Forwarded from Anon
Hi, guys. Unfortunately, I am not so active in this half of the year due to personal reasons🥲 However, I am planning to fix it quite soon. Meanwhile, if the content on these resources helped you or your friends, I would be grateful for a donation🫶
Tron (TRC20)
TPyHztRbhq4SgRogmHHhUeAJpYjfrpmvab
EVM
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516
Tron (TRC20)
TPyHztRbhq4SgRogmHHhUeAJpYjfrpmvab
EVM
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1
Forwarded from Kotya security (Vladislove)
A great article showcasing that even in case everything has been compromised - the hardware wallet still can safe you on the example of the Radiant key compromise exploit. I personally use SafePal S1 as it doesn't have WiFi, Bluetooth or any other connections to the world - a fully offline device.
https://medium.com/@bazzanigianfranco/how-to-not-blind-signing-safe-multi-sign-transactions-with-our-hardware-wallet-abd0cee9226c
https://medium.com/@bazzanigianfranco/how-to-not-blind-signing-safe-multi-sign-transactions-with-our-hardware-wallet-abd0cee9226c
Medium
How to (not) blind-sign Safe multisig transactions with our hardware wallet
The screen on our hardware wallet is our last untamperable frontier when it comes to sign any transaction, it is crucial to double-check…
❤4👍1
Forwarded from Anon
Hi, everyone. A reminder that we have a chat where we share tools, researches and many other stuff. Do not hesitate to join 🔮❤️🫡
@ethers_club
@ethers_club
👍1
Forwarded from infinityhedge
URGENT: Blockaid systems have detected a potential supply chain attack targeting dApps that use Lottie Player.
A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link
DO NOT CONNECT YOUR WALLETS TO POP-UPS COMING ON WEBSITES
A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link
DO NOT CONNECT YOUR WALLETS TO POP-UPS COMING ON WEBSITES
Forwarded from infinityhedge
infinityhedge
URGENT: Blockaid systems have detected a potential supply chain attack targeting dApps that use Lottie Player. A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link…
1inch Front-End compromised
DO NOT CONNECT WALLET
DO NOT CONNECT WALLET
Looks like the crypto casino Metawin was exploited for $4M+ on Ethereum and Solana earlier today.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Source
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Source
Telegram
Investigations by ZachXBT
Looks like the crypto casino Metawin was exploited for $4M+ on Ethereum and Solana earlier today.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Cairo Security Unlocked: Zero Knowledge Security Course ( 9 parts)
https://youtube.com/playlist?list=PLUa3vKGsV9PofmXCLrkodJ9GoCSlSEJmW&si=RRTT7rCDV1v4Z32H
Follow for more @ethers_security
https://youtube.com/playlist?list=PLUa3vKGsV9PofmXCLrkodJ9GoCSlSEJmW&si=RRTT7rCDV1v4Z32H
Follow for more @ethers_security
YouTube
Cairo Security Unlocked Zero Knowledge Security Course
Unlock the secrets of Zero-Knowledge Security with our comprehensive Cairo Security Unlocked series. This course, brought to you by Extropy, is designed to e...
Hey) A telegram chat where we share blockchain tools, security checklists, osint instruments and much more. Do not hesitate to join. Reposts and likes are highly appreciated 💜💙
https://news.1rj.ru/str/ethers_club
https://news.1rj.ru/str/ethers_club
Forwarded from Arseniy R
Gm hackers, we have made the public real-time DeFi security feed: https://news.1rj.ru/str/defimon_alerts
For bug bounty hunters we also indexed all smart contracts in scope of Immunefi to notify about proxy upgrades, governance & access control activity. Enjoy!
For bug bounty hunters we also indexed all smart contracts in scope of Immunefi to notify about proxy upgrades, governance & access control activity. Enjoy!
Telegram
Defimon Alerts
Real-time security alerts for DeFi
https://defimon.xyz
https://defimon.xyz
👍2
Malware in the @solana/web3.js
Seen some similar cases of npm takeover in the past. Be careful💫
https://x.com/anza_xyz/status/1864085236432134264?s=46
Linkedin post
Additional research
https://x.com/beeman_nl/status/1864068026120786169?s=46
Seen some similar cases of npm takeover in the past. Be careful💫
https://x.com/anza_xyz/status/1864085236432134264?s=46
Linkedin post
Additional research
https://x.com/beeman_nl/status/1864068026120786169?s=46
👍3
UniV4 Useful Stuff🙏✌️❤️
Bad Hook with Broken Access Control
https://composable-security.com/blog/uniswap-v-4-bad-hook-with-broken-access-control/
Oracle Hook with Malicious Owner
https://composable-security.com/blog/uniswap-v-4-oracle-hook-with-malicious-owner/
Liquidity Theft via Hook Fee
https://composable-security.com/blog/uniswap-v-4-liquidity-theft-via-hook-fee/
Re-initialization Leading to Funds Locked
https://composable-security.com/blog/uniswap-v-4-re-initialization-leading-to-funds-locked/
Threats for Uniswap v4 Hooks
https://composable-security.com/blog/threats-for-uniswap-v-4-hooks/
Further Research to Improve Hooks Security
https://composable-security.com/blog/uniswap-v-4-further-research-to-improve-hooks-security/
🥳Follow for more @ethers_security
Chat @ethers_club
Bad Hook with Broken Access Control
https://composable-security.com/blog/uniswap-v-4-bad-hook-with-broken-access-control/
Oracle Hook with Malicious Owner
https://composable-security.com/blog/uniswap-v-4-oracle-hook-with-malicious-owner/
Liquidity Theft via Hook Fee
https://composable-security.com/blog/uniswap-v-4-liquidity-theft-via-hook-fee/
Re-initialization Leading to Funds Locked
https://composable-security.com/blog/uniswap-v-4-re-initialization-leading-to-funds-locked/
Threats for Uniswap v4 Hooks
https://composable-security.com/blog/threats-for-uniswap-v-4-hooks/
Further Research to Improve Hooks Security
https://composable-security.com/blog/uniswap-v-4-further-research-to-improve-hooks-security/
🥳Follow for more @ethers_security
Chat @ethers_club
Smart Contract Audits - Composable Security
Uniswap V4: Bad hook with broken access control - Smart Contract Audits - Composable Security
The threat scenario covered in this article is "attacker calls hooks directly on the hook contract".
❤2🔥1
Forwarded from Anon
Glad to see all of the newcomers here. New materials are being collected and soon I will start sharing cool stuff. In the meantime, I would like to invite all of you to our cosy chat where we exchange knowledge
I would also like to wish all of you a Merry Christmas and a Happy New Year. Stay tuned 🥰🫡🎉
I would also like to wish all of you a Merry Christmas and a Happy New Year. Stay tuned 🥰🫡
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Anon
Hey) A telegram chat where we share blockchain tools, security checklists, osint instruments and much more. Do not hesitate to join. Reposts and likes are highly appreciated 💜💙
https://news.1rj.ru/str/ethers_club
https://news.1rj.ru/str/ethers_club
Forwarded from Anon
A really good chance for you guys to gain experience with UniswapV4 and build a hook on the hackaton. More about the program you can read by following the link below. The 2025 will have 4 of such incubators. Don't miss your chance:)
https://atrium.academy/uniswap
https://atrium.academy/uniswap
atrium.academy
Uniswap Hook Incubator
Guiding DeFi developers through every step of launching a Uniswap Hook. Designed with industry experts.
👍1