⚠️ Ongoing Ill Bloom-related Bitcoin drain.
Funds are moving from lower-balance addresses in the affected set to:
bc1phdwxpx7x5z6mkrzppwgqxd4l797w2p6saj39q558wqcgw5766cwsk9rzlf
Higher-balance victims are being drained to separate destination addresses.
If your address appears in Ill Bloom, move remaining funds.
Please monitor and flag.
Today we are publishing the first Ill Bloom findings: affected-address checker + on-chain analysis to help users identify exposed addresses and protect their assets.
🔗 https://t.co/NLod0LR3cd
⚠️ We will never ask for seed phrases, private keys, signatures, or approvals, or ask users to send funds to "recover" or protect a wallet.
Wallet Security Ranking UI Updates 👀
Originally, we didn’t include this level of detail. Why?
We prioritized vuln disclosure with vendors first
And…
we struggled to present that much info in a usable way 😅
Infosec people are not exactly known for great UI/UX but look!
👇
Smart contract security is hard.
Getting started shouldn't be.
🔥 Learn EVM Attacks now runs offline.
No RPC keys.
No archive node.
No rate limits.
Locally or in GitHub Codespaces with zero setup.
😮👇
Zombie dapp update:🧟♀️🧟♂️🧟 100+ wallet drainer domains just got buried. 🪓🪓 Our team tracked the necromancer behind them and drove a stake through his op. Stay safe out there. #Web3#InfoSec#security
🚨 Curve Finance Frontend Hijack Still Active
DNS hijack began ~2025-05-12 21:30 UTC.
Users visiting the Curve frontend are being served malicious JavaScript wallet drainer code.
Malicious dApp is hosted via Cloudflare infrastructure.
We’ll keep this thread updated. 🧵
1/ 🆕 Coinspect Wallet Security Ranking 2nd edition released!!
74 wallets tested
Curious where your go-to wallet stands?
Fresh data and some surprising moves on the leaderboard. Dive in below 👇🧵
🚀 Wallet Security Ranking Launched!
🔎After months of thorough testing, our comprehensive crypto wallet security framework is live.
⚠️Which wallet do you use, and how did it score?
➡️We test, you decide.
https://t.co/G6cbOheFFC
🤷If blockchain code is immutable, how are smart contracts upgraded?
🔎🧠Learn how to build secure upgradeable smart contracts, the pitfalls to avoid and best practices to embrace:
https://t.co/OsoMkFIUwj
#Crypto#security#web3#ethereum#evm#defi#smartcontract #SmartContractAudit
If you're building a dApp, you need continuous monitoring to defend it by alerting your team to unintended web front-end changes (DNS hijack, BGP, MiTM, CloudFlare workers ...).
📥DM us if interested!
JavaScript toolkits used in phishing attacks and compromised dApps will aim to exploit vulnerabilities in wallets, attempting to drain funds silently.
Simulation is just a promising experimental tool, but more is necessary to protects web3 users from malicious sites.
🚨 A high-impact hack recently targeted MyAlgo @myalgo_, a web-based #Algorand wallet, affecting thousands of users. Our team at Coinspect has voluntarily collaborated with the wallet provider to identify the root cause. We're proud to say we were able to uncover it. 1/5
Coin98 wallet drain demo video. Reported to vendor with details MONTHS ago, they decided not to fix it because "malicious DApps" are not part of their threat model.
Please RT and share. Let's help users prevent scams; we are not providing exploit details.
https://t.co/TDh59Mtmja