Olivia
Online
HACKDEFI
@hackthedefi
Joined February 2024
34 Following
41 Followers
63 Posts
🚨Update on @lifiprotocol Exploiter Activity🚨
According to MistTrack's monitoring, the LIFI Exploiter transferred another 720 $ETH to Tornado Cash a few hours ago.
As of now, the LIFI Exploiter has transferred 2006 $ETH to Tornado Cash, with ~847 $ETH still untransferred. (By the way, does this guy think this is peeling chain?😓)
Click the link to view the fund tracking process⬇️
https://t.co/LYsbxQsAW0
🚨SlowMist Security Alert🚨
We detected potential suspicious activity related to @Bedrock_DeFi due to mistakenly supporting the minting of uniBTC at a 1:1 exchange rate with the native token.
As always, stay vigilant!
🚨 Phishing Alert: @Polymarket users targeted on Google search!
🔍 Protect your assets—avoid simple mistakes. Get our security extension now! 🛡️✨
Stay safe and alert! ⚠️
All About DeFi and Future of Finance - Full Course in 4 playlists (80 YT Videos): LINKS 👇
1. Course I: DeFi Infrastructure:
📎https://t.co/9cV7JB2vTR
2. Course II: DeFi Primitives:
📎https://t.co/x03WLjEq0b
3. Course III: DeFi Deep Dive:
📎https://t.co/jZ6QEavOYS
4. Course IV: DeFi Risks and Opportunities:
📎https://t.co/Q7VC0HALMy
How to become a Better Smart Contract Auditor?
It's simple, put maximum time into it and do it willingly, every single day, no Excuses
First is learning, then the first letter of the word Learn is removed
LEARN -> EARN
Writing Multi-Fuzzer Invariant Tests Using Chimera:
Fuzz smart contracts using the same code with Echidna, Medusa & Foundry!
https://t.co/dXgXaUI73R
「⚠️ @OnyxDAO Exploit: $4M Loss」
🔗https://t.co/MBDIvOn3Cv
@OnyxDAO was hit by a $4M attack due to unverified inputs in the liquidation process. The attacker used the liquidateWithSingleRepay function to manipulate liquidation parameters, liquidating all collateral with just 1 token.
🕵️♂️ #MetaSleuth has tracked that two addresses (0xfd47f6 and 0x680910), belonging to the same attacker, profited $2.7M. The funds are distributed across three addresses: the two attacker addresses and 0x2d334f, with most profits swapped to ETH. The starting funds originated from @ChangeNOW_io
🛡️ Simplify your on-chain investigations with #MetaSleuth
ALERT! Our system has detected hundreds of suspicious transactions targeting an unknown, non-open-sourced contract on #BSC (0xff2481) over the past few hours, suggesting a possible reentrancy attack. The total loss has reached ~$140K.
Interestingly, after the first attack transaction (with a profit of ~$78K), the deployer (0x7baa94) invoked the victim contract's 'emergencyWithdrawUSDT' function multiple times, each for a small amount rather than withdrawing all the funds at once. This allowed the attacker to make small, repeated profits, ultimately accumulating to $140K.
First attack TX: https://t.co/nT7u8Izsek
Subscribe to BlockSec Phalcon today to get alerted in realtime and take automatic actions to protect your assets. https://t.co/5cGK9A1psv
.@OnyxDAO was attacked, resulting in a loss of nearly $4M. The root cause was unverified user input during the liquidation process. Specifically, key parameters of the liquidateWithSingleRepay function in the NFTLiquidation contract were controllable by the attacker, allowing manipulation of the extraRepayAmount variable through the repayAmount parameter. By exploiting this, the attacker was able to liquidate all collateral with just one token.
The key attack steps are summarized as follows:
1. The attacker first deposited oETH and borrowed various assets to reach the liquidation threshold. Simultaneously, they created a new contract that, through a donation attack and precision loss (inherent from the Compound V2 fork), reduced the oETH exchange rate, making the attacker's position eligible for liquidation.
2. The attacker then performed the liquidation. Due to insufficient parameter validation, the attacker manipulated the extraRepayAmount variable, which was added to the calculation of how many tokens needed to be liquidated. This allowed the attacker to obtain more oETH through liquidation, leading to a profit.
Attack Tx: https://t.co/JWaASUo0vM
My [DAY 2] in @EthCC 2024
I had a wonderful discussion with other researchers and engineers about DeFi security/security methods ~
Especially thanks:
- @JohnJsy0216 from (@Uniswap),
- Jeff from (@hackthedefi)
- @ZainanZhou from (@namefi_io)
- Rob from (@EthereumRemix)
![mr_dddt's tweet photo. My [DAY 2] in @EthCC 2024
I had a wonderful discussion with other researchers and engineers about DeFi security/security methods ~
Especially thanks:
- @JohnJsy0216 from (@Uniswap),
- Jeff from (@hackthedefi)
- @ZainanZhou from (@namefi_io)
- Rob from (@EthereumRemix) https://t.co/Dm6pctOaYr](https://pbs.twimg.com/media/GSHnrNmWUAAkCFH.jpg)
FuzzLand (@hackthedefi) has established a strategic alliance with @chainlinklabs.
This alliance helps #ChainlinkBUILD members access FuzzLand's all-in-one onchain contract security platform, enabling projects to move faster while staying secure.
https://t.co/t2mrPusY0A
📢Announcement Time 📢
We're very excited to be working with @chainlinklabs to bring our on-chain security solutions to #ChainlinkBUILD members to help Web3 #builders safeguard dApps and innovate with a peace of mind.
Read more in our blog here: https://t.co/yvhr1lLGBw
Excited to announce our collaboration with the brilliant minds at @hackthedefi to fortify our Staking SC's security 🤖
Stay tuned for the final results, paving the way for the much-anticipated "XOX Native Staking" event ⚖️
That is exactly what we @hackthedefi are working on:
- LLM-based Invariant Synthesis
- LLM-guided Fuzzing
- LLM-based Test Harness Synthesis
🧵
#PeckShieldAlert The #WazirX exploiter-labeled address has already laundered this batch of 5K $ETH (worth ~$11.6M) via #TornadoCash
The #WazirX exploiter-labeled addresses have laundered a total of 37.6K $ETH (worth ~$87m) via #Tornadocash so far
#PeckShieldAlert The #WazirX exploiter-labeled has already laundered 4.9K $ETH via #TornadoCash
The #WazirX exploiter-labeled addresses have laundered a total of 57.5K $ETH (worth ~$152.4m) via #Tornadocash so far
#PeckShieldAlert The exploiter-labeled #WazirX address has moved the 11th batch of 5K $ETH (worth ~$13.2M) to a new intermediary address, 0x0641...7b4a
Last Seen Users on Sotwe
Sakthi Anbu
Seen from India
🥷🏻🥷🏻🥷🏻
kontol buat hijaber
Seen from Indonesia
Evli Çift Mekanı🔞
Seen from Turkey
sexxual 
Seen from Turkey
แบ่งปันของดี
Seen from Thailand
حـ‘ـڪومـ‘ــة آلإبٱحـ‘ـــيهہ 🔥🔞
Seen from Turkey
Mbah
Seen from Indonesia
Toxic Pig
Seen from Netherlands
❤TURBANLI SEX❤
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers