PeckShield Inc. (@peckshield) - Twitter-Profil | Zamantika Mersobahis Locabet

Angehefteter Tweet

1/ We are thrilled to announce a self-service SaaS platform-#KillSwitch, which aims to detect exploitation TXs before their block inclusion and take contingency measures to block the attack or prevent assets from being stolen. It is in-essence a frontrunning-based DeFi protection

English

133

444

1.2K

0

PeckShield Inc.@peckshield·5d

After liquidating the KelpDAO exploiter's aave position, previously-affected ethereum:0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2 core market on Ethereum now has available liquidity of ~$177m ! x.com/aave/status/20…

PeckShieldAlert@PeckShieldAlert

It seems the 0x1f4c_Kelp DAO Exploiter on ethereum is being liquidated (w/ ~$123m debt) in @aave Here is the related tx: etherscan.io/tx/0xe2391ea41… The arbitrum position is also liquidated: arbiscan.io/tx/0x78b41623c…

English

3

11

91

18.6K

PeckShield Inc.@peckshield·30 Nis

It seems the admin key of @wasabi_protocol has been compromised with the estimated loss of $5.5m across multiple chains, including ETH, BASE, BLAST, and BERA chains. Here is the related tx to add the malicious admin: etherscan.io/tx/0x11ff84ffb…

Wasabi Protocol 🟢@wasabi_protocol

We're aware of an issue and are actively investigating. As a precaution, please do not interact with Wasabi contracts until further notice. We'll share an update as soon as we have more information. Thanks for your patience.

English

8

13

72

31K

PeckShield Inc. retweetet

PeckShieldAlert@PeckShieldAlert·29 Nis

#PeckShieldAlert @syndicateio reported a compromise of the Commons bridge. $SYND has dropped -35%.

Syndicate@syndicateio

IMPORTANT: We are investigating a compromise of the Commons bridge. We are tracing the attack and engaging with security firms. We are also looking at options to make people whole. Syndicate has sufficient tokens available to help users who have lost SYND.

English

9

16

84

31.6K

PeckShield Inc.@peckshield·29 Nis

@androolloyd @banteg

QME

2

0

197

androolloyd.hl@androolloyd·29 Nis

@peckshield @banteg But why is Alchemix being mentioned at all?

English

1

0

1

186

banteg@banteg·29 Nis

not a yearn bug either. it's the victim's personal automation contract that was seemingly meant to convert yvweth to eur on another platform. unfortunately, the execute() method lacked owner check, allowing the attacker to withdraw the approved tokens. i reconstructed what happened here, including the victim and exploit contracts. gist.github.com/banteg/a7e2503…

scoopy trooples@scupytrooples

idk why peckshield is being so reckless in their messaging here, but to be clear, this is the yearn v2 WETH vault, and it is not connected to Alchemix in any way whatsoever. Since the v2 -> v3 migration was completed almost two weeks ago, we have not had any funds deployed to it.

English

8

9

106

41.3K

PeckShield Inc.@peckshield·29 Nis

@scupytrooples

QME

5

0

6

2.2K

scoopy trooples@scupytrooples·29 Nis

idk why peckshield is being so reckless in their messaging here, but to be clear, this is the yearn v2 WETH vault, and it is not connected to Alchemix in any way whatsoever. Since the v2 -> v3 migration was completed almost two weeks ago, we have not had any funds deployed to it.

PeckShield Inc.@peckshield

A victim just lost a Alchemix Yearn yvVault position $yvWETH (estimated $~1m), from an earlier approval to an unverified contract (etherscan.io/address/0x143a…). This unverified contract, created 10 days ago, turns out to be buggy and can be exploited for arbitrary call execution. Here is the vulnerable logic from the decompiled contract, affected in the following exploit tx: etherscan.io/tx/0xebaaab69b…

English

11

10

118

28.3K

PeckShield Inc.@peckshield·29 Nis

@cryptobyrde The victim trusted a buggy contract (to manage its position in Alchemix Yearn yvVault - $yvWETH), which was exploited to redeem the position to steal underlying ETH.

English

2

0

2

1.5K

Ozark@cryptobyrde·29 Nis

@peckshield What does it mean?

English

1

0

1

1.4K

PeckShield Inc.@peckshield·29 Nis

A victim just lost a Alchemix Yearn yvVault position $yvWETH (estimated $~1m), from an earlier approval to an unverified contract (etherscan.io/address/0x143a…). This unverified contract, created 10 days ago, turns out to be buggy and can be exploited for arbitrary call execution. Here is the vulnerable logic from the decompiled contract, affected in the following exploit tx: etherscan.io/tx/0xebaaab69b…

English

12

14

86

29.8K

PeckShield Inc.@peckshield·28 Nis

Just wanted to clarify that the exploited vault was permissionlessly listed in @TradingProtocol, not part of the protocol itself: tradingstrategy.ai/trading-view/v…

English

1

7

3.9K

PeckShield Inc.@peckshield·28 Nis

It seems a @tradingprotocol vault, i.e., YieldCore-3rd-deal, was exploited with $398k loss. There is a missing check on the caller authorization, which is exploited to drain all funds from the vault. Here is the related tx: etherscan.io/tx/0x6b04344d5…

English

19

21

165

53K

PeckShield Inc.@peckshield·22 Nis

It seems the @KelpDAO exploiter moved stolen funds via @LayerZero_Core to Tron for laundering. Related steps: 1: Transfers on Ethereum: Kelp DAO Exploiter1 -> 0xF9802c5EB6b972Ba686aFa7CA615910Ea8310b85 -> 0x42a71A7ED12582378d4A4567A1af6Bad4f03dF84 -> 0x0BA9e88059c85fBD76b0C025F00C8B8Ebb0AddDf 2: Cross-chain: Ethereum -> Arbitrum: 0x0BA9e88059c85fBD76b0C025F00C8B8Ebb0AddDf (Ethereum) -> 0x4D5A08A96D644d7CA7F4541E1512a53D55aA5842 (Arbitrum) 3: Swap on Arbitrum from ETH -> USDT 4: Cross-chain: Arbitrum -> Tron 0x4D5A08A96D644d7CA7F4541E1512a53D55aA5842 (Arbitrum) -> TLTCf565jGgSeCsUhBpWuPhrrHcGGX9ekT (Tron)

PeckShieldAlert@PeckShieldAlert

#PeckShieldAlert The @KelpDAO exploiter bridged $ETH from #Ethereum to #Arbitrum via @AcrossProtocol, swapped for $USDT0, and subsequently routed funds to @trondao via @LayerZero_Core

English

7

8

86

37.2K

PeckShield Inc.@peckshield·21 Nis

@banteg @newmichwill or layerzero cli

Italiano

2

0

3

1.3K

banteg@banteg·21 Nis

@newmichwill and lzcli is clearly lazarus cli

English

2

1

17

6.2K

banteg@banteg·21 Nis

guys you wouldn't believe it

English

23

7

280

39.5K

PeckShield Inc.@peckshield·21 Nis

I believe the @KelpDAO exploiter is shocked 😱😱😱! It turns out @arbitrum security council just frozen 30,766 ETH ($71m) tied to the KelpDAO exploit: x.com/arbitrum/statu…

PeckShield Inc.@peckshield

The latest fund movement from the @KelpDAO exploiter: arbiscan.io/tx/0x561804424…

English

25

11

110

19.3K

PeckShield Inc.@peckshield·21 Nis

The latest fund movement from the @KelpDAO exploiter: arbiscan.io/tx/0x561804424…

English

16

11

107

159.1K

PeckShield Inc. retweetet

LayerZero@LayerZero_Core·20 Nis

x.com/i/article/2046…

ZXX

378

478

2K

1.9M

PeckShield Inc. retweetet

PeckShieldAlert@PeckShieldAlert·18 Nis

Today's @KelpDAO exploiter deposited the stolen $rsETH into various lending protocols (AaveV3, CompoundV3, Euler) and and borrowed massive $WETHs w/ >$236m debt.

PeckShield Inc.@peckshield

Hi @KelpDAO , you may want to take a look at: etherscan.io/tx/0x1ae232da2…

English

22

51

307

87.7K

PeckShield Inc.@peckshield·18 Nis

Hi @KelpDAO , you may want to take a look at: etherscan.io/tx/0x1ae232da2…

English

11

18

172

164.7K

PeckShield Inc.@peckshield·9 Nis

Hi @AethirCloud @AethirEco, you may want to take a look at your AethirOFTAdapter The stolen funds are currently held in the following address: #tokentxns" target="_blank" rel="nofollow noopener">bscscan.com/address/0xd5fa…