Piteas

Occasionally, if you trade coins that have deprived PulseX of buy and burn by putting their liquidity somewhere else, you can get better order execution using piteas dot io. They're an order aggregator that combines liquidity from places outside PulseX. But for instance, if you're trading stable or weth for PLS, PLSX, HEX it's basically the same, except for infrastructure risk. You have to actually check what you receive as well, because some estimates aren't as good as others. Thus it's nice to have an aggregator for weird coins, but sucks a bit that it starves PLSX of buy and burn. Attached are some tests showing routes.

April ends as the most-hacked month in crypto history, by number of incidents.

You either supply chain attack a chrome extension, or hit them with malware in some way that force installs the extension. Then you just sit and wait. Watch what the user does, then inject the calldata. Or the malware can just modify an existing extension... either way. This recent attack is pretty specific to this one individual. 1. They crafted a call data response that closely matches the Piteas API. 2. They mined out an address that starts and ends similarly to the victims 3. They specifically ran that call data through the wallet in a way the UI would not normally do, but would fit the execution flow of a normal swap as to not raise any alarms. 4. the deadline parameters were set to give about a 10 min attack vector. This indicates they knew they could get the call data into the wallet, but not exactly sure on how much time they had to execute it. So they had to have it be able to survive for a window of time. I ran through the Piteas UI bundles, I tried to get the API to give me anything that would indicate it was compromised and I could not. I don't see anything that indicates Piteas itself is compromised. Now you can't rule out something like the Notepad++ hack where they were compromised, but the attackers were selectively hitting targets. But after talking to Piteas about it and seeing some logs, it seems unlikely. RAT's are really common, this smells like a RAT. Either in browser, or on the device. And they spent some time figuring out exactly how to do this one attack. my 2c anyways.

unfortunately, attacks on web3 touchpoints have increased a lot lately, and now users are being exploited through fake txs designed to target them directly. whether it’s Piteas or PulseX, Pulsechain or Ethereum, it doesn’t really matter which app or chain you’re on, because they send you pre-crafted calls based on the chain where your funds are and the app you use, then try to catch you with a blind sign. we urge everyone to stay careful and protect themselves from becoming the target of these growing attacks. our feeling is that DPRK may no longer be targeting just protocols, but users too. make sure your devices and your network or VPN are secure. stay safe.