Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents.
Overlap address:
0x33d057af74779925c4b2e720a820387cb89f8f65
Bybit hack txns on Feb 22, 2025:
0xc963e65b9ec39b11076f78990c31f29aaa80705c75312dafd1748479e3e94ed0
0x411374feedcfa560335f00c0fcfa0a3906fdcc33687e6f924dd78ebecc45cd00
Phemex hack txns on Feb 20, 2025:
0x6262a3339842240aeebae4ebfe338dbc771aa0e2df8f5a1ebcd7f9b090bedfe3
1/ How to use MetaDock@MetaDockTeam's variable log to identify a rug token contract with a backdoor.
IGET token on BSC (0x8D07f605926837Ea0F9E1e24DbA0Fb348cb3E97D) has a backdoor to mint a large number of tokens to a backdoor address.
Thanks to @MetaDockTeam's excellent tool.
🔥I am ready to start writing "DeFiHackLabs Solidity Security Testing Guide".
Currently, it supports 47 types of vulnerabilities.
My todo:
1.Add missed vulnerability descriptions to the test cases written before.
2.Create a Notion version.
3.Create a PDF version.
👋 Say hi to the new 0x
Today we are excited to introduce you to the new 0x, developers’ one-stop shop to build the best financial products on crypto rails.
Let’s take a tour of everything new 👇
Getting scammed is terrible. But it's even worse if you don't understand how it happened.
There are four main kinds of methods that phishing scammers use to steal your funds:
1. SEED PHRASE COMPROMISE
2. DIRECT ETH TRANSFERS
3. APPROVALS / PERMITS
4. NFT MARKETPLACE LISTINGS
The SlowMist security team has open-sourced the #Web3 Project Security Practice Requirements, which provides detailed practice requirements and recommendations to help Web3 project development teams identify and prevent potential security risks.
Web3 project teams can refer to the security practice requirements provided in this article, master the corresponding security skills, improve the security of Web3 projects, and better protect the asset security of projects and users.👇
https://t.co/qwhfZCVqnY
We are thrilled to announce that our series A+ funding round has officially closed, with a valuation of $85 million led by @IOSGVC 🦄️
Thanks to our incredible team and supporters for making this possible❤️
To learn more, read our blog 👇
https://t.co/MMjn7yYBLv
Secure on-chain randomness is a topic that has been touched on a lot over the past few years.
In the latest blog, by @paradigm Engineering, @sina_eth_, @gakonst, and I explore and implement secure randomness on Ethereum using SNARKs and VDFs.
https://t.co/ixoN9NVTiI
EIP-2535 Diamond Standard Now Finalized!
A standard for designing "upgradeable" & "replaceable" contracts, also known as the Diamond Standard by @mudgen