SlowMist
@SlowMist_Team
Followers
90K
Following
3K
Media
992
Statuses
4K
SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.
Joined April 2018
Thanks to @TrustaLabs for trusting us and for their swift, responsible response. Security is always our top priority — stay vigilant.
Recently, there was an external scam involving an unverified third-party contract.(0x16d7c6f43df19778e382b7a84bcb8c763971a551) on the blockchain. Trusta and the official $TA token remain secure and intact, with no vulnerabilities or issues identified. Appreciate the help from.
0
0
3
🔥New challenge live on #Unphishable!. Fake job interviews remain one of the most effective lures in phishing campaigns — especially against devs and researchers.📁. Stay sharp, question every unsolicited “opportunity,” and remember: legit recruiters won’t send you .exe files.
🔥New Unphishable challenge just dropped: Fake Zoom Meeting Phishing. Job offers turned into attack vectors — a common tactic targeting developers. Challenge contributor: @SlowMist_Team . If you've been through a similar “recruitment” flow, check your laptop now. #Unphishable
2
1
8
🚨Attackers often distribute malicious files through #LinkedIn, #Discord, and #Telegram. To stay safe, here are key tips 🛡️:. 🔹 Beware of fake jobs asking you to run code from GitHub. Verify identities via official sites. 🔹 Always review unknown code & authors. Use.
🚨I fell victim to a job scam, my first encounter with a social engineering attack🚨 . I hope everyone can help spread this post so there are no more victims. I’ll explain the entire incident from my perspective and how I discovered it. 🚨 It all started on July 11 when I.
2
3
9
🇭🇰With the Stablecoins Bill now passed, the HKMA released its Draft Guideline on Supervision of Licensed Stablecoin Issuers on May 26, 2025 — outlining ongoing standards for stablecoin operations in Hong Kong. 📘In response to rising inquiries on compliance-ready smart
2
1
10
In early July, SlowMist investigated a crypto theft caused by a malicious GitHub project: zldp2002/solana-pumpfun-bot. More recently, a similar repo — audiofilter/pumpfun-pumpswap-sniper-copy-trading-bot — was found stealing private keys from .env files and sending them to an.
On July 2, a victim reached out to the SlowMist team after losing crypto assets. The cause? Running a seemingly legitimate GitHub project — zldp2002/solana-pumpfun-bot. 🕳️What looked safe turned out to be a cleverly disguised trap. Our analysis revealed:. 1️⃣The perpetrator
5
7
27
🚨 SlowMist TI Alert 🚨. We're seeing a rise in scam emails titled "New login to X from XXX" — many are bypassing Gmail spam filters and appearing in your inbox. 📩. These emails falsely claim suspicious logins to your X account, tricking you into clicking "Change your password"
1
7
24
RT @amber_ac_: BUIDL_QUESTS 2025 Begins: Why We’re Doubling Down on AgentFi. 1/ BUIDL_QUESTS 2025 officially kicks off today. Our global bu….
0
23
0
🛡️SlowMist has officially launched the Stablecoin Risk Management & AML/CFT Compliance Security Solution, in response to the latest regulatory developments in Hong Kong.🇭🇰. On May 26, following the passage of the Stablecoins Bill, the HKMA released its Draft Guideline on
1
2
8
🚨SlowMist TI Alert🚨. MistEye has detected potential suspicious activities related to $VDS on BSC. Loss of approximately $13k. As always, stay vigilant!.
1
1
11
Today, SlowMist was honored to exhibit at FiNETech6, co-hosted by the @hkmagovhk and @cyberport_hk. As a global leader in blockchain threat intelligence, we showcased our key solutions — including SlowMist AML, @MistTrack_io, MistEye, and our security audit & attack-defense
1
0
9
🚨SlowMist TI Alert🚨. The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw
17
31
77
🚨SlowMist TI Alert🚨. MistEye has detected potential suspicious activities related to @ArcadiaFi. The loss was approximately $2.5M. As always, stay vigilant!.
8
6
23
🚀 Honored to have our CTO Blue join the #MYBW2025 Spotlight Speakers lineup!. From protocol audits to threat intel to on-chain tracing, Blue advances blockchain security. See you in Kuala Lumpur this July! 🇲🇾.
📢 Spotlight Speakers Announcement.Powering product, growth, and strategy — here’s who’s taking the mic at #MYBW2025:. 🌐 Glenn Woo – Head of APAC @blockdaemonhq.From S&P Global to Ledger to Blockdaemon, Glenn has led APAC blockchain adoption across enterprise and institutional
1
0
11
Thank you @MYX_Finance for your trust and recognition! ❤️. On July 9th, the SlowMist team received an urgent request for assistance from MYX. We immediately launched an emergency response🚨, swiftly analyzed the affected protocol, devised a rescue plan🛡️, and successfully.
[1/5] .Yesterday an external white-hat trio—@deeberiroz, @VennBuild, and @davidberiro—flagged a security risk in our live staking contract. With their alert and instant support from @SlowMist_Team we isolated the contract, migrated funds, and locked down the vector within.
9
7
17
🚨On June 26, the online investment platform "#鑫慷嘉 DGCX (XinKangJia DGCX)" abruptly shut down all withdrawal channels. Users soon found their accounts frozen or wiped, sparking widespread alarm. While no official data has been released, investors claim the scam may involve
0
3
10
RT @Cointime_global: 🚨【Cointime 重磅 Space 来袭】.GENIUS Act 颁布,稳定币进入合规新时代?.After the GENIUS Act: Stablecoins Enter a Regulatory Era. 📅 时间:7月15日….
0
53
0
🚨SlowMist TI Alert🚨. The official @PlasmaFDN X account has been compromised. ⚠️This phishing campaign is particularly deceptive:. The link at the beginning uses a Twitter Bot user-agent spoofing trick to appear as a real domain. In reality, it redirects to a phishing site:
2
4
15
Recent attack on GMX (@GMX_IO) resulted in over $42M in losses. Here’s a summary of our analysis:. Root causes:. 1️⃣GMX v1 updates globalShortAveragePrices when opening shorts but not when closing. 2️⃣It immediately increases globalShortSizes on short position creation. These
The root cause of this attack stems from @GMX_IO v1's design flaw where short position operations immediately update the global short average prices (globalShortAveragePrices), which directly impacts the calculation of Assets Under Management (AUM), thereby allowing manipulation
4
11
27
The root cause of this attack stems from @GMX_IO v1's design flaw where short position operations immediately update the global short average prices (globalShortAveragePrices), which directly impacts the calculation of Assets Under Management (AUM), thereby allowing manipulation
The GLP pool of GMX V1 on Arbitrum has experienced an exploit. Approximately $40M in tokens has been transferred from the GLP pool to an unknown wallet. Security has always been a core priority for GMX, with the GMX smart contracts undergoing numerous audits from top security.
35
50
220