🚨 Solscan Address Resolution Misleading with SetAuthority. Some malicious users have successfully interfered with Solscan's address resolution through the SetAuthority command, causing it to misinterpret the destination of transfers. Let's look at one example.

7/7 📚 Attack in Action (3/3). After staking, the attacker calls function burn in the attacker's contract. 🔥Within the function burn, it performs withdrawal of stake token 10,000 BSC-USD in INcufi. Then the attacker's contract asks contract B and contract C to call function

6/7 📚 Attack in Action (2/3).After the setup, now the attacker abuses the vulnerability in STAKE (uint amout ,uint day,uint countryid).💥.The attacker's contract performs buyNFT which basically performs STAKE with day =0 and amount with 10,000 BSC-USD. As the attacker's contract

5/7 📚 Attack in Action (1/3).Now let's look at how such vulnerabilities were exploited by the attacker. 🕵️♂️.First, the attacker calls the function setup in the attacker's contract (contract A), which does the following:.1. Creates a contract C that gets registered with the

4/7 🔍 What was the loophole(2/2)?. Furthermore, the attacker cleverly utilizes the function: register(address referrer). 🕵️♂️ Register is a function that allows users to join given a referrer. The attacker cleverly manipulates this function by creating multiple contracts which

3/7 🔍 What was the loophole(1/2)?.The loopholes lie in two functions of the smart contract 'INcufi': register(address referrer) and STAKE (uint amout ,uint day,uint countryid). First, the major vulnerability is in STAKE(uint amount, uint day, uint countryid). 🔓 The user can set

2/7 🔍What does the INcufi contract do?. To understand where the loophole is, we need to understand what the INcufi contract is for. 🔍 The INcufi contract allows users to stake BSC-USD tokens and earn APY for staking the token to the contract. 📈 Once the user sets the day for.

1/7 🚨 Referral Loophole in INcufi.Yesterday, @Phalcon_xyz reported that an unknown contract (0x80df) on BSC drained ~$60K through interaction with a contract called 'INcufi' (0x80df77b2Ae5828FF499A735ee823D6CD7Cf95f5a). ⚠️ These transactions occurred from 2024-06-18 20:48 to

3/3 📚 Importance of Market Surveillance.🔍 According to our research, the price drop was likely due to higher timeframe arbitraging between the two exchanges. Currently, after the 66% drop in HIGH token value, Binance covers around 86% of the HIGH token market. 📊 Considering

2/3 🔍 Who is this mysterious attacker?.🕵️♂️ Upon our investigation of two addresses, we have identified various intermediary wallets linked with these addresses. Initially, our team pinpointed these intermediary wallets as potential wallets utilized for price manipulation. 🔍

1/3 🚨 Potential Price Manipulation on HIGH Token?.📅 On June 12th, @highstreetworld shared an announcement on Telegram regarding a total of 66% drop in token value. According to the team's investigation, this movement was the result of a malicious attack on their community.

3/3 📚 Lesson of the Day.When downloading extension files, remember that extensions have the ability to run executable files. To keep your environment safe, the team would like to provide 3 recommendations:.🖥️ Utilize a safe browsing environment - Isolate your trading environment.

2/3 🔍 How Cross Trading Happened.The attack was executed by grabbing cookie data across all tabs to obtain the victim's login credentials. Upon deeper analysis by @Tree_of_Alpha, it was discovered that the extension contained malicious lines of code that sent all the cookie data

1/3 🚨 Danger of Chrome Extension.2 days ago, @CryptoNakamao shared a post about his tragic loss of $1 million. Due to a malicious Chrome extension such as Aggr, which he downloaded after seeing a recommendation in TG channels, he has become a victim of cross trading. 💸 However,

7/7 🛡️ How to Protect Your Assets from Scammers: With two golden rules, you can secure your crypto assets:.🔐 Protect your seed phrase.📝 Understand what you sign on-chain. Check our comprehensive analysis of phishing attacks on blockchain for more details:.

6/7 🌾 Restake Farming Attack ft. Angel Drainer : Our investigation into restake farming attacks on EigenLayer Protocol highlights how Angel Drainer exploits staking mechanisms to drain funds from users. Understanding these tactics is crucial for secure DeFi participation. 🌾💸.

5/7 🚨 Bypassing Security Alerts ft. Angel Drainer: Discover how scammers use nested smart contracts to bypass security alerts from wallet providers. This advanced technique can catch users off guard. Stay one step ahead. 🔍🔔.

4/7 🔍 Traditional Attack Methods: Our article examines classic phishing strategies like approve & transferFrom, permit, and private key extraction. These methods remain prevalent and pose significant risks. 🛡️🔑

3/7 🛡️ ERC-4337 Vulnerabilities?: We explore how attackers exploit new features in ERC-4337, leading to potential security breaches. Understanding these vulnerabilities is essential for safer blockchain interactions. 🔐🚨

2/7 😈 Angel Drainer Uncovered: Our detailed analysis reveals how the malicious Angel Drainer targets unsuspecting users, draining their crypto assets through sophisticated phishing tactics. Stay informed to protect your holdings. 🕵️♂️💸