11251
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia • Chat: t.me/+C6RfnbB33AYzNGIy
More information: https://app.blocksec.com/explorer/tx/eth/0x46deef0f52e3a983b67abf4714448a41dd7ffd6d32d32da69d62081c68ad7882?line=2
Follow my thread: https://x.com/officer_cia/status/1892957790546677785
#investigation
My sources confirm it's a security incident
Читать полностью…
Rumours: «Seems that Bybit CEX hot wallet just got hacked.
Though, it's a multi-sign $1.5B worth of ETH was withdrawn to the new address and is currently being sold.»
More information: https://x.com/officer_cia/status/1892957601224151331?s=46
#security #alert
Official statement by zkLend team:
We are offering a $500,000 bounty for any verifiable information that leads to the arrest of the hacker and the recovery of all stolen funds.
If you believe you have information on the hacker’s identity, please provide evidence and contact us at info@zklend.com
Investigation: https://x.com/officer_cia/status/1892012038546931751?s=46
#security #investigation
Official post-mortem: https://x.com/0xcygaar/status/1891948692204368122?s=46
#security #analysis
178 ETH drained already.
• https://dune.com/artemisrsch/abstract-drain
#security #investigation
You asked, I answered – the legendary chat room is back! 🚀 The last one may be history, but this time, let’s make it last. Join the fun! 🎉 #ChatRoomRevival
Link: t.me/+C6RfnbB33AYzNGIy
#opsec #ai #web3 #crypto #offtopic
Official post-mortem by zkLend: https://drive.google.com/file/d/10i1dh_J89tPPw7KRcmFIVM6iNrJZAyfi/view?usp=sharing
#analysis #security
Elliptic's private key extraction in ECDSA upon signing a malformed input.
Private key can be extracted from ECDSA signature upon signing a malformed input (e.g. a string or a number), which could e.g. come from JSON network input.
I suggest not to be nervous, I think it will be fixed soon. However, this is interesting enough information to share with you! Also, it looks like you'd have to sign a dodgy transaction twice first…
Link: https://github.com/advisories/GHSA-vjh7-7g9h-fjfh
#cryptography #offtopic
Update: https://x.com/VitalikButerin/status/1889995280524681393
#security #privacy #opsec
Security challenges have recently become extremely acute. But what if you're abroad, have run out of cash, and need to cash out your cryptocurrencies immediately? Or simply need to purchase or sell bitcoin or USDT?
I'd like to remind you about my friendly exchanger, which likewise thoroughly examines cryptocurrency for purity.
Works in practically all countries in the world 🌍Personally, I have used their services several times and never had any issues. Everything is as trustworthy and secure as possible.
Withdrawal and input methods include cash, bank cards, and other bank transfers. Different currencies. 💵
Contact: t.me/Mr_Hermes1
I've known these guys for years and have never heard of any problems related to the swap. Please take note that you are my referral!
#opsec #crypto
Attention ‼️🚨
Thread (please like & RT): https://x.com/officer_cia/status/1889749401058644348?1
Apparently there is an exploit from within a zoom call now, avoid clicking any links! Use urlscan.io or virustotal.com
Stay safe!
#security #privacy #alert
More information in my thread: https://x.com/officer_cia/status/1892957790546677785?s=46
#security #privacy
Important! They did announce some wallet migration/maintaince recently.
Waiting for more news/official statements.
#alert #security
Follow me via Farcaster!
• https://warpcast.com/officercia
3 free invite codes:
B5NFG95Q7
ZH8WZBPIS
NWB0112OY
We're on officer_cia's favorite and most vision aligned with list!
Thank you sir!
Leviathan News - 𝕏/@officer_cia
A short-list of my favorite projects and individuals with whom we share the same vision for our industry:
• https://x.com/officer_cia/status/1891993271246758113
#offtopic #security
BTW. It is really easy to revoke all your sessions at once on Abstract Global Wallet through revoke.abs.xyz
#security #tip
🚨 Abstract Wallets are being drained as we speak!
If you've connected your AbstractChain wallet to Cardex, make sure to disconnect it & revoke all approvals you might have given.
Over 50 ETH has already been drained, and it's not a network-wide issue. The exploit is specifically targeting those who linked their abstract wallets to Cardex.
• https://x.com/officer_cia/status/1891852031041605841?s=46
#alert #security
Might be useful:)
https://huggingface.co/datasets/Coriolan/smart-contract-vulnerabilities
Crypto privacy software refuses money stolen in $9.5m hack
Читать полностью…
Please help me to promote this tweet fam 👉👈
• https://x.com/officer_cia/status/1890334427252732241?s=46
#security #opsec
SlowMist founder: we discovered that the hacker who attacked zkLend has a close connection to the hacker who attacked EraLend in July 2023, and we suspect they are the same person: x.com/officer_cia/status/1890132436589445291?12
#security #privacy #investigation
Use this list of fantastic telegram channels I've put together in order to discover them as your own personal Web3-Google!
Link: t.me/addlist/uesom31GM1I4Yjgy
Feel free to use this folder to onboard your non-web3 friends to Web3, as the majority of the channels are maintained by independent researchers. There are also additional channels for news, CT reviews, and more!
A small tip to subscribooors: if you find a channel interesting, move it out of the folder into your main list of chats. That way you’ll view content you’re interested in more often, and channels get more views instead of just subscribers!
#crypto #web3
Use my tips and stay safe. Forewarned is forearmed.
Link: https://officercia.mirror.xyz/ye7je7tkuy5nEF7oxHiqyfPI48SBKYckkhW1uTqafpo
#security #opsec #privacy
Crypto Security 101: How to NOT Get Hacked & Lose Everything
Link: https://x.com/fourvork/status/1887433629501935835
Much thanks for mentioning my work!
#security #opsec #privacy