Sabitlenmiş Tweet
Announcing my rejected talk for @bsidespyongyang:
Is that "web3 enthusiast" follower with the anime PFP acting suspicious?
Find out if you have confirmed North Korean followers at dprkdetector.app.
English
noid
564 posts
@__noided @max_spero_ everybody look at the millionaire who had a TI Inspire
English
English
Moved over my personal gear to @cloudsmith free tier for NPM/PyPi so I can at least answer the question "did I download that dodgy NPM package?". dotfiles updated for my machines to pull from a mirror. Logging works ok, just need to feed in my hostname somehow vs just IP. But the tradeoff is that I loose "min-release-age" protection as all assets are cached... baby steps xD
English
@crypto_domin You can actually use Dune for this instead of having to tab through hundreds of pages!
x.com/i/status/19781…
noid@__noided
Link to my query: dune.com/queries/5960545 Feel free to fork or adapt for other chains. This works in the free tier as long as you reasonably bound the date search window.
English
[🧵3/9]
...dosłownie 5 minut i w dodatku na telefonie...
Oto jak to zrobiłem:
> Wszedłem na Ethplorer → kontrakt USDC → lista token holders.
> Ręcznie edytowałem URL, żeby skakać po 50–100 stron naraz.
> Znalazłem zakres sald ~30,100–30,220 USDC i idealnie pasujący rekord 30,215,32 USDC.
> Zweryfikowałem pozostałe tokeny (ETH, VXT, HEX) - wszystko się zgadzało.
Rezultat:
0x76bd8ec08e8a05215a7ef906b723e5a503ca1590
Polski
Pokażę Wam, jak w prosty sposób namierzać portfele crypto w oparciu o szczątkowe informacje 😏
Metod jest oczywiście więcej, ale dwa przykłady poniżej pokażą Wam konkretny, praktyczny kierunek. Możecie szukać gangsterów i scammerów (jak ja), albo po prostu portfeli różnych influ - dla funu lub copy tradingu.
Zacznę od najświeższego przypadku, który mi się trafił kilka dni temu [🧵1/9]
Dominik Konopacki@crypto_domin
Man... that was so easy... 😂 0x76bd8ec08e8a05215a7ef906b723e5a503ca1590 @circle you might be interested (it took me 5 minutes)
Polski
@enjojoyy @EthPrague If you haven't already can you please report the domain to SEAL911 for tracking and blocking? github.com/security-allia…
English
noid retweetledi
Scam alert🚨
A fake account of one of @EthPrague organizers reached out to me and asked to join a workspace
Some people I know also got targeted from other fake accounts
Be extremely careful and never copy and run scripts that you don't know, even if they're from "Google".
English
@inf0stache I have something similar and tbh it's a little shocking that the official NPM team can't do the same
English
woah my little homemade npm pipeline caught one.
Socket@SocketSecurity
UPDATE: So far we've identified 639 compromised npm package versions across 323 unique packages in tonight’s Mini Shai-Hulud wave. That includes 558 versions across 279 unique @antv packages. Most were detected within ~6 minutes of publication. socket.dev/blog/antv-pack…
English
>hacker "did something"
>The money is gone
Thank you for attending my PM
GIF
Tay 💖@tayvano_
lmaooooooooooooooooo "we're not a casino" doesn't make up for your atrocious post-mortems (regarding summer 2021 exploit #2...or maybe #3. this one 0x3a196410a0f5facd08fd7880a4b8551cd085c031)
English
5 hours old. Detected by @SocketSecurity as malware. @sonatype flags as suspicious but not malicious.
English
@solarise_webdev @billclerico You need to do:
/goal plant and harvest tomatoes
English
Claude Code is Farmville for 40 year old former software engineers
English
@sonatype @SocketSecurity There should be no less than a dozen yara rules firing on this. Looks like regular obfuscator.io patterns. Huge entropy. Node OS shelling.
English
Another one from the same family - not detected by @sonatype or @SocketSecurity yet (env-threads)
Same C2
npmjs.com/package/env-th…
noid@__noided
NPM Malware Alert - npmjs.com/package/env-no… All versions drop a Windows stealer. Still live on NPM right now. Your pnpm cooldown scripts might not stop this - first commit was a month ago. IOCs: - emphasis-friday-even-administrator<.>trycloudflare.com/download/epsi
English
“Hey Peter, what’s happening… I noticed that you only used 2 million tokens yesterday. The company minimum is 100 million per day…. So, uh if you could uh, just get that token spend up a bit, that would be great…”
Joe Weisenthal@TheStalwart
The FT says that Amazon employees are doing random unnecessary task automations to consume tokens and to show their bosses that they're using AI more ft.com/content/8ee0d3…
English
@vxunderground It would be better for society if threat actors faced off against each other like in Drumline
GIF
English
I need to make a confession. When I initially read "band for band" I thought he meant a musical band. Like, they were both playing the guitar or something to see who had the most cool and badass guitar solo.
English
I saw a write-up today from ZachXBT about a Threat Actor named Dritan.
In this write-up he showed Dritan flexing money, going "band for band" with people on Discord, purchasing luxury clothing, and many other things.
It is believed he may possess as much as $19,000,000 from fraud.
That is absolutely disgusting. It sickens me.
Do you have any idea how much pizza, Monster energy drinks, prescription medication, and Robux I could purchase with $19,000,000?
He needs to stop this hedonistic lifestyle and focus on what's important.
English
I stepped away for lunch today and used Codex /goal to deploy my web service, but my VPN timed out somewhere in that window.
Because Codex was connected to Slack MCP it sent a message to several channels, and then later, DMs.
I disconnected everything so fast, huge wtf moment.
GIF
English