SlowMist
@SlowMist_Team
Followers
80,667
Following
402
Media
792
Statuses
3,376
SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.
Joined April 2018
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Florida
• 253157 Tweets
Bivol
• 123908 Tweets
Oregon
• 81369 Tweets
#AEWWrestleDream
• 67129 Tweets
Nico
• 65508 Tweets
Hiro
• 55009 Tweets
Ohio State
• 44735 Tweets
Howard
• 41870 Tweets
Tennessee
• 39577 Tweets
Dennis Quaid
• 36403 Tweets
#ブンブンジャー
• 30102 Tweets
Valencia
• 27236 Tweets
ワコール
• 25639 Tweets
#MostRequestedLive
• 25201 Tweets
#UFCVegas98
• 24697 Tweets
GALA EN PAPIS
• 20748 Tweets
Kentucky
• 19360 Tweets
いろはちゃん
• 16169 Tweets
まゆちゃん
• 15463 Tweets
Saint Dr MSG Insan
• 13515 Tweets
イッテQ
• 13446 Tweets
Ole Miss
• 13156 Tweets
ヴァレン
• 12124 Tweets
Buckeyes
• 11495 Tweets
マッドレックス様
• 10959 Tweets
Ryan Day
• 10854 Tweets
Pinned Tweet
Hey everyone,
Don't let malicious actors get away with your crypto assets. Reach out to us or
@MistTrack_io
for support and help in recovering your stolen funds. 🕵️♂️
Start Today👇
121
441
304
🚨SlowMist Security Alert🚨
We detected potential suspicious activity related to
@MIM_Spell
.
Stay vigilant!
11
164
334
📣Twitter Space Tomorrow!📣
⏰July 14th, 19:00 (UTC+8)
👤Host: Sain
@Sainwellx_OnAir
👥Guests:
@SlowMist_Team
@Dominator0081
@DeFiTeddy2020
@Safeheron
@LonersLiu
@TrustlessLabs
Complete the tasks & Get a special OAT⬇️
334
473
460
📣We're thrilled to announce our new product:
@MistTrack_io
#MistTrack
utilizes blockchain analytics to generate visual representations of transactions on the
#Ethereum
and
#TRON
networks. Additional networks to come.
A🧵on some of the features:
128
311
390
📣We will host a Twitter Space Tomorrow!📣
⏰June 30th, 20:00 (UTC+8)
👤Host: Sain
@Sainwellx_OnAir
👥Guests:
SlowMist
@SlowMist_Team
Sassy Panda
@sassypandacap
Jack Jia
@JackJia2021
Kane
@Safeheron
BroLeon
@BroLeonAus
Complete the tasks & get an OAT⬇️
19
1K
313
20
126
310
🚨SlowMist Security Alert🚨
Indonesian crypto exchange
@indodax
suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️
43
146
320
🚨SlowMist Security Alert🚨
On September 23, the Mixin Network cloud service provider database was attacked, the amount of funds involved was ~ $200M.
SlowMist is assisting in the investigation. Please wait for
@MixinKernel
updates for more information.
31
51
215
🥳 Congratulations 🎉
@LaqiraProtocol
We are thrilled to announce that the codes of
#LaqiraProtocol
marketplace has passed security audit of
@SlowMist_Team
. It means that the codes are safe and capable of being deployed on mainnet.
You can find and read the audit report in the following link:
31
69
105
28
149
193
Over half a BILLION dollars worth of $BNB was recently hacked.
The hacker is now trying to spread the funds to every network to launder the funds.
19
81
153
Quick 🧵on
@FTX_Official
Hack
Total stolen so far: $417M
Hackers address on:
ETH / BSC / Avalanche: 0x59ab..d32b
Solana: 6sEk..hSHH
Thread Coverage:
1/Assets Stolen
2/ Swapped / Bridged Funds
2/ Assets Frozen
3/ Platforms Used
4/ Notable Transactions
5/Suspected Whitehats
30
70
163
🚨SlowMist Security Alert🚨
1/ According to the reports of many victims, transfers of 0 USDT from unrecognized addresses continued to show in the address transaction history of TRON network users, with the "TransferFrom" function being called in each instance.
91
45
128
Congratulations to Haven Protocol for passing the SlowMist Security Audit! All audit results are passed!
@HavenXHV
8
46
133
Based on the information provided by numerous victims, so far the estimated losses amount to approximately $14.83 million dollars from the
@AtomicWallet
hack.
18
47
127
Frustrated by the complexity of transactions when investigating lost or stolen funds?
@MistTrack_io
got you covered!
📢We’re giving🔟lucky winners early access to
#MistTrack
To enter:
1⃣Follow
@SlowMist_Team
and
@MistTrack_io
2⃣Like 👇
3⃣Retweet this post and tag a friend
66
48
91
With the launch of
#VeChainThor
mainnet approaching, We put together a security checklist for
@vechainofficial
, including recommended general framework, HTTP API security, MasterNode configuration, host security, DDoS protection and threat intelligence.
0
20
117
The hacker converted $25.5M $USDC to $ETH and scattered 6250 ETH to various wallets. Of these transfers, 1221 ETH was transferred to
@FTX_Official
and
@Cryptocom
. Nearly 175k ETH still remains at the hacker's address. The funds to launch this attack originated from
@binance
.
15
44
103
Over 2,101 BTC were stolen from the
@BadgerDAO
. According to our investigations, the hacker converted the proceeds into renBTC before transferring them to 14 different BTC addresses. And ETH worth approximately $700,000 was stolen. We will continue to monitor the stolen funds.
21
31
104
Hey
@zachxbt
, you have been impersonated by
@zacnxbt
.
He exploits the difference between
@RevokeCash
and revȯke (one more "·"), and it is easy for users to fall into phishing.
6
16
108
Our investigation concluded that
@okxchinese
@okx
@tronlinkwallet
@rabby_io
@stepnofficial
did not send the mnemonic or private key to the external server.
Specific versions for Android, iOS & Chrome extension can be shown👇
Our investigation concluded that
@imTokenOfficial
was not effected in the recent data leak involving Sentry.
@SenderWallet
&
@Coin98
wallets were not effected as well since they don't utilize Sentry services.
Specific versions for Android, iOS & Chrome extension can be shown👇
5
6
23
19
37
100
⚠️ SlowMist Security Alert!
Recently, there have been malicious scripts targeting (ft). This is a JavaScript code, where scammers lure potential victims into adding it as a bookmark.
When users access the ft site and execute this bookmark, the malicious
14
33
94
🚨SlowMist Security🚨
@SushiSwap
RouteProcessor2 has been exploited, please revoke its approval in time.
2
35
99
According to , the attacker of ETC 51% attack has returned ETC worth $100,000. Thanks to the ETC community's efforts over the past week, this is a perfect ending.
@eth_classic
@ClassicIsComing
report:
10
28
100
@Liquid_Global
Hello! We found that the two addresses you posted: ETH:0x8762db106b2c2a0bccb3a80d1ed41273552616e8 ,
ETH:0xCA0e7269600d353F70b14Ad118A49575455C0f2f are token contract addresses, not hacker addresses.
3
10
18
Analysis on the Recent Solana Exploit
On August 3, 2022, a large-scale attack on the Solana caused thousands of wallets to be compromised. Funds within the wallets were transferred without its users knowledge.
Here's our analysis of the incident
👇
4
31
90
⚠️Update:
#Ukraine
cryptocurrency donation statistics, totaling more than $50.97 million. (Updated at March 2nd 3:24 UTC)
More details:
#cryptocurrency
#RussiaUkraineWar
⚠️Update:
#Ukraine
cryptocurrency donation statistics, totaling more than $34.48 million, an increase of about 32% compared to yesterday. (Updated March 1 at 2:58 UTC)
#cryptocurrency
#RussiaUkraineWar
0
3
10
3
23
88
🚨SlowMist Security Alert🚨
North Korean APT group targeting NFT users with large-scale phishing campaign
This is just the tip of the iceberg. Our thread only covers a fraction of what we've discovered.
Let's dive in
4
37
88
We're thrilled to announce the release of our much-anticipated 2023 Blockchain and Anti-Money Laundering Report!
🌍 Dive into our comprehensive analysis of global blockchain policies, explore the biggest hacks of 2023, unravel the most intricate scams, uncover the latest
5
30
64
🎉 Congratulations to
@hanawallet
on successfully passing our security audit!
We're thrilled to see their dedication to ensuring a secure and reliable platform for their users.
Keep up the great work! 💪
5
20
78
BREAKING: Ethereum DeFi protocol
@CreamdotFinance
hacked for more than $130 million. According to SlowMist AML statistics, the hacker has profited a total of 2760.22 ETH and 60 tokens including HBTC, USDT, BUSD, etc. SlowMist will continue to monitor the transfer of stolen funds.
9
42
77
the _executeCrossChainTx function. Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract. It is not the case that this event occurred due to the leakage of the keeper's private key.
8
9
81
🚨SlowMist Security Alert🚨
We have detected that
@UwU_Lend
has suffered another loss of $3.72M.
As always, stay vigilant!
16
21
83
🚨SlowMist Security Alert🚨
There's a known operational issue in the LDO Token contract that has recently been exploited by malicious actors for “fake deposit” attacks on exchanges.
8
16
72
🚨SlowMist Security Alert🚨
After a thorough analysis of the
@Ledger
Connect Kit supply chain attack, the SlowMist security team identified that the attack was orchestrated by the well-known phishing group called
#AngelDrainer
. Additionally, the Angel Drainer phishing group
9
24
77
SlowMist researched and discovered the false top-up method for EVM Native Coin in 2019. After identifying this attack method, we amicably assisted many trading platforms with testing and protection. The technique used in the recent incident is one of the techniques we previously
Kraken Security Update:
On June 9 2024, we received a Bug Bounty program alert from a security researcher. No specifics were initially disclosed, but their email claimed to find an “extremely critical” bug that allowed them to artificially inflate their balance on our platform.
263
740
5K
4
18
81
@vechainofficial
VeChain is one of the few blockchain projects that really put security as the first priority
3
12
77
🚨SlowMist Security Alert: OKX DEX Proxy Admin Owner's Private Key Suspected to be Leaked🚨
According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist's analysis, it was found that when users exchange, they authorize
5
21
71
🚨 New Scam Alert 🚨
Beware! Scammers on chat apps like Telegram are now using a sly method to steal your funds. They trick users into transferring small amounts, like 0.1 USDT, to a 'public chain' address.
But beware: entering this address could wipe out your entire account!
10
35
68
🚨 Exciting News from SlowMist! 🚨
We're elevating
#Web3
compliance, security, and growth with our upgraded AML services.
Our latest AML enhancements tackle the complexities of modern money laundering, offering robust protection for digital assets and ensuring projects meet
1
17
17
👏👏SlowMist has reached a long-term cooperative relationship with
@autofarmnetwork
, the hyper-optimised cross-chain yield aggregator launched on BSC & HECO. We will work together for the development of the DeFi ecosystem and improve the safety of the DeFi ecosystem!!
#DeFi
5
9
72
🚨SlowMist Security Alert🚨
If you see this signature request, RUN...
2
29
62
🚨SlowMist Security Alert🚨
Recently, we and our partners discovered a large-scale APT attack directed by the North Korean
#LazarusGroup
against the cryptocurrency industry.
The attack method is as follows:👇
The attacker first disguises his identity, deceives the auditor
5
15
60
Hey
@justinsuntron
We created the first visual tracking platform for the
#TRON
community. Thought you might wanna check it out. 😉
📣We're thrilled to announce our new product:
@MistTrack_io
#MistTrack
utilizes blockchain analytics to generate visual representations of transactions on the
#Ethereum
and
#TRON
networks. Additional networks to come.
A🧵on some of the features:
128
311
390
3
16
70
According to the SlowMist’s BTI System, it was found that all ETC the 51% attacker took from exchanges have returned to them at 11:00 on January 10, 2019. Including
@YobitExchange
's 122735 ETC and
@gate_io
's $100,000 worth ETC.
@ClassicIsComing
@eth_classic
5
23
67
🚨SlowMist Security Alert🚨
We have detected an approve exploitation related to
@lifiprotocol
. Please revoke the approval for the contract 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae ASAP!
14
29
72
Super proud of our team and their efforts for helping us be included in the new United Nation Security Council report.
Pages 539 and page 553
A special thanks to
@CFInvestigators
for spotlighting our contribution.
8
13
66
🌍💻 International cooperation is the future of fighting
#crypto
related crime. Discover how cross-border efforts and advanced blockchain tech are shaping the fight against illegal activities.
Read more on how global collaboration is key to securing the financial system. 📖👇
2
2
10
🎉🌐6 Incredible Years at SlowMist - Thanks to You!🌐🎉
As we hit this milestone, a heartfelt thank you to our amazing community. Your support has been the key to our journey.🗝💙
🎮To celebrate, we've prepared something special! Join our anniversary game - a token of our
28
14
59
Good to have you back
@samczsun
.
Thank you for initiating
@_SEAL_Org
, our CTO Blue is also a member of the group, alongside numerous security experts we’ve had the privilege of knowing throughout the years—all of whom are outstanding individuals.
In the event of a hack
I'm back, did you miss me? I have some huge news!
Over the last year and a half, I've been working on something big in secret with the rest of the crypto security community. Today, we're finally ready to reveal ourselves to the world. We are
@_SEAL_Org
96
358
2K
3
30
67
🚩SlowMist Security Alert 🚨
Zksync era mainnet SyncDex project has exited with a rugpull, resulting in over $370,000 USD in losses.
The SyncDex project on the Zksync era mainnet was rugged at 3:00 am UTC +8, and the official Twitter account has now been deleted. A total of
14
20
61
🔍Uncover the latest tactics of North Korean hacker group in our new article!
Analysis of
#LazarusGroup
's Targeted Phishing Scams on Telegram
🚨The malicious IP (104.168.137.21) is associated with numerous domains impersonating other projects. Please be vigilant and take
5
20
63
1)The cross-chain interoperability protocol
@PolyNetwork2
was attacked, and a total of more than 610 million US dollars were transferred to 3 addresses. The impact caused the transfer of large assets of the O3 Swap cross-chain pool.
4
22
66
How to enter?
1⃣Follow
@MistTrack_io
&
@SlowMist_Team
&
@realMaskNetwork
2⃣RT the first tweet in this thread + Tag 1 frnd
3⃣Fill out:
49
43
50
Qtum(
@QtumOfficial
) joined SlowMist Zone and release the "Security Vulnerability and Threat Intelligence Bounty Program". Qtum will award hackers up to $10,000 for critical security issues. Details on the scope follow:
2
12
58
🚨SlowMist Security Alert🚨
There's a new scam going around involving airdrops and if you're still copying your addresses...
You should read this👇
11
27
58
🥳We're thrilled to announce: "Blockchain Dark Forest Selfguard Handbook"
We are working with and welcoming more high-quality
#Web3
partners to improve the security awareness.
We specially created the DarkHandBook website.⬇️
📕:
1
25
58
🧐The attackers behind the 1155 $WBTC phishing incident appear to be returning the funds.
🧐After we published an analysis article about the 1155 WBTC phishing incident and a profile of the hacker, it seems like there is a potential turning point in the situation.
3 hours ago, the hacker requested to contact the victim.👀
4
8
39
14
10
57
Is
@TornadoCash
truly anonymous
In this thread, we will be using our in-house AML ( Anti Money Laundering) MistTrack to analyze a $270 million incident from 2020 where the hacker tried to hide their stolen funds with Tornado Cash.
4
14
55
#bZx
private key compromised, over $55 million dollars stolen so far. We’ll continue to update as more information is discovered.
@RektHQ
@ChainNewscom
@bZxHQ
2
9
17
15
31
59
🚨SlowMist Security Alert🚨
1/
@coinexcom
Exploiter,
@Stake
Exploiter and
#Alphapo
Exploiter may all have ties to the North Korean Hackers known as
#LazarusGroup
.
Here’s how we came to that conclusion:
Update: More hacker address balances were merged, and the total number of stolen funds was updated to ~$55.5M
@coinexcom
0
1
2
5
14
50
🚨Beware of WalletConnect Phishing Risks in Web3 Wallets 🚨
Here's a thread on how users are exposed to phishing attacks through inappropriate use of WalletConnect in Web3 wallets.
6
25
51
1/ It’s been a crazy week😬, here are some of the attacks and scams that happened in Web3 this week.
For a complete list of all previous incidents, visit
🧵👇
3
21
53
📢Excited to announce our latest article:
'Introduction to Smart Contract Auditing - Front Running.'
Delve into the nuances of front running attacks and equip yourself with best practices against them.
1
11
49
🤩Join our
#NFT
Security Twitter Space🤩
🕙March 8, 10:00 (UTC+8)
👥
Host:
Richard,
@8BTC_OFFICIAL
Guests:
Jian,
@SlowMist_Team
Jared,
@nftgoio
Lorna,
@apenftorg
Andrew,
@Safeheron
Edison,
@OpenMeta_NFT
3
20
45
We are assisting
#VeeFinance
in attack analysis and hacker tracking. For more updates, please refer to the news released by
@VeeFinance
.
#Hack
3
16
47
🚨$ARB Airdrop, Scammers' Carnival🚨
After the $ARB airdrop, while the community is cheering, scammers are enjoying the carnival by stealing $ARB through phishing, front-running leaked private keys, etc. Here is a simple example:👇
The scammer built an
2
15
40
1⃣ Based on our analysis🔎, we can rule out the possibility that the hot wallet has been compromised. It is possible that the withdrawal system has been hacked.
🤔Let's dive into it.
Here are the hacked bitcoin transactions. The stolen funds were withdrawn from the Indodax
🚨SlowMist Security Alert🚨
Indonesian crypto exchange
@indodax
suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️
43
146
320
1
25
55
🚨SlowMist Security Alert🚨
Recently, a well-known exchange suffered a false top-up attack from
#Aptos
.
According to analysis by the SlowMist security team, Aptos’ coin transfer mechanism made an important update on January 15, 2023. Prior to this, the recipient had to
6
14
41
Since the $BNB Chain was suspended, the ~$430M on it cannot be transferred any further.
In total, over $110M was moved off the BNB Chain
Frozen: ~6,5M $USDT
Supplied to lending pools: ~$37.5M
Borrowed: ~$16.5M
Still have access to: $83.3M
8
14
45
Due to a reentrancy issue,
@NftTrader
appears to have been exploited. Please revoke approval for the following addresses ASAP:
0x13d8faf4a690f5ae52e2d2c52938d1167057b9af
0xc310e760778ecbca4c65b6c559874757a4c4ece0
2
17
52
1/ We're excited to present our mid-2023 report on Blockchain Security & Anti-Money Laundering, providing a comprehensive view of the state of blockchain security and AML developments worldwide.
🌐 Let's dive in. 🧵
3
18
49
💫Exciting news!
The SlowMist 2022 Annual Blockchain Security and AML Analysis Report is here!
Our comprehensive report provides valuable insights and analysis on the latest trends and developments in
#blockchain
security and
#AML
.
Let's dive in🧐
4
19
45
🚨SlowMist Security Alert🚨
Recently,
@Google
Authenticator iOS has launched version 4.0, which supports cloud synchronization. Users can synchronize the verification code generated by the authenticator to all Google accounts and devices, and can obtain the verification code at
1
15
45
🚨 Breaking News: SlowMist AML(
@MistTrack_io
), in collaboration with Taiwan's Criminal Investigation Bureau, Judicial Reform Foundation, and XREX, has set a legal precedent by cracking a complex crypto scam case! 🕵️♂️💼🔍
For the first time in Taiwan's judicial history, advanced
8
10
45
🚨SlowMist Security Alert🚨
Due to issues in the MigrateTroveZap contract,
@PrismaFi
is still being continuously exploited. The protocol can be paused through PrismaCore. Please take action ASAP!
13
18
46
Our team delved deeper into this incident and unearthed crucial new details about the scammer.
🕵️♂️ Discover the origins of the stolen funds and more in our in-depth investigation. "Small Bait, Big Fish: Unveiling the 1155 WBTC Phishing Incident."
🚨💔 2 hours ago, another victim lost $68 million by copying the wrong address from a contaminated transfer history.
130
131
753
6
10
47
🚨SlowMist Security Alert🚨
Recently, victims have been phished by people pretending to be journalists. The scammer often spoke broken Chinese and sends a normal-looking Calendly link. However, upon clicking, the link’s name changes to “Calendly.”, with an additional dot. This
3
11
45
🚨SlowMist Security Alert🚨
@starsarenacom
appears to have been stolen due to a major security breach in its smart contract, please do not deposit funds.
Currently, the hacker transferred 266,103 $AVAX to the address (0xa2Eb...ad7A). The address (0xa2Eb...ad7A) transferred
There has been a major security breach with the smart contract.
We're actively checking the issue.
DO NOT deposit any funds.
Stay tuned for updates.
1K
632
2K
0
15
49
🥳Thank
@MMFcrypto
for your trust! Let's celebrate in advance for a good security audit result!
🛡️ After evaluating many auditors in the defi space, we have finalized and engaged
@SlowMist_Team
to audit our MMO contracts because they are the top anti-exploit specialist in the space!
We will update once the audit is completed ✅
#SafetyOurKeyPriority
#LFCRO
#Cronos
13
41
174
6
8
47
🚨SlowMist Security Alert🚨
@ankr
deployer’s key was suspected to be leaked, and the hacker minted a total of 60 trillion aBNBc. Part of the funds has been cross-chained from BSC to ETH and Polygon. Currently, 900 BNB were transferred to
@TornadoCash
.
3
18
50
⚠️SlowMist Security Alert⚠️
Another New Scam: Malicious Modification of RPC Node Links to Steal Assets
Scammers are manipulating RPC links to show fake USDT balances, tricking users into thinking they've been paid.
Learn how to protect yourself here:
10
22
48
Congratulations to our friend
@vechainofficial
on the 1st anniversary of the launch of the mainnet 🏢
1
7
46
🚨SlowMist Security Alert🚨
<Gas fee thieves in "normal" transactions>
According to SlowMist Zone Intelligence, a token called $GPT has recently appeared on the BSC Chain, with the contract address 0x513C285CD76884acC377a63DC63A4e83D7D21fb5.
When users approve this token,
10
17
42
Ontology has settled in the SlowMist Zone and issued the "Security Vulnerability and Threat Intelligence Bounty Program".
@OntologyNetwork
will award hackers up to 6,400 ONG for critical security issues. Details on the scope follow:
1
9
41
交易所在进行USDT充值交易确认是否成功时存在逻辑缺陷,未校验区块链上交易详情中valid字段值是否为true,导致“假充值”,用户未损失任何USDT却成功向交易所充值了USDT,而且这些 USDT 可以正常进行交易。
我们已经确认真实攻击发生!相关交易所应尽快暂停USDT充值功能,并自查��码是否存在该逻辑缺陷。
10
26
42
3)If you have doubts about the information related to SlowMist declared by the outside world, please visit the official inquiry channel of SlowMist () for inquiry, and the inquiry result shall prevail.
24
16
35
If even Vitalik's twitter account can get hacked then no one is safe.
Remember if it’s too good to be true, it’s probably a scam. Stay safe out there.
6
13
44
🚨 Beware of fake Chrome extensions! 🚨
A malicious Aggr extension with positive reviews on the Chrome Store has been stealing cookies and your funds.
Hackers could have planned this attack over 3 years ago and they target users by promoting the extension through influencers.
2
17
46
🚨SlowMist Security Alert🚨
@iearnfinance
was attacked earlier today and the exploiter was able to steal $10 million in digital assets.
Here's what happened👇:
On April 13, 2023, the decentralized yield aggregation platform Yearn Finance was attacked, resulting in the theft of
1
17
45
1/4 Transit Swap hacker was front-run by an arbitrage bot when he transferred BUSD assets from the user on the BSC chain, block height 21816885, and made a profit of 1.07 million $BUSD
7
13
43