AMLBot

1.6K posts

AMLBot banner
AMLBot

AMLBot

@AMLBotHQ

Blockchain Intelligence at your fingertips. Report malicious crypto addresses here: https://t.co/VdIaZEqRBN

Katılım Ekim 2020
493 Takip Edilen7.1K Takipçiler
AMLBot
AMLBot@AMLBotHQ·
UDST has banned 2 ETH addresses holding $14M in USDT tokens. 0x8766fe4aa2208afd9a5b050acfcdbb4ad4d3d8ee and 0xe39d2aa8983d125beae388ab72415bc5d2b5616d were used to facilitate payments between different CEXes and swaps and are not directly linked to illegal activity.
AMLBot tweet media
English
0
0
1
18
Artem Irgebaev | Founder @ Hyperfocus
Artem Irgebaev | Founder @ Hyperfocus@ceo_hyperfocus·
I also suggest using @bubblemaps, @AMLBotHQ for getting AML characteristics of a particular address, and Maltego Graph or similar software for creating graphs not related to crypto, e.g. OSINT investigation of project's website. Also go read about intelligence cycle on Wiki. Must-have theoretical fundamental for any investigator.
English
1
0
1
41
Arkham
Arkham@arkham·
HOW TO BE A CRYPTO SLEUTH Crypto sleuths track stolen funds, expose fraud, and identify bad actors using public blockchain data - tools like Arkham allow investigators to trace flows, cluster wallets, and link addresses to real-world entities. Our research team wrote a guide on how crypto sleuths operate, the tools they use, and the investigations that shaped the space. Check it out below:
Arkham tweet media
English
32
17
110
9.2K
AMLBot
AMLBot@AMLBotHQ·
@justinsuntron has unstaked 600,000,000 TRX (or $181M) 2 weeks ago. They are now available for the owner to spend. Addresses TT2T17KZhoDu47i2E4FWxfG79zdkEWkU9N and  TPyjyZfsYaXStgz2NmAraF1uZcMtkgNan5 ⁠ unstaked 442M and 202M TRX each. The addresses are still holding these funds, with the last transaction sent on the 8th of March. Will these tokens collapse the price of TRX if sold via CEX or OTC?
AMLBot tweet media
English
0
0
4
75
AMLBot
AMLBot@AMLBotHQ·
@etherscan has added "Historical Proxy" tab. This will allow security researchers and investigators access proxy update history, compare different versions of smart contracts, and understand the contract's entity in more detail.
AMLBot tweet media
English
0
1
1
132
Cointelegraph
Cointelegraph@Cointelegraph·
Two wallet drainer cases worth $1.76M and $277K appear to be linked to the same attacker, according to @web3_antivirus. In both cases, funds were split across the same 3 addresses and routed through NEAR Intents into ETH. The second victim and the attacker behind both cases appear to be @MetaMask users.
Cointelegraph tweet media
English
39
15
87
16.7K
AMLBot
AMLBot@AMLBotHQ·
We have additionally added the discovered address to blacklist, preventing their owner from using several services and exchanges and marking them as Red level AML risk.
English
0
0
0
96
AMLBot
AMLBot@AMLBotHQ·
As reported by @officer_secret, victim with an address 0x051bb76ff78366de530e293fdb1158c2079ab664 lost about $1.41M USDC due to phishing. Our tracing showed that USDC were bridged via @NEARProtocol Intents bridge to Ethereum as ETH, and are lying dormant on several addresses.
AMLBot tweet media
English
1
1
8
485
Silo Intern
Silo Intern@SiloIntern·
Why permissionless DeFi is a double edged sword? dTRINITY got exploited for $257K today. here's what actually happened: their dLEND pool (an Aave v3 fork) had a rounding flaw in the cbBTC aToken share math. mint and burn both used the same half-up rounding conversion. at a high liquidity index, withdrawals could exceed deposits. attacker flash loaned, deposited ~$772 USDC valued as ~$4.8M collateral, borrowed 257K dUSD, then looped 127 deposit/withdraw cycles through a helper contract. each cycle extracted a bit more cbBTC than was put in. net profit after gas: ~$257K. pool TVL was only ~$435K. on March 5, @HypurrFi publicly disclosed a structural rounding vulnerability in Aave v3 versions prior to 3.5 with the same exploit pattern. conditions: high per-unit token price, low decimals, low gas fees. cbBTC checks all three. dLEND is an Aave v3 fork. unclear whether they were running a patched version, but the exploit matching a known vulnerability from 12 days earlier raises questions.
Defimon Alerts@DefimonAlerts

🚨 @dTRINITY_DeFi has been exploited for $257K The attacker flash-loaned USDC from Morpho, deposited ~$772 USDC which was valued as ~$4.8M collateral due to the inflated index, then borrowed 257K dUSD against this phantom collateral. Remaining USDC in the aToken was drained via 127 repeated deposit/withdraw cycles through a helper contract. TX: etherscan.io/tx/0xbec4c8ae1… Victim: etherscan.io/address/0x5cc7… Pool: etherscan.io/address/0x6598…

English
3
4
25
7.3K
chrisdior.eth
chrisdior.eth@chrisdior777·
🚨NEW HACK: @dTRINITY_DeFi exploited for ~$257K dTRINITY is the world's first subsidized stablecoin protocol. It basically takes money it earns from its stablecoin and uses it to pay part of the borrower’s interest. Backed by Frax, Sky, etc. What exactly happened? 👇 1. The attacker first flash-loaned USDC from Morpho to get large temporary liquidity for the exploit. 2. They then deposited only ~$772 USDC into dTRINITY, but due to an inflated internal index, the protocol treated that deposit as ~$4.8M of collateral. 3. That created phantom collateral, meaning the system recognized collateral value that did not actually exist. 4. Using that fake collateral, the attacker borrowed ~257K dUSD from the protocol. 5. After that, they used a helper contract to run 127 repeated deposit/withdraw cycles. 6. Those repeated loops drained the remaining USDC value sitting in the aToken accounting layer. 7. So the exploit was not about stealing via price oracle manipulation or reentrancy, but about abusing a broken internal index/accounting mechanism to turn a tiny deposit into borrowable fake value and then extract the rest through repeated loops. The protocol is already aware of the situation but the team hasn't came up with a public announcement. Alert by @DefimonAlerts
chrisdior.eth tweet mediachrisdior.eth tweet media
English
6
3
38
2K
Jordi in Cryptoland
Jordi in Cryptoland@lordjorx·
dTrinity on Ethereum has been exploited. The attacker used a massive flash loan of 11,366 cbBTC (~$841M) from Morpho to manipulate the exchange rate of the lending pool resulting in $257K of bad debt. This allowed them to borrow dUSD against "fake" collateral and drain the supply. @dTRINITY_DeFi is covering 100% of the losses with its treasury, which is good, but it doesn’t take away the frustration. I really like this protocol, but seeing its stablecoin on Sonic depegged only adds to the headache. As I always say, it’s pathetic that people dedicate more effort to doing evil than doing good. DeFi would be incredible if hackers just stopped messing around and let the good builders evolve. Sure, they force us to get better, but the constant malice is exhausting.
Jordi in Cryptoland tweet media
Jordi in Cryptoland@lordjorx

One of my favorite protocols is anding on Ethereum. While @dTRINITY_DeFi started on Fraxtal (a network I personally like) liquidity is on Mainnet. The data from is clear: out of $1.44M in total liquidity, over $1M is already on Ethereum. That’s more than two-thirds of the protocol moved to where the action is. What makes dTrinity unique is its dUSD stablecoin and a very clever subsidized loan model. Instead of paying interest to borrow, you actually get paid. Currently, taking a loan in dUSD can earn you around 6.6%. This happens because the yield generated by the collateral of the stablecoin is used to bribe the debt. This allows for some powerful loops: > Deposit assets (like sfrxUSD from @fraxfinance) as collateral. > Get paid to borrow dUSD. > Use that dUSD to buy more collateral and loop. A common fear with small stablecoins is the peg. However, as a borrower, a depeg would actually benefit you, as your debt would become cheaper to repay. Even so, dTrinity uses a stability model similar to Frax Finance, and it has held its peg remarkably well since launch. It’s a small project, so manage your risk, but the innovation here is impressive.

English
2
3
25
4.5K
Defimon Alerts
Defimon Alerts@DefimonAlerts·
🚨 @dTRINITY_DeFi has been exploited for $257K The attacker flash-loaned USDC from Morpho, deposited ~$772 USDC which was valued as ~$4.8M collateral due to the inflated index, then borrowed 257K dUSD against this phantom collateral. Remaining USDC in the aToken was drained via 127 repeated deposit/withdraw cycles through a helper contract. TX: etherscan.io/tx/0xbec4c8ae1… Victim: etherscan.io/address/0x5cc7… Pool: etherscan.io/address/0x6598…
Defimon Alerts tweet media
English
7
8
49
10.9K
ddimitrov22
ddimitrov22@ddimitrovv22·
Looks like dTRINITY is exploited due to an inflated index and suffered a ~$260k loss. - attacker took a flashloan and deposited $772 USDC - the collateral was valued at ~$4.8M deu to the inflated index - attacker borrowed $257k in bUSD TX details: etherscan.io/tx/0xbec4c8ae1…
English
4
4
43
3.2K
AMLBot
AMLBot@AMLBotHQ·
@dTRINITY_DeFi was exploited for $227k of USDC. According to our tracing, USDC were swapped via CoW Protocol to ETH and then deposited to Tornado Cash, with a fraction of funds sent to @FixedFloat.
AMLBot tweet media
English
0
0
1
416
AMLBot
AMLBot@AMLBotHQ·
@VenusProtocol has suffered from a $3.7 million exploit. Attacker used illiquid token $THE as collateral. For 3 months he quietly accumulated 84% of total supply and then used the funds to borrow liquid tokens, producing bad debt. Stolen funds were then transferred to BSC.
AMLBot tweet media
English
0
0
2
270
Degen Ape Trader
Degen Ape Trader@DegenApe99·
After 14 months of running, the $TRUST stake contract got exploited today. 88M was drained from the pool. @ivaavimusic did a UI update yesterday, not sure if it caused the issue or if other factors were involved. I'll have to wait until he wakes up to investigate. The exploiter bought 3M $TRUST at first, then found something that let him deposit and immediately withdraw with yield. And he looped it till the max. Smart-ass mfer. Whatever, the only good thing is we're down bad recently, so he only got about 16k USD out of this. It also nuked our smiling chimp down 50% in the process. I'm truly sorry for this. I'll need a few days to process my mind, take a snapshot, and refund all wallets based on the data. Probably will stay-away from any kinds of smart contract in the future, this one was audit, and at peak the worth is around 1.5m USD.
Degen Ape Trader tweet media
English
28
1
57
7.3K
AMLBot
AMLBot@AMLBotHQ·
@binance The last address 0xcb74874f1e06fcf80a306e06e5379a44b488ba2d was used to withdraw funds from earlier mentioned AMNOKGANG TECHNOLOGY DEVELOPMENT COMPANY and deposit them to Bitget.
AMLBot tweet media
English
0
0
0
129
AMLBot
AMLBot@AMLBotHQ·
@binance Addresses 0x95584c303fcd48af5c6b9873015f2ad0ca84eae3 and 0xb637f84b66876ebf609c2a4208905f9ddac9d075 belong to DPRK national Yun Song Guk, who led North Korean IT workers in Laos. It is worth noting that all the funds received by this individual are from centralized exchanges.
AMLBot tweet media
English
1
1
1
187
AMLBot
AMLBot@AMLBotHQ·
⚡️ USDC bans several addresses on ETH Mainnet Tracing and investigating their activity in this thread 👇
English
1
0
2
448

Keşfet

@ceo_hyperfocus @arkham @bubblemaps @justinsuntron @etherscan @Cointelegraph @web3_antivirus @MetaMask