Forwarded from Anon
Hi, everyone. A reminder that we have a chat where we share tools, researches and many other stuff. Do not hesitate to join 🔮❤️🫡
@ethers_club
@ethers_club
👍1
Forwarded from infinityhedge
URGENT: Blockaid systems have detected a potential supply chain attack targeting dApps that use Lottie Player.
A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link
DO NOT CONNECT YOUR WALLETS TO POP-UPS COMING ON WEBSITES
A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link
DO NOT CONNECT YOUR WALLETS TO POP-UPS COMING ON WEBSITES
Forwarded from infinityhedge
infinityhedge
URGENT: Blockaid systems have detected a potential supply chain attack targeting dApps that use Lottie Player. A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link…
1inch Front-End compromised
DO NOT CONNECT WALLET
DO NOT CONNECT WALLET
Looks like the crypto casino Metawin was exploited for $4M+ on Ethereum and Solana earlier today.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Source
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Source
Telegram
Investigations by ZachXBT
Looks like the crypto casino Metawin was exploited for $4M+ on Ethereum and Solana earlier today.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Cairo Security Unlocked: Zero Knowledge Security Course ( 9 parts)
https://youtube.com/playlist?list=PLUa3vKGsV9PofmXCLrkodJ9GoCSlSEJmW&si=RRTT7rCDV1v4Z32H
Follow for more @ethers_security
https://youtube.com/playlist?list=PLUa3vKGsV9PofmXCLrkodJ9GoCSlSEJmW&si=RRTT7rCDV1v4Z32H
Follow for more @ethers_security
YouTube
Cairo Security Unlocked Zero Knowledge Security Course
Unlock the secrets of Zero-Knowledge Security with our comprehensive Cairo Security Unlocked series. This course, brought to you by Extropy, is designed to e...
Hey) A telegram chat where we share blockchain tools, security checklists, osint instruments and much more. Do not hesitate to join. Reposts and likes are highly appreciated 💜💙
https://news.1rj.ru/str/ethers_club
https://news.1rj.ru/str/ethers_club
Forwarded from Arseniy R
Gm hackers, we have made the public real-time DeFi security feed: https://news.1rj.ru/str/defimon_alerts
For bug bounty hunters we also indexed all smart contracts in scope of Immunefi to notify about proxy upgrades, governance & access control activity. Enjoy!
For bug bounty hunters we also indexed all smart contracts in scope of Immunefi to notify about proxy upgrades, governance & access control activity. Enjoy!
Telegram
Defimon Alerts
Real-time security alerts for DeFi
https://defimon.xyz
https://defimon.xyz
👍2
Malware in the @solana/web3.js
Seen some similar cases of npm takeover in the past. Be careful💫
https://x.com/anza_xyz/status/1864085236432134264?s=46
Linkedin post
Additional research
https://x.com/beeman_nl/status/1864068026120786169?s=46
Seen some similar cases of npm takeover in the past. Be careful💫
https://x.com/anza_xyz/status/1864085236432134264?s=46
Linkedin post
Additional research
https://x.com/beeman_nl/status/1864068026120786169?s=46
👍3
UniV4 Useful Stuff🙏✌️❤️
Bad Hook with Broken Access Control
https://composable-security.com/blog/uniswap-v-4-bad-hook-with-broken-access-control/
Oracle Hook with Malicious Owner
https://composable-security.com/blog/uniswap-v-4-oracle-hook-with-malicious-owner/
Liquidity Theft via Hook Fee
https://composable-security.com/blog/uniswap-v-4-liquidity-theft-via-hook-fee/
Re-initialization Leading to Funds Locked
https://composable-security.com/blog/uniswap-v-4-re-initialization-leading-to-funds-locked/
Threats for Uniswap v4 Hooks
https://composable-security.com/blog/threats-for-uniswap-v-4-hooks/
Further Research to Improve Hooks Security
https://composable-security.com/blog/uniswap-v-4-further-research-to-improve-hooks-security/
🥳Follow for more @ethers_security
Chat @ethers_club
Bad Hook with Broken Access Control
https://composable-security.com/blog/uniswap-v-4-bad-hook-with-broken-access-control/
Oracle Hook with Malicious Owner
https://composable-security.com/blog/uniswap-v-4-oracle-hook-with-malicious-owner/
Liquidity Theft via Hook Fee
https://composable-security.com/blog/uniswap-v-4-liquidity-theft-via-hook-fee/
Re-initialization Leading to Funds Locked
https://composable-security.com/blog/uniswap-v-4-re-initialization-leading-to-funds-locked/
Threats for Uniswap v4 Hooks
https://composable-security.com/blog/threats-for-uniswap-v-4-hooks/
Further Research to Improve Hooks Security
https://composable-security.com/blog/uniswap-v-4-further-research-to-improve-hooks-security/
🥳Follow for more @ethers_security
Chat @ethers_club
Smart Contract Audits - Composable Security
Uniswap V4: Bad hook with broken access control - Smart Contract Audits - Composable Security
The threat scenario covered in this article is "attacker calls hooks directly on the hook contract".
❤2🔥1
Forwarded from Anon
Glad to see all of the newcomers here. New materials are being collected and soon I will start sharing cool stuff. In the meantime, I would like to invite all of you to our cosy chat where we exchange knowledge
I would also like to wish all of you a Merry Christmas and a Happy New Year. Stay tuned 🥰🫡🎉
I would also like to wish all of you a Merry Christmas and a Happy New Year. Stay tuned 🥰🫡
Please open Telegram to view this post
VIEW IN TELEGRAM
Telegram
Anon
Hey) A telegram chat where we share blockchain tools, security checklists, osint instruments and much more. Do not hesitate to join. Reposts and likes are highly appreciated 💜💙
https://news.1rj.ru/str/ethers_club
https://news.1rj.ru/str/ethers_club
Forwarded from Anon
A really good chance for you guys to gain experience with UniswapV4 and build a hook on the hackaton. More about the program you can read by following the link below. The 2025 will have 4 of such incubators. Don't miss your chance:)
https://atrium.academy/uniswap
https://atrium.academy/uniswap
atrium.academy
Uniswap Hook Incubator
Guiding DeFi developers through every step of launching a Uniswap Hook. Designed with industry experts.
👍1