Officer's Notes
@officer_cia
Followers
42,735
Following
692
Media
1,063
Statuses
9,112
Threat Researcher & Writer • BizDev @xyz_remedy • Former @immunefi & @sadspotter • Grantee @LidoGrants • Helping @Spiral_DAO • OpSec & OSINT
Dark Forest
Joined May 2021
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
América
• 494356 Tweets
Flamengo
• 186374 Tweets
#JUVBECKYXANGELS
• 170980 Tweets
HAPPY TRIP WITH BECCCA
• 169544 Tweets
Gojo
• 82018 Tweets
#jjk260
• 79373 Tweets
Chargers
• 52866 Tweets
Sukuna
• 44131 Tweets
Chivas
• 41982 Tweets
Grabois
• 35473 Tweets
マイクラ
• 35424 Tweets
Nitro
• 32367 Tweets
Apolinho
• 32046 Tweets
Nature Campaign
• 30384 Tweets
Marra
• 29246 Tweets
Gerson
• 28212 Tweets
サマソニ
• 26957 Tweets
#jjkspoilers
• 25945 Tweets
Gege
• 21766 Tweets
Marín
• 21313 Tweets
古畑任三郎
• 16479 Tweets
優三さん
• 15556 Tweets
ファンタジースプリングス
• 13385 Tweets
チェコ出身
• 13304 Tweets
アリーナツアー
• 12989 Tweets
複数の目
• 12946 Tweets
ミャクミャクの友達誕生
• 12903 Tweets
PINKYPROMISE XCRY Y TRESAM
• 12646 Tweets
関西テレビ
• 12589 Tweets
アサクリ
• 12574 Tweets
#MHA423
• 12444 Tweets
学級閉鎖
• 12173 Tweets
ガラス製の生き物
• 11962 Tweets
黄緑の体
• 11588 Tweets
友好の架け橋
• 11050 Tweets
국회의장
• 10843 Tweets
Azteca
• 10766 Tweets
Pinned Tweet
The Greatest Hits Vol.2: 30 Best Articles
Please like & share!
7
25
85
Warning ❗️ An attack on thematic
@telegram
crypto chats ongoing now. The attackers use an account named "Smokes Night" to spread Echelon malware by dropping a file into the chat room.
TLDR: Disable auto-downloading in Telegram settings right now.
👇 See the thread below 👇
175
1K
3K
You've been asking me for a long time and finally I decided to write an ultimative thread on an advanced (and authorial, please note) cryptocurrency storage technology 😎
Read carefully, there will be only Spy-level trips 👇
74
503
2K
That is why utilizing Tails OS (and Whonix OS) in a combination with automated data self-destruction is always worthwhile…
29
228
1K
1 - Store a private key, not the seed phrase:
2 - Use Steganography:
3 - Be aware of physical attacks:
4 - Follow my
#OpSec
Guide:
5 - Stay accurate:
This video of cops in Nevada searching a suspect and finding a seed phrase is pretty wild. Imagine having your seed phrase become part of public record due to it being captured by an officer's body camera!
634
851
5K
272
466
1K
.
@FixedFloat
hacked, resulting in ~1,728 ETH (worth ~$4.85m) and & 409 BTC (worth ~$21m) stolen. The drainer already transferred most of the stolen ETH to eXch on Ethereum. 26M$ loss in total!
Drainer on Ethereum (1700 ETH stolen): 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085
Looks like
@FixedFloat
just got exploited for 1700 ETH!
Drainer address: 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085
Info by:
@reprove
30
68
223
16
21
548
Stay safe!
@SushiSwap
and
@RevokeCash
front-end compromised too!
i'm kinda sure zapper frontend is hijacked!!!!!
@zapper_fi
@realScamSniffer
@officer_cia
@web3_antivirus
10
28
147
42
371
720
Researchers have detected an unusual transaction of $718M $ on the BSC network, the meaning of this is not clear at the moment, but many are already talking about a possible hack 🤷♂️
32
179
554
Interview with a
@KyberNetwork
hacker.
5 quick questions. 5 brief answers.
Key takeaways:
• I don't watch anime, but I get it tho.
• There's no secret ingredient, just do a lot of reading and practice.
•
@SoloditOfficial
and
@officer_cia
blog are very cool, a huge fan.
•
Attempting to conduct an interview with a
@KyberNetwork
exploiter. What can I possibly ask them?
Please post your questions in the comments section below the tweet!
50
26
267
28
90
532
What to do if you think someone has hacked you?
A big thread ⬇️
15
185
519
Decentralized storage company Storj removed their warrant canary!
OMG!
24
92
439
If your job requires you to work with multiple files (for example, a CV), always request that they be uploaded to Google Drive in preview mode beforehand or just open them via .
The main goal is to convert a possibly infected PDF to pixels and vice versa.
16
79
429
In this thread I would like to tell you how to pass my
#DeFi
roadmap in an faster way 👇
Map:
6
105
408
Tokenomics. My super special compilation for y’all fam ❤️
• - Read
• - Read
• - Read
• - Book
• - Book
16
110
365
Please use or ASAP!
The lockup assets on the Multichain MPC address have been moved to an unknown address abnormally.
The team is not sure what happened and is currently investigating.
It is recommended that all users suspend the use of Multichain services and revoke all contract approvals
401
766
2K
4
18
44
Gn fam 🙌 In six parts of this thread I will tell you exactly how I investigate cypto hacks and secuity incidents, and describe methodolgy ⬇️
14
79
324
Gm fam 👀 Now you can track all my activities in one place 😎
Check it out:
65
61
314
I’m often asked if I’m aware of any dataset of DeFi exploits including post mortem analysis twitter threads, blog posts, etc…
So I collected such resources in my special note for y’all fam🫡
10
59
293
I'm not sure how genuine it is, but you should definitely read my
#OpSec
guide - I've compiled a lot of information like that there!
3
42
279
Gm fam ❤️ New day, new cool thread! 😎 Today I'll share with you the best
@solidity_lang
resources, as well as bonus materials such as awesome tools, patterns, & self-study Dev resources 💎
I spent a great deal of time filtering the information and checking it for this thread 👇
12
74
266
Attempting to conduct an interview with a
@KyberNetwork
exploiter. What can I possibly ask them?
Please post your questions in the comments section below the tweet!
50
26
267
Would stay extra vigilant over the holidays…
A few people I know were recently attacked & lost their crypto assets, I can't disclose the details publicly but what they had in common was that their seed phrases were generated 3-4 years ago, they were all 12 words.
To add, all
17
78
258
@telegram
1/X
Here is a good article themed how to configure your TG, which don't have "out-of-the-box" privacy settings, correctly.
5
68
256
Looks like a Ronin exploiter is trying to hack the Euler exploiter… Dark Forest, literally 😅
If the Ronin exploiter phishes the Euler one with a suspect decryption tool I think I might actually just write a screenplay
Alternative, more paranoid theory is that this is being stage managed between them
(Please don’t make the joke, it’s tired and stale at this point)
17
7
197
6
47
231
Gm fam ❤️ Let me start a mega-thread about smart contract-side and user-side attacks in Dapp, Web3, Blockchain, DeFi, NFT and Metaverse 🧐
You'll find the coolest links and tools in this track. Let's go! 👇
10
67
220
An Open Letter to the Manufacturers and Designers of Crypto Wallets (both cold and hot).
There have been far too many attacks lately. Many users are losing money due to what appear to be straightforward attacks. In light of this, I have made the decision to publish an open
15
56
223
Looks like
@FixedFloat
just got exploited for 1700 ETH!
Drainer address: 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085
Info by:
@reprove
30
68
223
Here's the victim of the 1157 wBTC address poisoning scam, issuing an on-chain message to hackers to return 90% of stolen assets! and promising to keep 10% as a bounty! (Image by
@somaxbt
)
I think the best hacker can do now is to keep his 10%. That would be wise IMO.
$68M (1155WBTC) lost after victim fell for address poisoning attack.
TL;DR on attack: Attacker is sending spam transactions to your address in order to catch you being inattentive. You can copy their address instead of your own from the TX history. Attackers generate addresses
24
45
183
18
43
226
The
@KyberNetwork
Hack: In-Depth analysis by
@BlockSecTeam
&
@0xdoug
&
@MetaSec_xyz
⬇️
TL;DR: It was exploited due to the flawed price calculation in 'computeSwapStep'. It produced a bigger price than the target price, but the tick was not crossed and liquidity on the next tick
6
55
198
Much much thanks to every single one of you for support on
@gitcoin
❤️
Follow my works progress here:
Grant:
DeFi Developer RoadMap:
Crypto Research Base:
Crypto OpSec SelfGuard:
9
45
188
A solution concept for
#KYC
without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs - Good Read! 👀
👉
This approach breaks the traditional privacy vs. transparency trade-off and provides structured transparency 🤯
6
38
187
Dear followers, I don't often ask for help, but in this situation, if you want me to create more content, please help me in any way that works for you…
I would appreciate it if you could donate to me at the following addresses:
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A —
7
19
185
Vulnerabilities, attack vectors, and Web3 hacks - gathered for you in a single note!
4
26
181
Chrome allows websites to write to the clipboard without the user’s permission!
Src:
It opens a possibility to preform a modified clipper attack! But this is way more complicated, I am surprised how attack vector on a clipboard has changed over time…
14
54
177
Dear followers, If I do not respond to you in DMs here or in TG, it does not mean that I am showing off or don’t like you; rather, it is because I am depressed (again) and really unable to do anything…
39
2
175
$68M (1155WBTC) lost after victim fell for address poisoning attack.
TL;DR on attack: Attacker is sending spam transactions to your address in order to catch you being inattentive. You can copy their address instead of your own from the TX history. Attackers generate addresses
🚨ALERT🚨Are we mistaken, or has someone truly lost $68M worth of $WBTC? Our system has detected another address falling victim to address poisoning, losing 1155 $WBTC. 😢
Victim:
Address poisoner:
Poison transaction:
231
253
910
24
45
183
Please follow my blog so we don't lose touch!
There are about 100 articles already!
10
77
125
How to prepare the computer for work with crypto to the maximum to be sure that nothing will ever be pulled out of there?
A big thread ⬇️
5
35
155
Gn 😊 I've made this collection so you can use it as your handbook: you'll find in it a huge number of proven Solidity cheatsheets, tools, articles, resources, tools and an awesome bonus 👀
I'd be happy if you could distribute it!
6
46
157
Before you all start connecting to any dapps today - from your
@Ledger
device.❗️
Remember that you should first do a quick check to see if your browser is caching the most recent Ledger update or not. How to check:
1. Clear browser & device cache first;
2. Visit:
6
47
159
It would seem, what danger can a QR code pose? It turns out that you can even lose your crypto, fiat money and internet logins because of attacks!
Let's study these attacks and see how we can defend against them in my new
@viamirror
article!
5
43
154
Euler being attacked!
Looks like 8.89M DAI + 8,080 WETH loss...
10
40
156
GM!
Because of the increasing number of scams targeting people who don't know what MEV/MEV bot and so on are, I compiled a list of tried-and-true resources!
FYI:
9
41
147
Radiant potentially hacked!
Transactions (info by
@0xKoda
):
•
•
•
•
Around 1.9k eth drained from rETH it looks like! Stay safe!
11
45
153
Looks like the Orbit bridge is hacked.
The first hack in 2024 👀
Looks like orbit bridge is getting drained right now, different fresh wallets for wbtc usdt usdc and dai, test tx's showup on orbit bridge scanner but bigger ones doesnt. Wallets bellow
68
112
327
26
25
149
Awesome On-Chain Investigations HandBook 💎
Disclaimer: All information (tools, links, articles, text, images, etc.) is provided for educational purposes only! All information is also based on data from public sources. You are solely responsible for your actions, not the author!
9
37
142
Surprisingly, few people know that anyone can effectively defend against sim swapping…
And yes, it works both in the US and worldwide on almost all mobile operators!
Check out my thread below ⬇️
400 M + Twitter accounts data is on sale, among which the most critical are username, mobile # & email. Hacker was able to provide a sample list of 1000 usernames, and I was able to verify many of them
124
762
2K
6
38
136
A clipboard meddling attack on hardware wallets with address verification evasion - Good Read! ❕
👉
Authors designed and implemented a EthClipper malware, which then successfully tested on Trezor, Ledger, and KeepKey wallets.
9
38
133
How to Securely Transfer Unclaimed Tokens From a Compromised Wallet 🔥
Awesome guide by
@DarkFlorist
&
@Qhuesten
*
12
32
137
“It was definitely a private key that was compromised. If you look at the DAI transfer transaction, there was “uint was = allowed uint (-1)” which could have only been possible if the private key was compromised” - analysis by
@0xArhat
🫡
9
22
136
Gm 🙌 Spotted an awesome basic introduction to
#web3
and its concepts, using the
#javascript
you already know 🧐
👉
Check out my
#DeFi
&
#Web3
Developer Roadmap as well:
I guess I know how the Author got an inspiration 👀
8
41
130
Happy to present the most unusual
#OSINT
guide you've ever seen 👀
The repository is intended for bored professionals only. PRs are welcome!
8
38
130
Yield Aggregators in
#DeFi
- Good Read! 🌾
Authors compare four yield aggregrators -
@idlefinance
,
@picklefinance
,
@harvest_finance
and
@iearnfinance
More info:
3
35
130
Many of us travel by airplane and many of us have to deal with carrying luggage. That's a pretty serious threat to your
#OpSec
unless of course your computer or phone has potentially valuable information on it.
Read my thread ⬇️
4
22
134
A third variation of the "address poisoning" attack has been spotted!
In short, you receive tokens which price is displayed in your UI. You then try to exchange them, but the transaction fails, and the gas goes to the scammer’s wallet.
A thread 👇
8
44
129
Unverified messages: An online video showing a 1-click Telegram attack utilizing a calculator load as an example has been found (it is stated that it may be any malware, Windows-specific).
I strongly advise you to disable the auto-downloading function (disable both wi-fi and
17
41
135
How to protect your X/Twitter account against sim-swapping? A thread.
First, you can make a Google Fi account and turn on Advanced Protection:
We discussed this in more detail in the chat here, check it out (up/down):
1/6
5
43
123
GM! Going private for a few hours...
I'd like to ask you something... How many of you have actually seen my articles, GitHub collections, and investigations? Thank you ❤️
32
1
131
This video is from last year, but I never tyre of rewatching it again and again! It's extremely informative…
A police officer can be seen "working" behind the suspect's computer in this body-cam footage. Then he pulls out a USB memory stick and wipes everything out as the data
7
28
126
All you need to start investigating on-chain - now in a singe repo FYI 👀
2
24
101
Greetings! With the support of the awesome
@LidoFinance
, I am releasing a Roadmap for DeFi Developers!
Feel free to open pool requests! ❤️
2
31
123
Gm fam! 👀 Here's a tool that converts PDFs to pixels, then back to a PDF. Necessary if you open a lot of random PDFs that could be infected 😎
5
28
122
On November 23, 2023, the decentralized trading platform
@KyberNetwork
was attacked, resulting in the attacker stealing approximately $54.7 million…
Here is a PoC by
@paco0x
⬇️
4
20
120
In today's article, I'd want to draw your attention to some of my most time-consuming articles (there are 45+ already!), which I feel to be my best! Enjoy!
8
28
115
Surprisingly few people know that anyone can effectively defend against sim swapping. It works both in the US and worldwide in almost all mobile operators!
But how? Check out my thread 👇
5
24
119
Probably everyone has heard about the BNB chain hacked and then stopped? I've compiled everything for you step-by-step in the thread that you'll find below, for convenience here's its most recent version at the moment in a readable format:
8
32
110
I can't believe there are already 25,000 of you! 🎇🎆
We've been through a lot together, but there's more yet to come!
Thank you for everything dear community, without you I wouldn't have believed in myself!
Without you, none of this would have been possible! ❤️
14
3
114
Memo to those who have lost their funds.
1. Hacker may fail to drain all of your NFTs, stake position, or forget to drain assets from other networks. In these cases, the issue of how to get the remaining money back (un-hacked!) arises urgently. Check out
10
35
117
ZachXBT has just deleted his X/Twitter account...
Come back, we are all (adequate people) waiting for you!
Just DMed his 2nd account and waiting for a reply. If he will want it - I’ll share answers.
15
8
117
Gm! It seems
@GoGalaGames
$GALA token has been infinimint exploited on
#BSC
and is currently getting TWAP dumped by an attacker!
TX (use
@bscscan
): 0x4b239b0a92b8375ca293e0fde9386cbe6bbeb2f04bc23e7c80147308b9515c2e
7
41
107
Dear followers, I don't often ask for help, but in this situation, if you want me to create more content, please help me in any way that works for you…
I would appreciate it if you could donate to me at the following addresses:
6
20
110
Dear followers, I'm seeking for work.
I'll be reviewing my DMs all day; any suggestions are welcome. CV and other information will be provided during private conversations.
Thank you!
12
19
111
In case you didn't know, I'm maintaining a
#DeFi
Developer roadmap, thanks a lot to the community for your support ❤️
Link:
and a special thanks to
@LidoGrants
&
@LidoFinance
for helping me get started! You are awesome!
7
35
113
Spending time with old friends in beautiful places...
15
1
110
If you're looking for sites to revoke your approvals & limit your exposure to attack, here are good sites:
>
>
>
>
>
>
👇More below👇
Here's the most correct recap of what's happening with OpenSea right now.
tl;dr The security of web3 platforms depend entirely on wallets with universally poor security UX, and there's very little the platforms can do about it.
19
113
362
3
35
113
Gm 🙌 I was asked if I know a list of all existing smart contract security tools. So I collected all known SC sec tools based on 4 fresh academic researches 😎
👉
👉
👉
👉
5
33
110
I'm happy to share that I have received a grant from
@LidoGrants
(ecosystem funds from
@LidoFinance
) for another 6 months of work on the
#DeFi
roadmap and related materials!
Check out our guide, pass it on to your friends, and check out
@LidoGrants
👀
18
15
106
A curated list of
#DeFi
(decentralized finance) project trackers, analytics dashboards, and resources.
8
37
110
New Discord attack vector spotted in the wild for the first time! Stay safe!
Also check out resources under my post ⬇️
This is the hacker.
As I do with every DM, I analyze all the info available to see whether this is legit. He had articles from 5 years ago, his message was professional, and it was a discord account since 2018. This was enough to start a conversation, at least.
1
4
30
8
39
104
Gm! I'm happy to tell you that I've updated my investigative guide!
Check it out on my
@viamirror
!
12
31
109
Dear followers, I've made the decision to temporarily go private in order to address the shadowbans applied to my account, which are impacting the distribution of content. I'm hoping that by doing this, I can interact with my fans more often.
Stay safe!
7
3
107
Seems like Galaxy has been hacked, FYI!
Hacker’s address: 0x4103babcfa68e97b4a29fa0b3c94d66afcf6163d/history
7
25
98
The most unusual
#OSINT
guide you've ever seen. The repository is intended for bored professionals only. PRs are welcome! 🫡
2
32
104
Unibot potentially compromised. Stay safe!
Source:
@leviathan_news
Potential Exploiter wallet:
13
31
100
Oh wow a
@ensdomains
data leak!
Ethereum Name Service allegedly breached and data dumped by SiegedSec.
@ensdomains
#ethereum
5
18
65
16
17
94
In this article, we will explore the powerful capabilities of HackedWalletRecovery - an awesome tool developed by
@austingriffith
&
@buidlguidl
teams! I'll also provide some additional safety advice.
7
33
101
“If we finally want to give people the opportunity to be their own bank, we must realize that in this case, people must be able to replace all those services and actions for which traditional banks get money”.
Check out my updated OpSec guide ⬇️
8
21
103
Legendary Guide. Recently updated!
Please share it with your friends!
8
29
103
Today I would like to collect all good governance and DAO-related researches 🤔
Check the thread below
👇
7
32
101
Access has been restored. Lost funds: 0x4ef6f0d3f94ff609acef88068b1fc66a1184b3f3; attacker’s profit: 145 000 $ + NFTs
Stay safe!
4
14
99
Tips for Solidity Code Auditors.
Gaining the most elusive of tips. Add your input and let's collect them all!
7
22
96
Great collection! 🧐
Here are several great repos that I use in
#OSINT
as well:
-
-
-
Check out:
2
181
506
1
39
97