Spotter
466 posts

Spotter
@sadspotter
The proactive alert system against crypto exploits!
Dubai, UAE Katılım Şubat 2023
17 Takip Edilen649 Takipçiler

It looks like there is an exploit on TrustedVolumes (1inch market maker / resolver, @trustedvolumes ).
Same attacker as the March-2025 1inch Fusion V1 incident!
Total extracted so far: ~$5.87M (1,291.16 WETH + 206,282 USDT + 16.939 WBTC + 1,268,771 USDC).
h/t @blockaid_
English

🚨 Just in: A $2M exploit hit $NGP
Here's how it went down...
The token's transfer logic deducts 35% of the selling amount from the pool balance, which then syncs. Exploiter flash-loaned $211M to tank the NGP balance super low.
Selling just 1.36M NGP slashed the reserve 13.6M times from 477K to 0.035.
A thread 🧵🧵
English

Unbelievable! The suspected owner of a deep-web marketplace just walked free due to a police blunder!
In shocking footage, two officers are seen "working" behind the suspect's computer. One officer pulls out a flash drive and destroys everything as the data self-destructs! 😱💥
But how did this actually happen? A thread ⬇️
English

SwissBorg experienced an incident a few hours ago and 192.6K SOL ($41.5M) was stolen on Solana - @zachxbt
Theft address:
TYFWG3hvvxWMs2KXEk8cDuJCsXEyKs65eeqpD9P4mK1

English

Overnight food orders to the Pentagon have increased significantly, according to OSINT experts. This is a concerning indication since, in accordance with an unofficial custom, the "pizza index" represents the internal operations of the US Department of Defense, which take place prior to military decisions.
Although this information is not entirely reliable in my opinion, it might be a helpful indicator for @Polymarket @PolymarketIntel

English

2.6M USDT loss from a targeted address poisoning scam involving zero-value transfers - according to @CyversAlerts. A single victim was repeatedly scammed by the same attacker address.
First, the victim lost 843K USDT. About 3 hours later, the same victim sent 1.75M USDT again to the same scammer — totaling ~2.6M USDT lost.
Lesson:
• Never ever copy an address from transaction history or from Etherscan!
• Use address book in your wallet!
• Always double-check addresses 1:1 before sending.
English

@CetusProtocol Beggars who write messages (to hacker) are always good in their imagination... Like WTF

English


COINBASE DATA LEAK!
@coinbase : Cyber criminals bribed and recruited a group of rogue overseas support agents to steal Coinbase customer data to facilitate social engineering attacks. These insiders abused their access to customer support systems to steal the account data for a small subset of customers. We will reimburse customers who were tricked into sending funds to the attacker. We’re cooperating closely with law enforcement to pursue the harshest penalties possible and will not pay the $20 million ransom demand we received. Instead we are establishing a $20 million reward fund for information leading to the arrest and conviction of the criminals responsible for this attack.

English

AngelFerno keeping up with the latest EIP7702 developments!
A drainer update has been released adding Pectra (EIP-7702) support, enabling the drainer to withdraw up to 10 assets in a single approval, even if other aggregators like Permit2 have access. This batch withdrawal feature is live on Ethereum, BSC, and Gnosis networks for AngelFerno.
h/t @saiyangod
Vladimir S. | Officer's Notes@officer_secret
Reminder guys: now with PECTRA ethereum upgrade, you only need to sign a message to get completely drained! Before, you actually had to sign the TX. Be very careful of what you sign now - even an offchain message!
English

It looks like there is an attacker exploiting the @zora claim contract for @0xProject's allocation…
$128k in ZORA had been stolen so far.
Information by @blockaid_

English

Over $100 million drained from Bitget in minutes!
This might be the most brutal crypto exploit since Bybit. Information below ⬇️
Crypto Jargon@Crypto_Jargon
A trader turned $100 into $3 million in just 10 minutes. Another trader made a profit of $42 million. These screenshots weren't just for showing off—they proved that there was a major problem. The cause? A trading error that made Bitget’s market-making bot a quick money maker for those who acted fast enough.
English

One of my oldest works from 2020 — «From Zapper Post-Mortem to using Front-run in project defense. Theory post».🫡
web.archive.org/web/2022012311…
English

This device looks cool 👀 WDYT?
shop.kingston.com/products/ironk…
English

It seems that the 2,930 ETH stolen from @zkLend was deposited into Phishing website imitating TornadoCash and was immediately taken away by the phishing website’s operators.
H/T @TornadoCashBot
English


