Hey everyone,
Don't let malicious actors get away with your crypto assets. Reach out to us or
@MistTrack_io
for support and help in recovering your stolen funds. 🕵️♂️
Start Today👇
📣We're thrilled to announce our new product:
@MistTrack_io
#MistTrack
utilizes blockchain analytics to generate visual representations of transactions on the
#Ethereum
and
#TRON
networks. Additional networks to come.
A🧵on some of the features:
🚨SlowMist Security Alert🚨
Indonesian crypto exchange
@indodax
suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️
🚨SlowMist Security Alert🚨
On September 23, the Mixin Network cloud service provider database was attacked, the amount of funds involved was ~ $200M.
SlowMist is assisting in the investigation. Please wait for
@MixinKernel
updates for more information.
We are thrilled to announce that the codes of
#LaqiraProtocol
marketplace has passed security audit of
@SlowMist_Team
. It means that the codes are safe and capable of being deployed on mainnet.
You can find and read the audit report in the following link:
🚨SlowMist Security Alert🚨
1/ According to the reports of many victims, transfers of 0 USDT from unrecognized addresses continued to show in the address transaction history of TRON network users, with the "TransferFrom" function being called in each instance.
Based on the information provided by numerous victims, so far the estimated losses amount to approximately $14.83 million dollars from the
@AtomicWallet
hack.
Frustrated by the complexity of transactions when investigating lost or stolen funds?
@MistTrack_io
got you covered!
📢We’re giving🔟lucky winners early access to
#MistTrack
To enter:
1⃣Follow
@SlowMist_Team
and
@MistTrack_io
2⃣Like 👇
3⃣Retweet this post and tag a friend
With the launch of
#VeChainThor
mainnet approaching, We put together a security checklist for
@vechainofficial
, including recommended general framework, HTTP API security, MasterNode configuration, host security, DDoS protection and threat intelligence.
The hacker converted $25.5M $USDC to $ETH and scattered 6250 ETH to various wallets. Of these transfers, 1221 ETH was transferred to
@FTX_Official
and
@Cryptocom
. Nearly 175k ETH still remains at the hacker's address. The funds to launch this attack originated from
@binance
.
Over 2,101 BTC were stolen from the
@BadgerDAO
. According to our investigations, the hacker converted the proceeds into renBTC before transferring them to 14 different BTC addresses. And ETH worth approximately $700,000 was stolen. We will continue to monitor the stolen funds.
Hey
@zachxbt
, you have been impersonated by
@zacnxbt
.
He exploits the difference between
@RevokeCash
and revȯke (one more "·"), and it is easy for users to fall into phishing.
Our investigation concluded that
@imTokenOfficial
was not effected in the recent data leak involving Sentry.
@SenderWallet
&
@Coin98
wallets were not effected as well since they don't utilize Sentry services.
Specific versions for Android, iOS & Chrome extension can be shown👇
⚠️ SlowMist Security Alert!
Recently, there have been malicious scripts targeting (ft). This is a JavaScript code, where scammers lure potential victims into adding it as a bookmark.
When users access the ft site and execute this bookmark, the malicious
According to , the attacker of ETC 51% attack has returned ETC worth $100,000. Thanks to the ETC community's efforts over the past week, this is a perfect ending.
@eth_classic
@ClassicIsComing
report:
@Liquid_Global
Hello! We found that the two addresses you posted: ETH:0x8762db106b2c2a0bccb3a80d1ed41273552616e8 ,
ETH:0xCA0e7269600d353F70b14Ad118A49575455C0f2f are token contract addresses, not hacker addresses.
Analysis on the Recent Solana Exploit
On August 3, 2022, a large-scale attack on the Solana caused thousands of wallets to be compromised. Funds within the wallets were transferred without its users knowledge.
Here's our analysis of the incident
👇
⚠️Update:
#Ukraine
cryptocurrency donation statistics, totaling more than $34.48 million, an increase of about 32% compared to yesterday. (Updated March 1 at 2:58 UTC)
#cryptocurrency
#RussiaUkraineWar
🚨SlowMist Security Alert🚨
North Korean APT group targeting NFT users with large-scale phishing campaign
This is just the tip of the iceberg. Our thread only covers a fraction of what we've discovered.
Let's dive in
We're thrilled to announce the release of our much-anticipated 2023 Blockchain and Anti-Money Laundering Report!
🌍 Dive into our comprehensive analysis of global blockchain policies, explore the biggest hacks of 2023, unravel the most intricate scams, uncover the latest
🎉 Congratulations to
@hanawallet
on successfully passing our security audit!
We're thrilled to see their dedication to ensuring a secure and reliable platform for their users.
Keep up the great work! 💪
BREAKING: Ethereum DeFi protocol
@CreamdotFinance
hacked for more than $130 million. According to SlowMist AML statistics, the hacker has profited a total of 2760.22 ETH and 60 tokens including HBTC, USDT, BUSD, etc. SlowMist will continue to monitor the transfer of stolen funds.
the _executeCrossChainTx function. Therefore, the attacker uses this function to pass in carefully constructed data to modify the keeper of the EthCrossChainData contract. It is not the case that this event occurred due to the leakage of the keeper's private key.
🚨SlowMist Security Alert🚨
There's a known operational issue in the LDO Token contract that has recently been exploited by malicious actors for “fake deposit” attacks on exchanges.
🚨SlowMist Security Alert🚨
After a thorough analysis of the
@Ledger
Connect Kit supply chain attack, the SlowMist security team identified that the attack was orchestrated by the well-known phishing group called
#AngelDrainer
. Additionally, the Angel Drainer phishing group
SlowMist researched and discovered the false top-up method for EVM Native Coin in 2019. After identifying this attack method, we amicably assisted many trading platforms with testing and protection. The technique used in the recent incident is one of the techniques we previously
Kraken Security Update:
On June 9 2024, we received a Bug Bounty program alert from a security researcher. No specifics were initially disclosed, but their email claimed to find an “extremely critical” bug that allowed them to artificially inflate their balance on our platform.
🚨SlowMist Security Alert: OKX DEX Proxy Admin Owner's Private Key Suspected to be Leaked🚨
According to information from SlowMist Zone, the OKX DEX contract appears to have encountered an issue. After SlowMist's analysis, it was found that when users exchange, they authorize
🚨 New Scam Alert 🚨
Beware! Scammers on chat apps like Telegram are now using a sly method to steal your funds. They trick users into transferring small amounts, like 0.1 USDT, to a 'public chain' address.
But beware: entering this address could wipe out your entire account!
🚨 Exciting News from SlowMist! 🚨
We're elevating
#Web3
compliance, security, and growth with our upgraded AML services.
Our latest AML enhancements tackle the complexities of modern money laundering, offering robust protection for digital assets and ensuring projects meet
👏👏SlowMist has reached a long-term cooperative relationship with
@autofarmnetwork
, the hyper-optimised cross-chain yield aggregator launched on BSC & HECO. We will work together for the development of the DeFi ecosystem and improve the safety of the DeFi ecosystem!!
#DeFi
🚨SlowMist Security Alert🚨
Recently, we and our partners discovered a large-scale APT attack directed by the North Korean
#LazarusGroup
against the cryptocurrency industry.
The attack method is as follows:👇
The attacker first disguises his identity, deceives the auditor
📣We're thrilled to announce our new product:
@MistTrack_io
#MistTrack
utilizes blockchain analytics to generate visual representations of transactions on the
#Ethereum
and
#TRON
networks. Additional networks to come.
A🧵on some of the features:
According to the SlowMist’s BTI System, it was found that all ETC the 51% attacker took from exchanges have returned to them at 11:00 on January 10, 2019. Including
@YobitExchange
's 122735 ETC and
@gate_io
's $100,000 worth ETC.
@ClassicIsComing
@eth_classic
🚨SlowMist Security Alert🚨
We have detected an approve exploitation related to
@lifiprotocol
. Please revoke the approval for the contract 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae ASAP!
Super proud of our team and their efforts for helping us be included in the new United Nation Security Council report.
Pages 539 and page 553
A special thanks to
@CFInvestigators
for spotlighting our contribution.
🌍💻 International cooperation is the future of fighting
#crypto
related crime. Discover how cross-border efforts and advanced blockchain tech are shaping the fight against illegal activities.
Read more on how global collaboration is key to securing the financial system. 📖👇
🎉🌐6 Incredible Years at SlowMist - Thanks to You!🌐🎉
As we hit this milestone, a heartfelt thank you to our amazing community. Your support has been the key to our journey.🗝💙
🎮To celebrate, we've prepared something special! Join our anniversary game - a token of our
Good to have you back
@samczsun
.
Thank you for initiating
@_SEAL_Org
, our CTO Blue is also a member of the group, alongside numerous security experts we’ve had the privilege of knowing throughout the years—all of whom are outstanding individuals.
In the event of a hack
I'm back, did you miss me? I have some huge news!
Over the last year and a half, I've been working on something big in secret with the rest of the crypto security community. Today, we're finally ready to reveal ourselves to the world. We are
@_SEAL_Org
🚩SlowMist Security Alert 🚨
Zksync era mainnet SyncDex project has exited with a rugpull, resulting in over $370,000 USD in losses.
The SyncDex project on the Zksync era mainnet was rugged at 3:00 am UTC +8, and the official Twitter account has now been deleted. A total of
🔍Uncover the latest tactics of North Korean hacker group in our new article!
Analysis of
#LazarusGroup
's Targeted Phishing Scams on Telegram
🚨The malicious IP (104.168.137.21) is associated with numerous domains impersonating other projects. Please be vigilant and take
1)The cross-chain interoperability protocol
@PolyNetwork2
was attacked, and a total of more than 610 million US dollars were transferred to 3 addresses. The impact caused the transfer of large assets of the O3 Swap cross-chain pool.
Qtum(
@QtumOfficial
) joined SlowMist Zone and release the "Security Vulnerability and Threat Intelligence Bounty Program". Qtum will award hackers up to $10,000 for critical security issues. Details on the scope follow:
🥳We're thrilled to announce: "Blockchain Dark Forest Selfguard Handbook"
We are working with and welcoming more high-quality
#Web3
partners to improve the security awareness.
We specially created the DarkHandBook website.⬇️
📕:
🧐After we published an analysis article about the 1155 WBTC phishing incident and a profile of the hacker, it seems like there is a potential turning point in the situation.
3 hours ago, the hacker requested to contact the victim.👀
Is
@TornadoCash
truly anonymous
In this thread, we will be using our in-house AML ( Anti Money Laundering) MistTrack to analyze a $270 million incident from 2020 where the hacker tried to hide their stolen funds with Tornado Cash.
#bZx
private key compromised, over $55 million dollars stolen so far. We’ll continue to update as more information is discovered.
@RektHQ
@ChainNewscom
@bZxHQ
🚨SlowMist Security Alert🚨
1/
@coinexcom
Exploiter,
@Stake
Exploiter and
#Alphapo
Exploiter may all have ties to the North Korean Hackers known as
#LazarusGroup
.
Here’s how we came to that conclusion:
🚨Beware of WalletConnect Phishing Risks in Web3 Wallets 🚨
Here's a thread on how users are exposed to phishing attacks through inappropriate use of WalletConnect in Web3 wallets.
1/ It’s been a crazy week😬, here are some of the attacks and scams that happened in Web3 this week.
For a complete list of all previous incidents, visit
🧵👇
📢Excited to announce our latest article:
'Introduction to Smart Contract Auditing - Front Running.'
Delve into the nuances of front running attacks and equip yourself with best practices against them.
🚨$ARB Airdrop, Scammers' Carnival🚨
After the $ARB airdrop, while the community is cheering, scammers are enjoying the carnival by stealing $ARB through phishing, front-running leaked private keys, etc. Here is a simple example:👇
The scammer built an
1⃣ Based on our analysis🔎, we can rule out the possibility that the hot wallet has been compromised. It is possible that the withdrawal system has been hacked.
🤔Let's dive into it.
Here are the hacked bitcoin transactions. The stolen funds were withdrawn from the Indodax
🚨SlowMist Security Alert🚨
Indonesian crypto exchange
@indodax
suffered an attack a few hours ago, with the hacker stealing various tokens from hot wallets. The total loss is approximately $22 million💸. Below are the details of the losses⬇️
🚨SlowMist Security Alert🚨
Recently, a well-known exchange suffered a false top-up attack from
#Aptos
.
According to analysis by the SlowMist security team, Aptos’ coin transfer mechanism made an important update on January 15, 2023. Prior to this, the recipient had to
Since the $BNB Chain was suspended, the ~$430M on it cannot be transferred any further.
In total, over $110M was moved off the BNB Chain
Frozen: ~6,5M $USDT
Supplied to lending pools: ~$37.5M
Borrowed: ~$16.5M
Still have access to: $83.3M
Due to a reentrancy issue,
@NftTrader
appears to have been exploited. Please revoke approval for the following addresses ASAP:
0x13d8faf4a690f5ae52e2d2c52938d1167057b9af
0xc310e760778ecbca4c65b6c559874757a4c4ece0
1/ We're excited to present our mid-2023 report on Blockchain Security & Anti-Money Laundering, providing a comprehensive view of the state of blockchain security and AML developments worldwide.
🌐 Let's dive in. 🧵
💫Exciting news!
The SlowMist 2022 Annual Blockchain Security and AML Analysis Report is here!
Our comprehensive report provides valuable insights and analysis on the latest trends and developments in
#blockchain
security and
#AML
.
Let's dive in🧐
🚨SlowMist Security Alert🚨
Recently,
@Google
Authenticator iOS has launched version 4.0, which supports cloud synchronization. Users can synchronize the verification code generated by the authenticator to all Google accounts and devices, and can obtain the verification code at
🚨 Breaking News: SlowMist AML(
@MistTrack_io
), in collaboration with Taiwan's Criminal Investigation Bureau, Judicial Reform Foundation, and XREX, has set a legal precedent by cracking a complex crypto scam case! 🕵️♂️💼🔍
For the first time in Taiwan's judicial history, advanced
🚨SlowMist Security Alert🚨
Due to issues in the MigrateTroveZap contract,
@PrismaFi
is still being continuously exploited. The protocol can be paused through PrismaCore. Please take action ASAP!
Our team delved deeper into this incident and unearthed crucial new details about the scammer.
🕵️♂️ Discover the origins of the stolen funds and more in our in-depth investigation. "Small Bait, Big Fish: Unveiling the 1155 WBTC Phishing Incident."
🚨SlowMist Security Alert🚨
Recently, victims have been phished by people pretending to be journalists. The scammer often spoke broken Chinese and sends a normal-looking Calendly link. However, upon clicking, the link’s name changes to “Calendly.”, with an additional dot. This
🚨SlowMist Security Alert🚨
@starsarenacom
appears to have been stolen due to a major security breach in its smart contract, please do not deposit funds.
Currently, the hacker transferred 266,103 $AVAX to the address (0xa2Eb...ad7A). The address (0xa2Eb...ad7A) transferred
🛡️ After evaluating many auditors in the defi space, we have finalized and engaged
@SlowMist_Team
to audit our MMO contracts because they are the top anti-exploit specialist in the space!
We will update once the audit is completed ✅
#SafetyOurKeyPriority
#LFCRO
#Cronos
🚨SlowMist Security Alert🚨
@ankr
deployer’s key was suspected to be leaked, and the hacker minted a total of 60 trillion aBNBc. Part of the funds has been cross-chained from BSC to ETH and Polygon. Currently, 900 BNB were transferred to
@TornadoCash
.
⚠️SlowMist Security Alert⚠️
Another New Scam: Malicious Modification of RPC Node Links to Steal Assets
Scammers are manipulating RPC links to show fake USDT balances, tricking users into thinking they've been paid.
Learn how to protect yourself here:
🚨SlowMist Security Alert🚨
<Gas fee thieves in "normal" transactions>
According to SlowMist Zone Intelligence, a token called $GPT has recently appeared on the BSC Chain, with the contract address 0x513C285CD76884acC377a63DC63A4e83D7D21fb5.
When users approve this token,
🚨SlowMist Security Alert🚨
@Balancer
is currently experiencing a
#BGP
Hijacking attack. Accessing the website and connecting a wallet may expose users to phishing attacks.
Below is the analysis by the SlowMist team regarding this attack:👇
Ontology has settled in the SlowMist Zone and issued the "Security Vulnerability and Threat Intelligence Bounty Program".
@OntologyNetwork
will award hackers up to 6,400 ONG for critical security issues. Details on the scope follow:
3)If you have doubts about the information related to SlowMist declared by the outside world, please visit the official inquiry channel of SlowMist () for inquiry, and the inquiry result shall prevail.
🚨 Beware of fake Chrome extensions! 🚨
A malicious Aggr extension with positive reviews on the Chrome Store has been stealing cookies and your funds.
Hackers could have planned this attack over 3 years ago and they target users by promoting the extension through influencers.
🚨SlowMist Security Alert🚨
@iearnfinance
was attacked earlier today and the exploiter was able to steal $10 million in digital assets.
Here's what happened👇:
On April 13, 2023, the decentralized yield aggregation platform Yearn Finance was attacked, resulting in the theft of
1/4 Transit Swap hacker was front-run by an arbitrage bot when he transferred BUSD assets from the user on the BSC chain, block height 21816885, and made a profit of 1.07 million $BUSD