Mike | 0x Web3
4.7K posts
Mike | 0x Web3
@its0xMike
Researcher | 2D investigator Support my work ↓
Beigetreten Aralık 2020
280 Folgt516 Follower
A bridge just got drained for $4.67 MILLION because someone figured out how to create tokens that were never backed by anything.
It happened on the connection between Axelar and Secret Network, two Cosmos chains.
Bridges like this work on a promise to lock real tokens on one side and a matching token appears on the other, fully backed one to one.
The flaw broke that promise. A bug in the contract that's supposed to verify the backing let the attacker mint tokens on Secret that had nothing behind them.
They conjured the tokens out of thin air, then cashed them out for $4.67 million in real value before anyone caught it.
Axelar's emergency team shut the connection down fast and says the damage is contained to this one bridge. They're now working with exchanges to trace the money.
Here's the part that should worry people. This is the same trick that's hit bridge after bridge this year.
Mint tokens that aren't backed, dump them for real money, disappear.
Resolv lost $25 MILLION to it. Verus lost $11 MILLION. IoTeX lost $4 MILLION. Now Secret.
Bridges have slowly become the most expensive thing to get wrong in crypto, with over $340 MILLION drained from them this year alone.
It's almost always the same weak spot, the one check that's supposed to confirm the money on the other side is actually there.
English
@zachxbt @TimStone84 >Audit failed at line 1.
You made my day. I'll be laughing about this for the next hour.
English
A short story about Indian scammers who called the cops on themselves:
Earlier this week a follower DM'd me from his personal account complaining that 5.73 BTC ($475K) of his was 'unjustly' frozen at Changelly in Mar 2025.
So I went and plotted the Bitcoin transaction in my compliance tools.
The inflows trace back to illicit sources via social engineering thefts targeting Americans through US exchanges and Bitcoin ATMs.
The broader cluster of high confidence thefts has taken $1M+ from victims since 2025, with several of them elderly.
His story kept changing. It was a loan. No, his boss sent it. No, his boss invested in Bitcoin "during 2014 and 2015" through a friend in the US.
The best part? In Dec 2025 he claims to have filed a police report in India over these frozen funds (3207-P/2025).
In our DMs he shared email screenshots which I queried to surface more data points and map his group out.
I suspect AmanKesar11 is a mule for his boss 'Mr Parveen,' as the 'proof' he sent included bank statements under a different name / location.
While you can message me for help and I'll respect your privacy, at least use common sense and don't contact me with stolen funds.
5.73 BTC frozen order: fb931baac66bfc116deb10fa81417fb3da61e4362cd2997ee1eaa577e96272f3
AmanKesar11 BTC address: bc1q5yjxzcvfswvyx9y6cvlc3xe4laqqnqsjp3f9t2
AmanKesar11 Tron address: TQkEVXjtvSbigGa5fqFUpcYJnGvpKPPBEm
English
@SpecterAnalyst @zachxbt It's hard to even imagine:
You receive a transaction hash and an address, start checking everything, and then you're like, "What??? 😂"
My mind would have been blown.
English
@zachxbt The level of confidence is crazy 😂
This is the same thing a DPRK-linked launderer did on X a few months ago publicly complaining about exchanges freezing stolen funds as if they were the victim.
Maybe he thought you won't figure out..But come on... it's Zach 😂
English
It’s been over a month since THORChain halted all trading due to an exploit.
This is the same protocol that couldn’t pause trading for just a few hours during other protocol exploits or laundering flows even simple ETH↔BTC routes.
Now, there is no trading at all across the chain on THORChain, when they were the victim 😊
Stay smart.
English
ANDREW TATE: LIQUIDATED 8 TIMES IN 24 HOURS
Andrew Tate deposited $100K to his Hyperliquid account yesterday, and longed $3.8M of BTC. He got liquidated. Then he tried shorting $1M BTC. He got liquidated again.
Andrew Tate has been liquidated 8 times in the last 24 hours, and now has only $14K left.
English
@PancakeSwap @BNBCHAIN >"The DEX for RWAs. 🥞"
Also the DEX for professional scammers. 🍯
x.com/its0xMike/stat…
Mike | 0x Web3@its0xMike
1/ 26k+ Telegram subscribers were told they were getting early access to OpenTrade. Reality: > 143 wallets bought > 0 wallets sold > liquidity was being removed Another honeypot promoted through a Russian-language Telegram channel.
English
Trade tokenized RWAs the same way you swap tokens.
+ Stocks
+ Bonds
+ ETFs
+ IPO stocks
500+ assets. No closing bell. Zero fees. On @BNBCHAIN.
The DEX for RWAs. 🥞
English
@Jesterthegoose However, for most users, it's still just another form of betting on event outcomes.
English
I feel like this image should settle the Polymarket vs sportsbook debate.
No idea why anyone would ever place a trade on a sportsbook anymore.
English
@lookonchain @CryptoHayes Next step in the playbook:
>Shill it to their audience
>Dump everything on the crowd
Not the first time.
English
Airdrop farmers wasted one year on this project
Soundness partnership with Walrus
Soundness partnership with Sui
It is one of the airdrops with a high level of competition and potential
Remember how many days people spent finding code to join the testnet for this project
And now it shut down
That's terrible
English
🚨SlowMist TI Alert🚨
💸 @LittleBoyPlus has been exploited. Loss: ~377,642 USDT (~610.555 BNB)
🔍 Root Cause: The `LBPHashrate._update()` function (in `0x5e3c...85fe`) is triggered by zero-value `transferFrom` calls, which bypasses OpenZeppelin's allowance check. This allows an attacker to call `LBPHashrate.transferFrom(pair, DEAD, 0)` without pair authorization, triggering `_harvest(pair)` which mints LBP tokens directly to the PancakePair address via `LBP.mintReward(pair, reward)`. The minted LBP increases the pair's balance but not its reserve, enabling the attacker to drain USDT via `PancakePair.swap()`.
📌 Attacker: `0x5449ded887576f43fc339851e942ebc1e6f8118b`
📌 Victim Pair: `0x00e3ea08fd8cbad955ec5d2292ad637670c31524`
📌 Vulnerable Contract (LBPHashrate): `0x5e3cbc82d020be91a989eb747934104e9ab585fe`
Impact: Zero-value `transferFrom` on LBPHashrate allows unapproved harvest & mint to PancakePair, leading to reserve imbalance and immediate USDT drain.
Powered by #SlowMist.AI
bscscan.com/tx/0x55856d9fd…
English
@telegram @Akashar04 Does user safety on Telegram count as a matter of principle?
A private Telegram channel "Золотая рыбка" still has not received a SCAM label.
It has been publishing honeypot contracts since May 28.
x.com/its0xMike/stat…
Mike | 0x Web3@its0xMike
1/ 26k+ Telegram subscribers were told they were getting early access to OpenTrade. Reality: > 143 wallets bought > 0 wallets sold > liquidity was being removed Another honeypot promoted through a Russian-language Telegram channel.
Română
@Akashar04 It's a matter of principle.
x.com/durov/status/2…
English
Over 300,000 people die of drowning each year. In order to protect society, it is now illegal to consume or possess water.
Your government is also considering banning solid food, as it presents a needless choking hazard.
You are not an adult.
You are a baby.
Eat the baby food.
English
Announcing a new division of Midjourney called "Midjourney Medical"
English
@nikitabier Please note the translation:
> PEACE IN THE MIDDLE EAST
> МИР НА БЛИЗЬНЕМ ВОСТОКЕ
Correct version:
> МИР НА БЛИЖНЕМ ВОСТОКЕ
The Timeline you’re reading now would be shocking to the person you were 5 years ago.
And 5 years from now, the Timeline you’re reading today will seem quaint.
English
Thank you.
It is most likely that he was a hired actor, paid a fixed fee for his work.
He was likely fully aware and understood what he was doing, given that there was a joint trading/investment scheme in the Telegram channel "Scrooge Trading" in 2023, and a rug-pull token promotion scheme starting in early 2024.
The question is whether he knew that his voice messages and videos, which were used for promotion, would end up being reused across 12+ Telegram channels.
English
@its0xMike feels more like a guy who wants his followers to be his exit liquidity rather than outright scamming them
great thread
English
1/ Over several months in 2024, a network of Telegram channels promoted dozens of scam tokens on Ethereum and BNB Chain.
Many of them used the same person - Ukrainian event host Pavlo Tuptynskyi.
Below is the story of how his voice and videos were used to promote Mystiko, Saga, Aztec, and WalletConnect before their collapse in a classic honeypot scheme.
English
15/ Current status of Pavlo Tuptynskyi:
> Lives and works in Kyiv, Ukraine;
> Event host;
> CEO of ministry.contento
Social media:
instagram - [@]pavlo_tuptinskiy
YouTube - [@]ПавлоТуптинський
Threads - [@]pavlo_tuptinskiy
Stay safe.
14/ The Scrooge Trading project deserves special attention.
A different scheme was used here.
Not token promotion, but attracting people into a private investment community.
A full infrastructure was used to promote the project:
> Telegram;
> YouTube;
> Instagram.
In every case, the image of Pavlo Tuptynskyi was used.
English