Tweet Disematkan
ToastForce 🇺🇸
5 posts
So many Americans whining about the Drift exploit...
... If you gotta still use a VPN years after the protocols creation to use it for anything but deposits: it's a grey-zoned pile of shit
Quit putting your money behind trash
English
@atarashi Or to simulate the social engineering campaign to misdirect blame if it was internal
English
To me it looks unrelated to axios
Notice how these txs are unusual: the multisig signers never used durable nonces except for the 2 exploit txs that approved the new admin
The hacker created new nonce accounts on behalf of the 5 Squads signers days ago
This gave him days to socially engineer the signers and collect their signatures. Since the transactions used durable nonces, they aren't limited to the standard 151 block expiry
Haseeb >|<@hosseeb
Looks like Drift was compromised by admin key compromise. Some speculation that maybe was tied to a dev w/ admin access locally doing a version bump on the Axios JS library, which was widely compromised yesterday 👇 Still fog of war... but would make sense
English
@stacy_muur The protocol hacked was the one who had the big insurance vaults
English
Every new DeFi hack makes me more surprised why onchain insurance isn’t normalized here.
Can someone explain?
English