug bounty platform
3. If funds stolen/blocked on CEX, contact my lawyer @rata0x for crypto legal advice or/and investigation
4. Best service for on-chain investigations: legalblock.com
5. Exchange crypto/cash worldwide via @Mr_Hermes1
Feel free to cross-check everything! The best thing is to support me directly by donating to any address from the list below:0x1191b7d163bde5f51d4d2c1ac969d514fb4f4c62 - Ethereum, all EVM chains17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - BitcoinTYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - TronBLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB - Solana
Thank you!
My own list: https://x.com/officer_cia/status/1905020458182885509?1234
#security #investigation
Media coverage: https://cointelegraph.com/news/polymarket-trump-ukraine-bet-whale-governance-attack
#security #opsec
A governance attack occurred on Polymarket , where a UMAprotocol tycoon used his voting power to manipulate the oracle, allowing the market to settle false results and successfully profit.
The tycoon cast 5 million tokens through three accounts, accounting for 25% of the total votes. Polymarket is committed to preventing this from happening again.
On the other hand, one of the users claims that it wasn't an attack, and it was the same validators who voted in every other market as well. Just that the instructions on what to vote for this market came too late: https://x.com/officer_cia/status/1904829643599098256?s=46
#security #web3
Official statement: https://x.com/MIM_Spell/status/1904535586532180434?1
#security #web3
Toolset by @zachxbt ⬇️
• https://x.com/officer_cia/status/1904485373985616116?s=46
#investigation #tool
🔒Top 9 Cryptocurrency Hardware Wallets of 2025 🔒
• https://x.com/patrickalphac/status/1904075663318847785
#opsec #security
Drop your best OpSec-related resources in replies ⬇️
• https://x.com/officer_cia/status/1903902236440502745?s=46
#opsec #security
It looks like zoth has been hacked… 8,3 M$ gone.
Hacker’s address & more information ⬇️
• https://x.com/officer_cia/status/1903035914932179228?12
#security #alert
Announcing the debut of a new service!
Now you can contact me and my friend @rata0x for legal services and advice. We've known my dear friend @rata0x for 5 years, and we've helped a lot of individuals in the most desperate situations!
So, if you need to:
1. Resolve the issue of unauthorized blocking of funds on the exchange.
2. You have had a huge sum of money stolen from you and must immediately block it on exchanges and return it as soon as possible.
3. You or your project require legal assistance and advice.
Contact @rata0x ! When I refer him, I use my name because I've worked with him for a long time and know him well.
The last year two different people were strugling to find a lawyer who can really unblock their frozen funds at some big tier1 exhanges, after trying numerous lawyers they finally reached me out, l recommended @rata0x and he was succesfully was able to solve their legal problem and save their funds!
#legal #aml #investigation
Pectra Upgrade Community Hangout!
Join us today to discuss the Ethereum Pectra Upgrade from a security perspective:
📅 March 19, 2025 | Today
⏰ 15:00 GMT | in 3 hours
📍 Discord: Remedy Community Events channel
Bring a drink, get comfy, and let’s chat! ☕
Go to Discord to join.
New Malware Alert — Microsoft warns of StilachiRAT, a stealthy remote access trojan that:
• Steals browser passwords & clipboard data;
• Targets crypto wallets;
• Executes remote commands & monitors RDP sessions;
• Evades detection by clearing event logs.
• https://x.com/officer_cia/status/1902036244479230132?s=46
#security #opsec
An MCP for Wireshark.
Now any LLM can analyze network traffic for you. Automate threat detection, anomalies, and IOC attribution all with one click: https://x.com/0xkoda/status/1905411779024585143?s=46
#opsec #security
Front-running — Making trades based on insider information that the rest of the market doesn’t have access to or before it can respond. In crypto, front-running is part of MEV.
The proxy pattern is a crucial design pattern in Ethereum smart contracts.
A large-scale study analyzed 50M+ smart contracts and 1.6B transactions to reveal how proxy patterns shape DApp development.
Key insights for web3 security researchers: 👇
• x.com/xyz_remedy/status/1905198304989761927
#web3 #security
Please remain vigilant. This NickLFranklin guy is a DRPK agent 99%
• https://x.com/k06a/status/1904884377357627621?s=46
#alert #security
Dear friends, you can order an OpSec audit from me for you and your team/project.
Slots available for April! Thank you!
• https://x.com/officer_cia/status/1904930442769314274?s=46
• https://x.com/officer_cia/status/1848380292366561783?s=46
#opsec #security
Root cause: https://x.com/hklst4r/status/1904541046643495240?s=46
#security #investigation
It looks like GMX / MIM Spell related contracts have been hacked for ~3,260 ETH (worth ~$6.5M) - https://x.com/officer_cia/status/1904499709051322578?s=46
#alert #security
Listed here: https://web3privacy.github.io/personalstack/stacks/vladimir-s
#opsec #security
Join my chat for more cool OpSec stuff: t.me/+C6RfnbB33AYzNGIy
#opsec #security
Root cause: https://x.com/xyz_remedy/status/1903172169531543827?s=46
#security #investigation
Interesting read 👀
Link: https://www.dlnews.com/research/internal/defi-platforms-return-lazarus-swap-fees/
#security #investigation
GM! With all the recent talk around Safe and delegatecall risks, I was looking into ways to prevent or better control delegatecalls to untrusted contracts.
What do you think?
• https://x.com/officer_cia/status/1902263385229570113?s=46
#security #web3
Deep hardware wallet testing for security-conscious developers and protocols ⬇️
• https://x.com/patrickalphac/status/1902225293336576314?s=46
#security #opsec
You asked, I delivered– the legendary chat room is back! 🚀 The last one may be history, but this time, let’s make it last. Join the fun! 🎉
Link: t.me/+C6RfnbB33AYzNGIy
#opsec #ai #web3 #crypto #offtopic
Last week, multiple suspicious sandwich trades were executed in Uni V3 (6 sandwiches for $750k in 5 minutes)
Short thread about the research
https://x.com/muststopye/status/1901908053911322716
tool from last post in thread: https://payload.de/