Olivia
Online
Whitehat
@TokenLith
Joined July 2023
2 Following
1 Followers
25 Posts
@PrismaFi faced an $11.6M exploit, but white hat hackers returned the funds after negotiating a bounty through a rescue operation. Understanding the hack's root causes is crucial to prevent future incidents. Read more about the $11M hack breakdown https://t.co/wkxfVvwfok
Really learn alot from this breakdown
@PrismaFi faced an $11.6M exploit, but white hat hackers returned the funds after negotiating a bounty through a rescue operation. Understanding the hack's root causes is crucial to prevent future incidents. Read more about the $11M hack breakdown https://t.co/wkxfVvwfok
Startup idea: Establish a CISO-as-a-Service company. With companies increasingly seeking to hire full-time security specialists, offering expert CISOs to their teams would definitely make this idea successful.
#Security Alert: Understanding the $8.5 Million WOOFi Exploit
On Mar 5th, WOOFi encountered a devastating flash loan attack on the Arbitrum network, resulting in loss of $8.5 million. Here's a breakdown of what happened & how you can prevent it :
https://t.co/bpo8VjYJv6
Here is a brief explanation of the recent $8.5 million #Woofi hack. Learn from it and avoid making the same mistake in your contracts
๐ซก
A few hours ago, a @minerercx exploited a vulnerability resulting in a loss of $456k.
The vulnerability lies in the `_update` function. If a user transfers tokens to themselves within the same transaction, there is indeed a potential for their balance to double. This scenario arises because the `_update` function utilizes cached balance values for the sender (`from`) and recipient (`to`). When a user transfers tokens to themselves, the balance update process might not accurately reflect the change.
Here's how this scenario unfolds:
1. The `_update` function is called with `from` and `to` being the same address.
2. It retrieves the cached balance for that address before the transfer.
3. It subtracts the `value` from the cached balance for the sender (`from`) and adds the `value` to the cached balance for the recipient (`to`), which is the same address.
4. The balances are updated using the cached values, potentially resulting in a doubled balance for that address.
The total fund loss for the miner is almost $456k.
https://t.co/slNoruvrHL is the breakdown of the transaction.
wohhh๐
๐ Exciting Announcement from PrismBlocks Community! ๐
We're thrilled to share that we participated in the Future Crime Summit 2024 held in Delhi, India! โจ It was an incredible opportunity to connect with the brightest minds from the Indian government, authorities, and leading blockchain companies.
At PrismBlocks, we're dedicated to shaping a secure blockchain future. Our next-gen fraud detection engine is set to redefine blockchain security. The response we received was beyond amazing!
Stay tuned with us as we embark on a journey to revolutionize blockchain security worldwide. Together, we're paving the way for a safer digital landscape. ๐ก #PrismBlocks #BlockchainSecurity #FutureOfTech ๐
In the recent Future Crime Summit 2024, I had the opportunity to meet some of the biggest minds of the Indian government, which was really insightful for me. I learned a lot from them. However, I noticed that many professors from institutes were also attending to explore new ideas to teach their students. I had great conversations with them, and they expressed interest in collaborating on blockchain initiatives wth us . The point is, we need these professors in all Indian institutes who are making efforts to guide their students about trending and future technologies #futurecrime2024
#Caution: Recently, many malicious links have been circulating, claiming to be associated with @alt_layer token distribution. These links are fully malicious; never click on them. The sender's email address is [email protected].
indeed
Audit firms frequently impose high charges, encompassing branding expenses. If your budget is limited, solo auditors offer a cost-effective solution, charging solely for the audit without additional branding costs. Nowadays, solo auditors often provide impressive audit quality.
Cloud security is as crucial as the security of your smart contracts. Always prioritize securing both Web 2 and Web 3 components. Recently, Ukrainian hackers executed 1500 different brute force attacks to compromise a cloud server, resulting in the theft of millions in crypto
fact๐
In a single round, you can't cover all potential vulnerabilities. Single-round audits are only 30% as secure as multi-round audits. It's crucial to perform 2-3 rounds to mitigate risks effectively
solid thread๐ซก
intersting
๐ Solidity 0.8.24 Release Announcement ๐
๐ Solidity v0.8.24 is out and it comes with some interesting features ๐
1. Prepared for the "Cancun" network upgrade
2. Support for transient storage (EIP-1153)
3. Introduction of shard blob transactions (EIP-4844)
4. Integration of BLOBBASEFEE opcode (EIP-7516)
5. Introduction of MCOPY - Memory copying instruction (EIP-5656)
6. Revised SELFDESTRUCT behavior (EIP-6780)
7. Compatibility with Apple silicon chips
8. Various bug fixes and enhancements
Upgrade now to leverage these advancements in your Solidity development journey! #Solidity #Blockchain #Ethereum #blockchainsecurity #hack #Crypto ๐ ๏ธ๐ป
https://t.co/ZyZUPyyJBf
๐จ Security Breach Update ๐จ: https://t.co/6AbYOQB1WL
on Arbitrum recently suffered a $1.7M hit in a cunning social engineering attack. Here's a breakdown:
The attacker slyly altered the CONE-1 proxy contract, swapping it from ConeCamelotVault to their controlled contract. AdminMint() privileges were manipulated, putting 0x105f52fcC329cEF4CBe25BC946f8a3738414E4A1 in control. Result? A substantial minting of LP tokens. ๐ต๏ธโโ๏ธ Stay informed, fellow #DeFi enthusiasts! #ConcentricSecurity #ArbitrumIncident #CryptoAlert ๐๐#prismblocks #blockchainsecurity #Web3
it is a biggest hack of 2024 ??
๐จ Security Alert ๐จ
@GAMEEToken has experienced a security breach! Unauthorized deployer key access led to an attack using the recoverERC721s() function, bypassing $GMEE recovery protection. Approximately 600m $GMEE has been drained from the contract.
๐ Attack transactions:
1๏ธโฃ https://t.co/300iUC815p
2๏ธโฃ https://t.co/UhsCUpHl39
โ ๏ธ Important: The $GMEE's _transferFrom() implementation skips the allowance check, allowing the attacker to use transferFrom() without pre-approval. Exercise caution with OpenZeppelin's ERC20.transferFrom() function.
Stay vigilant and follow @GAMEEToken and @prism_blocks for updates on the ongoing investigation and steps being taken to secure the platform.
join our telegram community -https://t.co/1kN7f9VItY
#SecurityAlert #CryptoNews #GAMEEToken #BlockchainSecurity #prism_blocks
๐
๐จ Ethereum Rug Pulls Research๐จ
Over 1,300 rug pulls on the Ethereum Mainnet share a common pattern!
๐ธ $32M stolen (14,000 ETH)
๐คฏ 42,000+ victims
๐ต๏ธโโ๏ธ Scammers utilize sophisticated tactics, making tracking challenging.
๐ In-depth Analysis ๐ Revealing how scammers execute rug pulls with deceptive techniques. Notably, funds flowed into Binance Exchange hot wallets.
๐ TL;DR ๐ Scammers exploit FOMO by mimicking upcoming crypto projects. Token names like Wisealth, RabbitRun, DreamFi, and... Blockfence! They ride the memecoin trend with tokens such as AIPEPE, Purple Pepe, Pepe Chain, Pepe Race, and Baby Pepe.
๐ Scam Overview ๐ Thousands of tokens created with red flags:
- Fake max supply
- Token owner can burn holders' tokens
- Infinite minting for admins
- LP tokens lock
- "Verified" contracts
- Hidden contracts
- Renouncing ownership
- Automatic creation of tokens with trending memecoin names
๐ต๏ธโโ๏ธ Example ๐ต๏ธโโ๏ธ Unpacking the scam: The scammers used a prominent brand name as a trigger, illustrating their extensive operation plan. This is just one of many fraudulent tokens.
๐ซ Protect Yourself ๐ซ Stay vigilant! Verify project authenticity and report suspicious activity. We're actively working to combat these scams.
#CryptoSecurity #RugPulls #ScamAlert #BlockchainSecurity #StaySafeCryptoFam
๐จ SECURITY ALERT ๐จ
@samudaixyz has fallen victim to a significant security breach, resulting in the loss of $1.2M worth of ETH from both the founder's and multisig wallets.
๐ Investigation is underway, and the community is urged to report any suspicious activity related to this incident.
๐ฐ A 10% bounty has been announced for the safe return of the stolen funds. Your cooperation is vital in bringing justice to the affected party.
๐ Stay vigilant and consider adopting prismblocks, the ultimate solution to eliminate the risk of crypto theft from enterprise wallets.
#blockchainsecurity #CryptoSecurity #ETH #FailSafe #StaySafeCryptoCommunity #hack #exploit #prismblocks
huge security breach
๐จ SECURITY ALERT ๐จ
@samudaixyz has fallen victim to a significant security breach, resulting in the loss of $1.2M worth of ETH from both the founder's and multisig wallets.
๐ Investigation is underway, and the community is urged to report any suspicious activity related to this incident.
๐ฐ A 10% bounty has been announced for the safe return of the stolen funds. Your cooperation is vital in bringing justice to the affected party.
๐ Stay vigilant and consider adopting FailSafe, the ultimate solution to eliminate the risk of crypto theft from enterprise wallets.
#blockchainsecurity #CryptoSecurity #ETH #FailSafe #StaySafeCryptoCommunity #hack #exploit #prismblocks
๐จ #SocketProtocol Update ๐จ
@SocketDotTech fell prey to a call injection attack, resulting in a staggering loss of $3.3M. The breach's epicenter lies in an insecure call within the performAction function. Overlooking scenarios with 0 WETH transfers allowed the attacker to specify alternative functions, bypassing the balance check. ๐ต๏ธโโ๏ธ
The attacker's meticulous calldata manipulation executed transferfrom() on arbitrary tokens, transferring funds approved by other users to their address. ๐
Misappropriated funds currently held at: 0x50DF5a2217588772471B84aDBbe4194A2Ed39066.
๐ข Join Our Community on Telegram!
Be part of the excitement! Join our Telegram channel for amazing updates, discussions, and exclusive insights. Click here to join: https://t.co/1kN7f9VItY
#CyberSecurity #blockchainsecurity #prismblocks #hack #exploit
Last Seen Users on Sotwe
Kasim Can
MaduroEcatepec
Seen from India
ARSIP EXC VIP 
Seen from Indonesia
Seven๐บ๐ธ
Seen from France
เธเนเธญเธFolkเธเธงเธข56 เนเธเธตเนเธขเธเธเธธเธเธเน
Seen from Thailand
Spooy๐
Seen from Thailand
M ๐๐ฅ
Seen from Qatar
๐ CHUBBY GiRL ๐
Seen from Thailand
ceren
Seen from Turkey
Burak
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers