11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
⚠️ Alert: New Telegram Malware on Android! ⚠️
This sneaky malware masquerades as a regular video, targeting your data. If opening a video redirects you to a browser asking for an app update or "necessary" player installation, do NOT proceed!
Just one click can hand over your account, chats, photos, and device data to scammers. Stay vigilant!
Link: https://x.com/officer_cia/status/1897992686310687208?s=46
#security #privacy #opsec
More information: https://x.com/officer_cia/status/1897701859361513545?s=46
#security #investigation
Bybit hack investigation continues 👉 https://x.com/officer_cia/status/1897683647953531004?s=46
#security #investigation
Spotted an amazing resource by 0xFitz 🫡
Much thanks for mentioning my work!
Link: degenhub.com
Post: https://x.com/officer_cia/status/1897536562482565527
#security #web3
https://officercia.mirror.xyz/Q00JH0s86d4KMS43cyqNxbl3VIM2s30qtwYfdSTXywE
Читать полностью…
The hacker has laundered all the 499,000 ETH ($1.39 billion) stolen from Bybit, and the whole process took 10 days. THORChain, the main channel used by the hacker to launder money, received $5.9 billion in transaction volume and $5.5 million in handling fees.
My personal advice to the Thorchain team is to contact my attorney @rata0x before it's too late. I think we can help you with a legal audit.
• https://x.com/officer_cia/status/1896749395577581970?3
#security #investigation
> One image cannot shake the unwavering resolve of a Web3 security researcher!
> Yet, behold this picture:
• https://x.com/officer_cia/status/1896040825479708766?1
#security #opsec
Dear friends, the best thing is to support me directly by donating to any address from the list below (Ethereum, Bitcoin, Tron & Solana)!0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A - Ethereum;17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU - Bitcoin;TYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - Tron;BLyXANAw7ciS2Abd8SsN1Rc8J4QZZiJdBzkoyqEuvPAB - Solana.
You can also support me by minting one of my Mirror articles NFTs or just DM me for a clean address!
Join my chat: t.me/+C6RfnbB33AYzNGIy
Thank you very much!
If you’re in Denver, join Hexens and Remedy for a high-signal side event away from the usual chaos. 🧢
Expect real convos, top builders and security researchers, and cocktails worth sipping.🍸
📍When: Friday, February 28 (8–11 PM MST)
📍Where: Denver, CO (register for exact location)
Register here asap
Hope to see you there! 💚
Statement by FBI: https://x.com/officer_cia/status/1895005396214968534?s=46
#security #investigation
1. Handle your our hosted version of UI - it can be even the case to create the UI that is built from the immutable source
2. Isolate the machine for signing, add hardware key and simulate the tx, check hex from the hardware with what is on the ui.
This tool safehashpreview.com would have stopped this attack.
#security #opsec
Hacker’s address list: https://hackscan.hackbounty.io/public/hack-address.json
#security #investigation
You asked, I answered – the legendary chat room is back! 🚀 The last one may be history, but this time, let’s make it last. Join the fun! 🎉 #ChatRoomRevival
Link: t.me/+C6RfnbB33AYzNGIy
#opsec #ai #web3 #crypto #offtopic
https://x.com/SDNYnews/status/1894115083917185039
Читать полностью…
There is an ongoing incident with Tether freezing the whole USDT stack of the Russian-based exchange Garantex.
The exchange was blocked after multiple sanctions were imposed on it.
#offtopic
Gm! If your project requires a military-grade level pentest, I recommend hexens.io
Seriously.
Also. A word of advice to L2/L1 networks, if you haven't integrated Glider (by r.xyz) yet - the probability of an attack increases many times over. So don't hesitate.
#security #opsec #web3
Join my chat: t.me/+C6RfnbB33AYzNGIy
#offtopic
Announcing the debut of a new service!
Now you can contact me and my friend @rata0x for legal services and advice. We've known my dear friend @rata0x for 5 years, and we've helped a lot of individuals in the most desperate situations!
So, if you need to:
1. Resolve the issue of unauthorized blocking of funds on the exchange.
2. You have had a huge sum of money stolen from you and must immediately block it on exchanges and return it as soon as possible.
3. You or your project require legal assistance and advice.
Contact @rata0x ! When I refer him, I use my name because I've worked with him for a long time and know him well.
The last year two different people were strugling to find a lawyer who can really unblock their frozen funds at some big tier1 exhanges, after trying numerous lawyers they finally reached me out, l recommended @rata0x and he was succesfully was able to solve their legal problem and save their funds!
#legal #aml #investigation
🌟 Switching to Apple’s macOS? Here's Your Ultimate Security Guide! 🌟
With the rise in cyber threats on Windows, many are turning to macOS. If you're one of them, here's a comprehensive guide to safeguarding your device and enhancing your OpSec: https://x.com/officer_cia/status/1896761077318193637?s=46
#security #opsec #privacy
Since yesterday, the Bybit hacker has resumed money laundering. Currently, of the 499,000 ETH stolen from Bybit by hackers, only 156,000 ETH have not been processed. At the current speed, it is expected that the remaining stolen funds will be completely cleared within three days.
• https://x.com/officer_cia/status/1896038932619350255?s=46
#security #investigation
Telegram 's latest beta for Android introduces detailed user info! 🕵️♂️
You can now see:
📍 Country of phone number origin
📅 Account registration date (month/year)
👥 Number of shared groups
✔️ Whether the account is official
• https://x.com/officer_cia/status/1895442145370087681
#privacy #security #opsec
The Bybit hacker has moved 270,000 ETH worth around $605M via THORChain and still holds 229,395 ETH worth around $514M: https://x.com/officer_cia/status/1895407702614094208?s=46
#security #investigation
FYI OpenZeppelin just launched a user-friendly interface to make it easily accessible: safeutils.openzeppelin.com
#security #privacy #opsec
A dev machine of Safe was compromised. This allowed access to AWS and their S3 bucket. A malicious JavaScript was pushed to the bucket and eventually distributed. The malicious JS code targeted specifically the Bybit contract address. The JS code changes the content of the transaction during the signing process.
#security #investigation
This is official. Safe UI has been compromised to attack Bybit…
Link: https://x.com/officer_cia/status/1894773005961527331?s=46
#security #investigation
Being sovereign of your resources is not an easy task and the custody of own funds in Bitcoin, or any other crypto, is a burden that we are not used to. Here is an awesome solution! Make your cold wallet with washers ⬇️
Link: https://blockmit.com/english/guides/diy/make-cold-wallet-washers/
#security #opsec #privacy
Bybit CEO Ben Zhou launches LazarusBounty at http://lazarusbounty.com, the industry's first bounty site offering full transparency on sanctioned Lazarus money laundering activities, enabling bounty hunters to connect wallets, trace funds, earn instant rewards when freezes occur (with freezers receiving 5%), and access live rankings to expose bad actors. - 𝕏/@benbybit
Читать полностью…
More information: https://x.com/officer_cia/status/1894195644455080341?s=46
#investigation #security