11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
Security researcher discovered a Prompt Injection on VirusTotal.
Could this be used as a form of social engineering to trick users into thinking a file is safe when it's not?
File hash: 1d30bfee48043a643a5694f8d5f3d8f813f1058424df03e55aed29bf4b4c71ce
Lazarus Group deposits 400 ETH (~$750K) into Tornado Cash, linked to February’s $1.4B Bybit hack, while deploying new “BeaverTail” malware targeting browsers and crypto wallets: https://x.com/officer_cia/status/1900126714086183378?1
#security #investigation
30 minutes ago, a victim lost $1.82M worth of cUSDCv3 due to phishing transaction signatures…
• https://x.com/officer_cia/status/1899730170338009127?12
#security #opsec
You asked, I answered – the legendary chat room is back! 🚀 The last one may be history, but this time, let’s make it last. Join the fun! 🎉
Link: t.me/+C6RfnbB33AYzNGIy
#opsec #ai #web3 #crypto #offtopic
This is an excellent in-depth technical report on the Bybit hack ⬇️
• https://x.com/officer_cia/status/1899539212627570689?s=46
#security #investigation
Attack on DFC Token and BUSD-DFC PancakePair
The custom implementation of DFC.transfer() allows tokens to be burned directly from the BUSD-DFC liquidity pool. This violates the contract’s assumption that the pair’s balance cannot decrease between function calls, ultimately enabling the withdrawal of the entire liquidity pool.
The attacker initiated a large BUSD flash loan, swapping most of the DFC tokens out of the liquidity pool while burning the remaining tokens. This caused the BUSD price to collapse to nearly zero. Finally, the attacker was able to swap the entire BUSD balance essentially for free.
Warning: Ongoing scam in telegram!
1. Scammers message you, offering to buy your username via Fragment.
2. A deep link through a bot opens a phishing site that looks like Fragment. Since Telegram opens it within the bot's frame, it appears native, making users think it's an official Telegram feature.
3. Then, a payment button for the transaction fee drains your balance.
Link: https://x.com/officer_cia/status/1899358689867288847?s=46
#security #telegram
BugBounty platform HackerOne has allegedly leaked all its users, including platform access passwords. So, if you're a user of this platform, it's time to change your login credentials!
• https://x.com/officer_cia/status/1899150819116646705?s=46
#alert #offtopic
🌐 Attention projects on Solana, NEAR, Aptos, SUI, and Polkadot!
I’ve got an excellent audit proposal for you—don’t miss out. Slide into my DMs, let’s chat! 🚀✨
Details: https://x.com/officer_cia/status/1898940886324535610
#security #audit
Official statement: https://x.com/entanglefi/status/1898527338276823225?12
#security
GM folks, please please please never ever download any PDF or install any software during a call with VC. Two CEO’s of a Defi Protocols got hacked in this way, lucky they engaged with me and @rata0x and we managed to recover nearly 1m$ stolen assets. However, if they wouldn’t install the app during the meeting, they wouldn’t lose over 5m$…
Since I stated to assist and engage with more hacking and stolen assets, I will share my first hand experience for better on-chain security of you. Rata0x and I are here to help.. Our mission has recovered over $100M so far.
Very important message for my fam: x.com/officer_cia/status/1898094988753326534
#security #investigation
1inch security incident flow: https://x.com/officer_cia/status/1898075785962897465?12
#security #investigation
⚠️ Alert: New Telegram Malware on Android! ⚠️
This sneaky malware masquerades as a regular video, targeting your data. If opening a video redirects you to a browser asking for an app update or "necessary" player installation, do NOT proceed!
Just one click can hand over your account, chats, photos, and device data to scammers. Stay vigilant!
Link: https://x.com/officer_cia/status/1897992686310687208?s=46
#security #privacy #opsec
More information: https://x.com/officer_cia/status/1897701859361513545?s=46
#security #investigation
Bybit hack investigation continues 👉 https://x.com/officer_cia/status/1897683647953531004?s=46
#security #investigation
Trezor Reveals Potential Vulnerability in Older Safe 3 Crypto Wallets !
Trezor disclosed a potential vulnerability in its Safe 3 wallet after Ledger identified a supply chain attack using voltage glitching.
The attack requires physical access and advanced skills, making it unlikely for widespread exploitation. Newer Trezor models, including Safe 5, are unaffected. Users are advised to buy from official sources, use strong PINs, enable passphrases, and keep firmware updated.
• https://www.theblock.co/post/346018/trezor-discloses-vulnerability-safe-3-crypto-wallet-rival-ledger
#opsec #security
Use glide.r.xyz 👀
• https://x.com/xyz_remedy/status/1897517866137665680?s=46
#security #audit
Security challenges have recently become extremely acute. But what if you're abroad, have run out of cash, and need to cash out your cryptocurrencies immediately? Or simply need to purchase or sell bitcoin or USDT?
I'd like to remind you about my friendly exchanger, which likewise thoroughly examines cryptocurrency for purity.
Works in practically all countries in the world 🌍Personally, I have used their services several times and never had any issues. Everything is as trustworthy and secure as possible.
Withdrawal and input methods include cash, bank cards, and other bank transfers. Different currencies. 💵
Contact: t.me/Mr_Hermes1
I've known these guys for years and have never heard of any problems related to the swap.
#opsec #crypto
This was a 0day 😳
• https://cyberinsider.com/apple-patches-zero-day-flaw-used-in-targeted-iphone-attacks/
#security #apple
Please immediately update your Apple devices!
Information: https://x.com/officer_cia/status/1899530366458737047
And here: @AppleActivelyExploited
#security #macos #ios
Another telegram scam ongoing!
Bots request to connect presumably every Telegram account with an anonymous number to some website that redirects to a "hacking"-themed Telegram channel
If you didn't request this, use the 'Decline' button or ignore this message.
My suggestion: simply ignore it. That’s a scam, but some people might get scared that they are hacked or something…
Link: https://x.com/officer_cia/status/1899363823036813541?s=46
#opsec #telegram
Lately, I've been asked if I buy into conspiracy theories or hang out on 4chan. Here's my take: In a chaotic world, some find comfort in these ideas. No judgment here, but I choose not to dwell on them. I've got plenty on my plate, and it doesn't include politics or conspiracies. Coincidences? They're just that.
I don't have any insider information or anything like that. And I'm not going to judge anyone either.
I had never publicly written anything anywhere before creating this account, I don't have any imageboard accounts, I don't have a second anonymous account.
Once again. My take: people seek stability in theories in an unstable world. I don’t judge, but I’d rather focus elsewhere. No politics or conspiracies for me. All coincidences? Yup. Non-coincidences too.
Follow my blog: https://officercia.mirror.xyz
#offtopic
officercia.mirror.xyz/pJSR4RwyOV_elzP8ymn3Ckn-Mat9s5sKE5Mqdmol06Y
Читать полностью…
According to Decurity’s postmortem report, after negotiations with the hacker, most of the $5 million stolen from 1inch has been returned, with the hacker keeping a portion as a bug bounty.
The attack was caused by a vulnerability in the Fusion v1 smart contract, primarily affecting those using outdated versions of the resolver. Regular users’ funds were not impacted: https://x.com/officer_cia/status/1898544905254777025
#investigation #security
Rumours: Entangle hacked, hacker minted 13b tokens. Some bridge issue potentially.
Can anyone confirm?
• https://x.com/officer_cia/status/1898531364711915747
#security #alert
Seraph Staking by BitMind was added on Remedy
- Max Bounty: $5,000
- Languages:
- Tags: #bugbounty
Start Date: 04-03-2025
X | Aggregation Platform | Telegram
Bybit attack flowchart: https://x.com/officer_cia/status/1898048649223192727?s=46
#security #investigation
There is an ongoing incident with Tether freezing the whole USDT stack of the Russian-based exchange Garantex.
The exchange was blocked after multiple sanctions were imposed on it.
#offtopic
Gm! If your project requires a military-grade level pentest, I recommend hexens.io
Seriously.
Also. A word of advice to L2/L1 networks, if you haven't integrated Glider (by r.xyz) yet - the probability of an attack increases many times over. So don't hesitate.
#security #opsec #web3
Join my chat: t.me/+C6RfnbB33AYzNGIy
#offtopic