EthSecurity @EthSecurity - Twitter Profile

1-Bitcoin Lightning bug allows remote theft of bitcoin via LND nodes. https://t.co/3dSlPwDGAy 2-Uncovering and Fixing an Inflation Bug in Aleo. https://t.co/CfzIezZai6

0

1

864

EthSecurity retweeted

Vladimir S. | Officer's Notes

@officer_secret

11 months ago

Use this list of fantastic telegram channels I've put together in order to discover them as your own personal Web3-Google! Feel free to use this folder to onboard your non-web3 friends to Web3, as the majority of the channels are maintained by independent researchers. There are also additional channels for news, CT reviews, and more!

officer_secret's tweet photo. Use this list of fantastic telegram channels I've put together in order to discover them as your own personal Web3-Google!

Feel free to use this folder to onboard your non-web3 friends to Web3, as the majority of the channels are maintained by independent researchers. There are also additional channels for news, CT reviews, and more!

4

29

7

15

4K

EthSecurity @EthSecurity

11 months ago

@Sarah4Trump_ Peace

0

14

EthSecurity retweeted

Trail of Bits

@trailofbits

11 months ago

MCP security issues are well-documented, and now new defensive tools and testing strategies are emerging to help developers secure their implementations. 🧵

2

27

5

14

5K

EthSecurity @EthSecurity

12 months ago

@cvetanovv0 @sherlockdefi This is basic advice seems for noobs

0

148

EthSecurity @EthSecurity

about 1 year ago

Level up your blockchain security skills with hands-on shadow audits of real-world smart contracts. Get instant AI-powered feedback and track your progress. https://t.co/H8eobC3nY1

1

4

0

5

339

EthSecurity @EthSecurity

about 1 year ago

The hacker behind the Nomad hack has been arrested poor guy, he is responsible for hacking 2.8 $ M. hundreds of wallets participated in the nomad bridge exploit. he is 47 years old and going to jail for 50 years. note: do not change your name when leaving israel

0

1

0

380

EthSecurity retweeted

Chaofan Shou

@Fried_rice

about 1 year ago

1inch market maker @trustedvolumes got hacked for over $4.5M and a few smaller MMs got hacked for $0.5M yesterday. The root cause is that 1inch calls MM contract’s resolveOrders function to get funds to its settlement contract. Most bots only checked the msg.sender = settlement contract - and unfortunately there was an arbitrary call vulnerability in settlement contract. Thus the hacker could forge resolveOrders call and drain MM contracts. The funny thing is the hacker incorrectly transferred half of the stolen funds to the 1inch settlement contract, making the funds available for everyone to grab, and he spent quite sometime to get funds back. We were trying to compete but the hacker got it first unfortunately.

Fried_rice's tweet photo. 1inch market maker @trustedvolumes got hacked for over $4.5M and a few smaller MMs got hacked for $0.5M yesterday.

The root cause is that 1inch calls MM contract’s resolveOrders function to get funds to its settlement contract. Most bots only checked the msg.sender = settlement contract - and unfortunately there was an arbitrary call vulnerability in settlement contract. Thus the hacker could forge resolveOrders call and drain MM contracts.

The funny thing is the hacker incorrectly transferred half of the stolen funds to the 1inch settlement contract, making the funds available for everyone to grab, and he spent quite sometime to get funds back. We were trying to compete but the hacker got it first unfortunately.

10

235

30

105

58K

EthSecurity retweeted

SlowMist

@SlowMist_Team

about 1 year ago

⚠️A critical vulnerability (GHSA-vjh7-7g9h-fjfh) has been discovered in the widely-used elliptic encryption library. 😈Attackers can exploit this flaw by crafting specific inputs to extract private keys with just a single signature, potentially compromising digital assets or identity credentials. ✍️In our latest article, we break down the vulnerability—its root cause, impact, and how to mitigate the risks. ❤️Special thanks to @Rabby_io for providing the vulnerability intelligence. 🔗Read the full analysis here: https://t.co/5IVZpjuCr6

9

131

35

65

24K

EthSecurity @EthSecurity

over 1 year ago

@4lteredBeast @mattkratter @USTreasury correct. if a protocol on ethereum were hacked EF do not fork it unless Ethereum protocol hacked

0

2

0

89

EthSecurity retweeted

oot2k

@oot2k1

over 1 year ago

Certik makes 50.000.000 USD with token audits every year. We tend to think that contests are a good representation of the overall security market, but there is so much more then that.

8

66

1

18

5K

EthSecurity @EthSecurity

over 1 year ago

Urgent Update for Geth Users! Attention validators! If you are running Geth v1.15.1, upgrade to v1.15.2 immediately to prevent potential financial loss! https://t.co/VjkvtboQCV

0

4

0

1

640

EthSecurity @EthSecurity

over 1 year ago

@NiohBerg what the fuck is "iranian regime"? all they we know as regime are not iranian, most of them like their leader seyed ali hosseini is arab

0

2

0

59

EthSecurity @EthSecurity

over 1 year ago

@sherlockdefi Does Transferfrom check revert on failure?

0

1

0

205

EthSecurity @EthSecurity

over 1 year ago

@sherlockdefi read storage find secret

0

1

0

74

EthSecurity

@EthSecurity

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users