0xSaiyangod
@saiyangod
Followers
971
Following
52K
Media
799
Statuses
15K
CTO of W3bSecOps @wallet_guard @pocketuniverseZ @_SEAL_Org @Intell_On_chain @FairSideNetwork 正义
Bikini Bottom
Joined May 2024
“Crypto security experts are the first responders of the blockchain world” A crypto bro of mine retired to be a fireman. It made me to realize how some leave their jobs to become heroes in the industry, but he left digital hero work to become a real life hero. I started with
⚡ INSIGHT: How do crypto detectives really investigate crime? Magazine spoke to several sleuths to learn how they investigate hacks better than the cops. Via Cointelegraph Magazine
7
4
25
> be me > be red teamer > industry disrupted > omg > we all using PentAGI now > compromise target using email lure > c2 access to network machine > need lateral movement > spend 45 minutes reading pentagi readme > "omg this is gonna be so sweet" > needs docker instance > docker
🚨 BREAKING: The cybersecurity industry is about to get completely disrupted. Someone just open-sourced a fully autonomous AI Red Team. It's called PentAGI. 8,200+ stars on GitHub. Not one AI agent. An entire simulated security firm. Researchers, developers, pentesters, and
63
121
2K
🚨 $80M Stablecoin Exploit, and a reminder of how fragile this model really is Stablecoins don’t fail gradually, they fail all at once. Today, Cyvers detected a major incident at @ResolvLabs, where an attacker minted ~80M unbacked $USR. No collateral was drained, this was pure
1
10
34
Resolve was exploited. 🚨 The attacker used 200K $USDC to mint 80M $USR. He then used 44.78M $USR to buy 11,437 $ETH($23.85M), with 35.14M $USR remaining. https://t.co/cARuURAcrs
55
51
478
Tornado Cash withdrawal/Cluster Analysis from your phone
1
2
14
🚨 CRITICAL: Security scanner 'Trivy' has been compromised by threat actors who influenced the GitHub build process and pushed a malicious update that installs infostealer malware dubbed "TeamPCP Cloud stealer." They created a lookalike domain (scan.aquasecurtiy[.]org) and
6
67
264
⚠️ Phishing Alert Multiple suspicious domains impersonating #Avast (not fully confirmed, but highly suspicious) avast-customer-service/.pages/.dev aclogportal/.com/avast-login myuserlogin/.net supportby/.chat getchatsupport/.live Fake support pages and chat prompts, likely
3
2
8
Ermm... Should we be worried?
Google Ads is currently the biggest malware distributor in Crypto. > @googleadsense A friend just lost $115k USD worth of crypto to this fake TronLink extension. It was the top "Sponsored" result on Google, leading to the official Chrome Web Store. How did it bypass Google's
2
2
7
A lot of people will just randomly post "My Telegram is hacked" and never follow up with any additional information. Informing others that your Telegram is hacked is a good first step, but providing more details to organization like SEAL helps us to lower the overall
6
1
4
The best format is - Have you executed/double-clicked any script? (Check your recent Downloads) - Context (I know this person / This is hacked account of that person / This is impersonation of someone I know etc.) - Screenshots of the conversation - REAL malicious URL (Click
1
1
2
Report suspicious Telegram/LN messages as well as malicious URLs/documents received to @_SEAL_Org TG (@seal_tips_bot) or here directly. It doesn't matter if you got infected yourself or not. That's the best way for us to stay ahead of attackers and stop them from hacking others.
1
3
9
not confirmed nor denied that Coruna targets a specific market. standard iOs users are likely on 26.# or a beta equivalent id imagine
@Pirat_Nation Oh that's shady. Time to start using maps and turn off your location/GPS data on your phone. What's funny is you know the criminals are using old-school tech. So if you see anyone with an old phone, there is a high chance they are up to something.
0
0
1
It’s not a question of if, its when. 5th truth of Cybersecurity
🚨 7 crypto attacks in 15 days. Your crypto balance doesn't matter anymore. Halfway through March, seven crypto holders were attacked worldwide, five in France alone. The game has changed: Attackers aren't hunting whales. They're coming for anyone who holds crypto. If you've
0
0
0
@arkham You’re missing a few addresses in this cluster. I’ll DM you them later. I can also give you the broader cluster of the same hacker if you want to do deeper analysis on whether they are up/down over time. They set off my alerts all the time, swapping between eth/dai/wbtc. They
2
2
19
🚨 7 crypto attacks in 15 days. Your crypto balance doesn't matter anymore. Halfway through March, seven crypto holders were attacked worldwide, five in France alone. The game has changed: Attackers aren't hunting whales. They're coming for anyone who holds crypto. If you've
4
10
35
Approval phishing is one of the most common ways crypto wallets get drained. The UK's National Crime Agency just named revoking wallet permissions as a key defence in their Operation ATLANTIC fraud guidance. Check yours today at https://t.co/JLlBv1KUrx.
5
6
30
Tax season is also peak season for identity theft. Criminals use stolen personal data to file fake tax returns and claim refunds before the real taxpayer does. Here’s how the fraud works, and how to protect yourself. 👇 https://t.co/beF5Np4m9x
malwarebytes.com
Tax season is also peak season for identity theft. Malwarebytes researchers spotted criminals trading stolen tax records on dark web forums.
0
8
18
Coruna targets between 13.0 and 17.2.1 this takes care of a few lingering users on 18.4–18.7 #iOS #exploit
if you're using iPhones, please check if your device is running the latest OS version. if it isn't, update your device the DarkSword iOS exploit kit is currently in circulation and targeting users in: • malaysia • saudi arabia • turkey • ukraine it targets devices running
0
2
1
CISA published an advisory on endpoint hardening after Stryker. The RBAC guidance is solid. Multi Admin Approval for Intune is not a complete solution either. An attacker with Global Admin can create the second approver account themselves. That is a five minute delay, not a
threathunter.ai
CISA published an advisory on endpoint management hardening after the Stryker wipe. Their Multi Admin Approval recommendation is a speed bump, not a wall. Here is what actually stops a Global Admin...
5
60
234
