You can just design on the web.
No prompts, no copy - paste, just make changes like you would in Figma.
This is still very early. Looking for testers. ❤️
https://t.co/V8xeGyNY0U gives you a unified view of your entire Hyperliquid footprint:
• Aggregate perps risk & open positions • Spot & native token balances
You can now pay for things in Africa directly from your AI agent.
Today we’re introducing Paystack Index, the easiest way to check out with Paystack merchants through Claude, ChatGPT, OpenClaw, and any AI agent.
At launch, you can:
→ Buy airtime: “Buy ₦500 MTN airtime for 080…”
→ Send money with @zapbypaystack: “Send ₦25k to…”
→ Buy food with @ChowdeckHQ: “Order jollof under ₦3k near me”
As more merchants join the Index, you’ll be able to do more, from booking rides and ordering groceries to paying utility bills, quickly and securely.
Paystack Index is now available in Nigeria, with more African markets coming soon.
An experimental product from Paystack and TSG Labs.
Episode 14 – Unspoken Rule. Live now
For years, an unwritten rule governed Eastern European cybercrime: steal from the West, leave Russians alone — and the government will never touch you."
“This wasn’t just a bank robbery; it was a state-protected ecosystem, the state looking the other way, not because they couldn’t stop it, but because it was just too useful”
"Evil Corp stole hundreds of millions from Western banks. Then came NotPetya in 2017 — disguised as ransomware, which was actually a weapon. It destroyed Ukrainian infrastructure and caused $10 billion in collateral damage globally. FedEx. Merck. All caught in the blast. No arrests. No consequences."
"The FBI had the evidence. In 2020, the DOJ named six Russian military officers behind NotPetya — by name, with evidence, with bounties. Every one of them is still free. Not because they're hiding. Because they're protected. Russia's constitution prohibits extraditing its own citizens. But that's the formal barrier. The real one is simpler: these aren't criminals the Russian state is pursuing. They're assets it's protecting."
"The only hackers who went to prison were the ones who took vacations to Spain or Thailand. The rest never left. They're still there. Still free. And the rule still stands.
This is by far the number one reason why I think they continued operation even after their core members were apprehended.
The End
#BlindEye #TrueCrime #CyberSecurity #UnspokenRule #Carbanak
Episode 13 – Soviet Union. Live now
The Soviet Union collapsed in 1991. What it left behind built the most dangerous criminal infrastructure in internet history.
"When the USSR fell, it didn't just lose a government. It lost an economy. Millions of engineers, mathematicians, cryptographers, world-class talent, suddenly had no institutions, no salaries, no future. The state that trained them was gone. But the skills remained. And the internet was just arriving."
"By the mid-2000s, something called the Russian Business Network had emerged out of St. Petersburg. It wasn't a criminal gang in the traditional sense. It was infrastructure, bulletproof hosting, untouchable servers, a technical backbone for every criminal operation that needed somewhere to live. Spam networks. Malware distribution. Child exploitation material. If you needed servers that no law enforcement could touch, RBN was your landlord. And the Russian state looked the other way, because the people running it had the right connections."
"This is the ecosystem that was formed. The Russian state didn't create cybercrime. But it discovered something more useful than controlling it, tolerating it.
Criminal groups operated freely as long as they followed one rule: DON'T TOUCH RUSSIANS. Hit Western banks, Western companies, Western governments, and you had immunity. The state got plausible deniability. The criminals got protection. Both sides got what they wanted."
"From this environment came CARBANAK. EVIL CORP, NOTPETYA, and SANDWORM.
"Kaspersky exposed Carbanak in February 2015. In the same week, they exposed what appeared to be an NSA surveillance program. Two years later, the Trump administration banned all Kaspersky software from federal systems. The man who found the biggest bank heist in history was also trained at a KGB cryptography institute.
The question was never answered. It was just avoided
#BlindEye #TrueCrime #CyberSecurity #SovietUnion #Carbanak
Episode 12 – Dennis K. Live Now
In the past couple of days, we have been covering the entire Carbanak operations, their members and their motives. For this episode, we will narrow it down to someone who is of particular interest, the puppet master pulling the strings, who is known as Denis K.
We need to acknowledge his genius and criticize his behaviour for someone who never met his team, and was able to create such an elaborate organization. Imagine if he spent his time creating something of value, such as building a company, he would have created one of the largest companies in the world.
The interesting thing about him is that He lived openly in Spain, like any regular Tuesday
Even when Europol started arresting his guys, the syndicates didn't stop their operations; they evolved.
They started mailing physical packages disguised as Amazon gift cards and government health letters. Putting USB drives inside teddy bears.
The second an employee inserts the drive into a computer, the drive would act like a phantom keyboard, automatically typing attack commands into the system.
Why keep hacking when the whole world is hunting you? Was it pure greed, or do they have the backing of a large, sophisticated entity, or were they true believers? In the next episode, we will explore possible reasons
#BlindEye #TrueCrime #CyberSecurity #DennisK #Carbanak
Episode 11 - Sticks and Stones. Live Now
Ukraine produced world-class coding geniuses making barely $400 a month. So, a cybercrime syndicate offered them millions. But it came with massive consequences.
Our analysis of the Cabanak group will not be complete if we don’t talk about its members
Let’s start with Denis K
Denis K was an architect and a Master mind. He stole funds and converted them to Bitcoin. The Bitcoins were then loaded into prepaid cards through financial platforms in the UK and in Gibraltar.
The funds were also used to purchase things like vehicles, jewelry, and properties, which were worth €500,000, and this occurred in Spain.
He also built a massive Bitcoin mining scheme, where he took his criminal proceeds and made them look like a legitimate Bitcoin income.
Another member who was interesting is Fedir Hladyr.
He was recruited by Combi Security via a fake job posting. By the time he knew, it was already too late.
He was sentenced to 10 years in jail, and his operation and role in the Cabanak group is the reason why today we have an exhaustive documentation on their operations, because he manages the Jira Tickets, Java, and Hip chat.
Andrii Kolpakov — He was a Supervisor, arrested in Alicante, Spain and sentenced to 7 years in jail.
Denys Iarmak — He was their penetration tester. Who created their phishing emails and their intrusion campaign.
He also kept working after his colleagues were arrested. I guess he believed that he was untouchable.
He was arrested in Bangkok, Thailand and was transferred to US custody in Seattle. Currently serving 5 years and was sentenced in April 2022.
What was very interesting about Denys Larmak was what the judge said; he said the irony is that
“the nation you’ve decided to plunder is now leading an international effort to protect your country, your people, and your family.”
#BlindEye #TrueCrime #CyberSecurity #SticksandStones #Carbanak
Episode 10 - Jira Tickets. Live now
Carbanak ran its operation like a Fortune 500 company.
Jira for task management. HipChat for communication. Each bank robbery had its own Jira ticket.
Every night, Carbanak will build new malware. And in the mornings, they would test it against VirusTotal.
If it ever gets flagged, then they would rebuild.
Think of VirusTotal as a database of known malware, where you can compare with your own malware to see whether yours is unique.
This was part of the reasons they stayed undetected for many, many years.
When investigators finally identified their signatures, they often would have moved on. So, custom malware would become Cobalt Strike. Cobalt Strike traffic looked very similar to a real penetration test.
When they would get flagged, they had to move their infrastructure to Google. So, commands will be written to a Google Sheet.
These are enterprise software, so whatever EDRs or Firewalls they had, right, it remained undetected because it, to the system, looks like the real thing.
This might be like a controversial topic, I believe Carbanak started as Anunak, then moved on to Carbanak, then eventually FIN7.
we could argue about this for days because some people also believe that they are two separate groups entirely, but I believe they are the same group.
Eventually, when the authorities seized their servers, we were able to see their operational histories from Jira Tickets, to Chat Logs, to every bank. Every breach.
And most especially every mule. All are waitingfor us to investigate.
#BlindEye #TrueCrime #CyberSecurity #JiraTickets #Carbanak
Here's what I built for the @figma@contra#configmakeathon
Rosetta is a minimalist unit converter designed with interactivity at its core.
Rather than treating conversion as a purely functional task, it explores how small moments of delight can make utility feel more intuitive and engaging.
The project combines generated imagery from Figma Weave with an interface built entirely in Figma Make. The result is a simple but expressive tool that feels light and fun to use.
Episode 9 – Moldavian Mafia. Live now
The Moldavian mafias were Money mules; they often operated in the shadows — they were also the human logistics layer of the Carbanak group's operations.
ATM cash-out commands sent at predetermined times.
Always at night.
Each mule briefed separately — a specific machine, a specific street, a specific time. Collect everything.
Take your cut.
And Move.
The mule never met the hackers.
The hackers never communicated directly with the mule network — recruited through criminal intermediaries across Ukraine, Moldova and Romania.
Layers of separation. Deliberately designed.
That structure made prosecution nearly impossible for years.
#BlindEye #TrueCrime #CyberSecurity #MoldavianMafia #Carbanak
Episode 8 - SWIFT Terminal. Live now
The SWIFT terminal moves $150 trillion a year. In 2013 it shared a network with the email server. Carbanak found out.
The SWIFT terminal does not necessarily move money. It sends messages telling other banks to move money. If you control the terminal, you control the message.
Carbanak operators watched legitimate transfers being initiated for months.
They learned the approval chain.
When they sent fraudulent transfers, they looked identical to real ones — because they came from the real terminal, with real credentials, initiating a real SWIFT message.
#BlindEye #TrueCrime #CyberSecurity #SWIFTTerminal #Carbanak
Episode 7 - Loop Holes. Live now
Every ATM. Every SWIFT terminal. Every department. One network. No walls.
The story of Carbanak begins with bad policy, legacy software and a network architecture that made it all possible.
To understand Carbanak — you need to understand how banks were structured back in the day.
In 2013 most banks ran a flat network.
No walls between departments. HR. Finance. The SWIFT terminal wiring millions internationally. All of it on the same network. One infection point. Access to everything.
The ATMs ran Windows XP. Some Windows 7. Both already abandoned by Microsoft. No patches. No updates. No fix coming.
And underneath all of it was XFS (extensions for Financial Services). A standard built in the 1990s on one assumption — that physical security was enough. So, no authentication layer existed between software and hardware.
Any program on that machine could tell the ATM to dispense cash.
No password. No verification. No barrier
Carbanak didn't touch the steel.
They were already on the network.
And the network touched everything.
#BlindEye #TrueCrime #CyberSecurity #LoopHoles #Carbanak
EPISODE 6 - The Event Live now
Join our waitlist – https://t.co/9GVYYP30wP. Get notified when we launch our premium product
One email that’s all it took to steal $10 million
It arrived in a hotel coordinator's inbox like any other Monday morning email.
An event sponsorship invitation. Professional. Legitimate looking. The kind of email you open without thinking.
Attached was a Microsoft Word document.
Inside that document was a vulnerability — CVE-2014-1761. A known flaw in Microsoft Office. Already patched by Microsoft. Never applied by the bank.
She opened it.
The malware ran silently in the background. No popup. No warning. No indication that anything had changed.
Carbanak was inside.
For four months they watched. Learned the network. Identified the right systems. Mapped the approval chain for wire transfers.
Then on an ordinary Tuesday morning — $10 million left the bank.
Wired to accounts in Eastern Europe.
Clean. Precise. Indistinguishable from a legitimate transfer.
The bank had no idea.
Not that day. Not that week. Not for another two years.
One sponsorship email. One unpatched document. One coordinator who did exactly what any of us would do.
That was enough.
#BlindEye #TrueCrime #CyberSecurity #TheEvent #Carbanak
EPISODE 5 - COMBI Security Live now
Join our waitlist – https://t.co/9GVYYP30wP. Get notified when we launch our premium product
As we have seen throughout this series, the Carbanak group, without a doubt were a very determined entity
I have often wondered who the members were and how they were recruited. Only one thing comes to mind: Combi Security.
A professional website. It listed members of the group as clients and made Job postings on legitimate boards.
A sysadmin by the name of Hladyr applied for a role and got the job. The tasks looked like a regular security role. When he realized what was actually happening, he was already too deep to leave.
#BlindEye #TrueCrime #CyberSecurity #COMBISecurity #Carbanak
EPISODE 4 - Many faces. Live now
Join our waitlist – https://t.co/9GVYYP30wP. Get notified when we launch our premium product
The Carbanak group had many faces, Anunak, Carbanak, Fin7, The navigators, amongst many. This identity confusion itself was a strategy
It all started with an email.
A standard Microsoft Word document. One click. That was all it took.
Carbanak exploited three Microsoft vulnerabilities —
CVE-2012-0158, CVE-2013-3906 and CVE-2014-1761. All three were patched. The banks just never applied the updates.
The door was never broken. It was just left open.
Once inside, they installed Ammyy — a legitimate remote
administration tool that IT departments use every day. Security systems trusted
it. So, they let it in.
Then they watched.
Real employees. Real SWIFT transfers. Real
approval chains. Recorded day after day until Carbanak knew the operation
better than the bankers themselves.
This lasted two to four months per bank. Patient and Invisible.
When they finally moved, their commands were not different from the real thing.
No alerts. No flags. No one is watching.
Because to every system inside that bank, they were the real thing.
#BlindEye #TrueCrime #CyberSecurity #Manyfaces #Carbanak
EPISODE 4 - Many faces. Live now
Join our waitlist – https://t.co/9GVYYP30wP. Get notified when we launch our premium product
The Carbanak group had many faces, Anunak, Carbanak, Fin7, The navigators, amongst many. This identity confusion itself was a strategy
It all started with an email.
A standard Microsoft Word document. One click. That was all it took.
Carbanak exploited three Microsoft vulnerabilities —
CVE-2012-0158, CVE-2013-3906 and CVE-2014-1761. All three were patched. The banks just never applied the updates.
The door was never broken. It was just left open.
Once inside, they installed Ammyy — a legitimate remote
administration tool that IT departments use every day. Security systems trusted
it. So, they let it in.
Then they watched.
Real employees. Real SWIFT transfers. Real
approval chains. Recorded day after day until Carbanak knew the operation
better than the bankers themselves.
This lasted two to four months per bank. Patient and Invisible.
When they finally moved, their commands were not different from the real thing.
No alerts. No flags. No one is watching.
Because to every system inside that bank, they were the real thing.
#BlindEye #TrueCrime #CyberSecurity #Manyfaces #Carbanak