OpenSecurity 🧙♂️
8K posts
OpenSecurity 🧙♂️ retweetet
🧵 [4/9] 🚨 Supply chain attack:
A victim likely lost $723K after interacting with a website compromised by the Lottie Player supply chain attack.
Remember: Even seemingly legitimate websites may pose risks. Stay vigilant! 🔍
x.com/realScamSniffe…
Scam Sniffer | Web3 Anti-Scam@realScamSniffer
⚠️ 3 hours ago, a victim lost 10 BTC ($723,436) due to signing a phishing transaction. This theft is likely related to the supply chain attack on Lottie Player earlier today.
English
@Uniswap @pudgypenguins Pudgy Night Market sounds so fun!!!
Can’t go to Devcon but hope everyone enjoys it
Great penguin, btw 😉
English
We’re so back
Teaming up with @PudgyPenguins on November 13th for an immersive Thai night market experience during Devcon
RSVPs for Pudgy Night Market are now open 🫡
English
Let's see what does high/crit in the first 24h means.
In 24h protocol can confirm either:
Funds drainable
Funds permanently lockable
Users rekt LP profits/principle gone
Traders bleeding on every tx
Bots skimming vaults each iteration
That's just the first 24h.
English
As someone who transitioned from traditional cybersec to Web3 security, here’s how I did it:
1. Learned smart contract development
2. Studied smart contract security basics
3. Practiced in public contests
4. Took on private audits
English
OpenSecurity 🧙♂️ retweetet
💡 What leads to restricted access in liquidity pools? 🤔
In our third Critical Spotlight episode, Isabel Burruezo Lopez, Principal Security Engineer at Halborn, explains DoS vulnerabilities in liquidity pools and practical security measures for #blockchain developers. 🛡️
English
@realScamSniffer Very valueable post which deserves on much bigger attention
English
🧵 1/ In Solana, you might sign what seems like an ordinary signature.
But then, your SOL and token accounts are suddenly controlled by a wallet drainer... 😱
English
Inferno Drainer's transferring 319 ETH ($806K) to multiple addresses out fee address collected recently
English
OpenSecurity 🧙♂️ retweetet
⚠️ 4 days ago, a victim lost around $40,000 in $SOL and $Bonk after signing a phishing signature.💸
Scam Sniffer | Web3 Anti-Scam@realScamSniffer
🧵 1/ In Solana, you might sign what seems like an ordinary signature. But then, your SOL and token accounts are suddenly controlled by a wallet drainer... 😱
English
Y’all please, for the love of all things holy, cement this inside your brains.
I have seen SO MANY BLOODY PEOPLE absolutely f*cked recently by this, and it’s a rapidly growing problem.
Tay 💖@tayvano_
🚨WARNING 🚨 If you go to get on a video call... and you see this screen... YOU ARE ABOUT TO GET REKT! 1. STOP what you are doing! 2. Close the window. 3. Do not say ANYTHING to the person youre supposed to have the call with. 4. Message t.me/seal_911_bot for help!
English
OpenSecurity 🧙♂️ retweetet
Serial rugpullers launched 16,000+ rugs in the past 3 months
They steal millions of $ each week
So we built Rug Detector to protect you 👇
English
Web3 security market is popping - 15 security contests in parallel, so many security researchers booked and busy. Every serious protocol is doing multiple security audits nowadays and I see no slowing down of this trend anytime soon✌️
English
OpenSecurity 🧙♂️ retweetet
ALERT! Our system has detected a suspicious transaction targeting an unknown project on #Base, resulting in a loss of approximately $1M. The affected project appears to be a #Compound fork, with multiple markets being drained. As the contracts are not open-source, we suspect this may be a classic price manipulation attack caused by reliance on Uniswap's spot price.
Attack TX: app.blocksec.com/explorer/tx/ba…
Subscribe to BlockSec Phalcon today to get alerted in realtime and take automatic actions to protect your assets. blocksec.com/phalcon
English
Actually, I had the same feelings for Solidify dev about five years ago.
nader dabit@dabit3
discuss
English
A small hack I use to suppress the "Function state mutability can be restricted to view" warning in my PoCs is a noView modifier to modify state uint _noView; modifier noView() { _noView++; _; }
English
cat is right tho, weighing each potato is crazy
laurence@functi0nZer0
Every so often it hits me that I’m friends with people that don’t know that there are things like food scales
English
📑 Root cause analysis from past DeFi incidents. Hope this stuff can help devs to avoid the same mistakes as much as possible.
Now covered 95 incidents.
wooded-meter-1d8.notion.site/0e85e02c5ed34d…
#DeFi #Web3
English
OpenSecurity 🧙♂️ retweetet
We've just released a detailed analysis of the @lifiprotocol LiFi Attack, where a vulnerability in the GasZipFacet contract resulted in significant losses.
👉 Check out the full report here: metasleuth.io/blog/illicit-f…
📊 Explore the MetaSleuth Chart here: metasleuth.io/result/eth/0x1…
🔍 We used #MetaSleuth to trace the stolen funds and reveal the full impact of the exploit.
🕵️ Simplify and enhance your on-chain investigations with #MetaSleuth
English