Discover and read the best of Twitter Threads about #cryptosecurity
Most recents (9)
🚨 Breaking: CFTC Sues Binance & CZ - Unpacking the Allegations 📉 #BinanceLawsuit
The CFTC has sued crypto exchange Binance & CZ over allegations of knowingly offering unregistered crypto derivatives products in the US & violating federal laws.
Let's dive into the details.🧵👇
The CFTC has sued crypto exchange Binance & CZ over allegations of knowingly offering unregistered crypto derivatives products in the US & violating federal laws.
Let's dive into the details.🧵👇
1/ 🔍 The lawsuit alleges that Binance operated a derivatives trading operation in the US, offering trades for cryptocurrencies like BTC, ETH, USDT, and BUSD, referred to as commodities in the suit. #Binance is accused of directing employees to use VPNs to spoof their locations.
2/ CFTC's Charges Against Binance📜
The CFTC is charging Binance with violating laws around offering futures transactions, illegal off-exchange commodity options, failing to register as a futures commissions merchant, designated contract market or swap execution facility & more
The CFTC is charging Binance with violating laws around offering futures transactions, illegal off-exchange commodity options, failing to register as a futures commissions merchant, designated contract market or swap execution facility & more
1/ 🔒💰 Protecting your crypto is more important than ever.
Here are some of the most common scams and tactics used by hackers, and how you can protect yourself against them (Thread 🧵 Alert 🚨)
Here are some of the most common scams and tactics used by hackers, and how you can protect yourself against them (Thread 🧵 Alert 🚨)
2/ Malicious transactions:
Scammers can trick you into signing a transaction that grants them access to your assets.
To protect yourself, keep an eye on the transactions you make and the sites you interact with.
Scammers can trick you into signing a transaction that grants them access to your assets.
To protect yourself, keep an eye on the transactions you make and the sites you interact with.
3/ Malicious messages:
Phishing sites can trick you into signing a message disguised as a wallet connect.
To protect yourself, double-check what you're signing.
Phishing sites can trick you into signing a message disguised as a wallet connect.
To protect yourself, double-check what you're signing.
DeFi Attack | ULME Token was attacked (phalcon.blocksec.com/tx/bsc/0xdb9a1…), and the attacker gained around 50,646 BUSD.
It's an indirect price manipulation attack caused by unrestricted access control.
⚠️ Do not approve your BUSDs to ULME token contract !!!
#DeFi #BSC #CryptoSecurity
It's an indirect price manipulation attack caused by unrestricted access control.
⚠️ Do not approve your BUSDs to ULME token contract !!!
#DeFi #BSC #CryptoSecurity
Analysis
1) Use Flashloan to borrow BUSD
2) Swap BUSD for ULME on Pancake
3) Call the `buyMiner` function of ULME token based on pre-discovered users who approved BUSD tokens
4) Swap ULME for BUSD with an indirectly manipulated price
5) Return the Flashloan and loot 50,646 BUSD
1) Use Flashloan to borrow BUSD
2) Swap BUSD for ULME on Pancake
3) Call the `buyMiner` function of ULME token based on pre-discovered users who approved BUSD tokens
4) Swap ULME for BUSD with an indirectly manipulated price
5) Return the Flashloan and loot 50,646 BUSD
Sorry for the typo. 'BUSD' -> 'BUSD-T'
1/ DeFi Alert | Our monitoring system reported that a front-running transaction targeting RADT-DAO token (tools.blocksec.com/tx/bsc/0xd692f…), and the loss is around 94,304.58 USDT. It caused the price of RADT-DAO token dropped 81.97%.
#DeFi #BSC #CryptoSecurity
#DeFi #BSC #CryptoSecurity
2/ There are three front-running transactions and a failed "original" transaction (bscscan.com/tx/0xe4f697883…). Through the investigation, we find that the attack is made possible due to the price manipulation of the RADT-DAO - USDT pair in the Pancake pool. Below is the detail:
3/ Steps
1) Borrow USDT via flashloan
2) Partially swap USDT for RADT-DAO token in the Pancake pool
3) Trigger the fallback function of the RADT-DAO contract to transfer the remaining RADT-DAO in the Pancake pool
4) Swap RADT-DAO (from Step 2) for USDT
5) Return the flashloan
1) Borrow USDT via flashloan
2) Partially swap USDT for RADT-DAO token in the Pancake pool
3) Trigger the fallback function of the RADT-DAO contract to transfer the remaining RADT-DAO in the Pancake pool
4) Swap RADT-DAO (from Step 2) for USDT
5) Return the flashloan
Alert | Our monitoring system detected a weird transaction (tools.blocksec.com/tx/bsc/0xe176b…), and the "attack" profit is around 61,160 BSC-USD.
#DeFi #BSC #CryptoSecurity
#DeFi #BSC #CryptoSecurity
2. Analysis
1) Borrow BSC-USD via flashloan, buy USDT, and swap to $Zoom @ZoomproFinance
2) Call 0x47391071824569f29381dfeaf2f1b47a4004933b "0x1e69fcc4" function and it will send 1M USDT to ZOOM/USDT Pair
1) Borrow BSC-USD via flashloan, buy USDT, and swap to $Zoom @ZoomproFinance
2) Call 0x47391071824569f29381dfeaf2f1b47a4004933b "0x1e69fcc4" function and it will send 1M USDT to ZOOM/USDT Pair
2. Analysis
3) The price of Zoom/USDT will raise after calling the pair function sync
4) Swap Zoom to USDT, buy BSC-USD and return the flashloan.
3) The price of Zoom/USDT will raise after calling the pair function sync
4) Swap Zoom to USDT, buy BSC-USD and return the flashloan.
DeFi Attack | Our monitoring system reported that XSTABLE.PROTOCOL was attacked (etherscan.io/tx/0x873f7c77d…), and the loss is around 27.13 WETH.
This is a Logic Vulnerability.
#DeFi #ETH #CryptoSecurity
This is a Logic Vulnerability.
#DeFi #ETH #CryptoSecurity
2.1/ The Attack Process
Attacker: 0x334f3606886456537d0eb616497e770cbd2fbe5d
Mal Contract: 0x4fbb8840d37a21e38c8e438db27aae7bb91af052
Pool1: UniswapV2 WETH/USDT
Pool2: UniswapV2 WETH/XST
Attacker: 0x334f3606886456537d0eb616497e770cbd2fbe5d
Mal Contract: 0x4fbb8840d37a21e38c8e438db27aae7bb91af052
Pool1: UniswapV2 WETH/USDT
Pool2: UniswapV2 WETH/XST
2.2/
1)Flashloan
from Pool1: 77.99 WETH
2)Swap in Pool2
77.99 WETH for 403,258 XST
3)Transfer 92,415 XST -> Pool2
4)Pool2.skim(Pool2)
Pool2 -> Pool2: 92.415 XST
..skims
5)Pool2.skim(Attacker)
6)Swap in Pool2:
3,413,549 XST for 105.35 WETH
Profit: 27.13 WETH
1)Flashloan
from Pool1: 77.99 WETH
2)Swap in Pool2
77.99 WETH for 403,258 XST
3)Transfer 92,415 XST -> Pool2
4)Pool2.skim(Pool2)
Pool2 -> Pool2: 92.415 XST
..skims
5)Pool2.skim(Attacker)
6)Swap in Pool2:
3,413,549 XST for 105.35 WETH
Profit: 27.13 WETH
DeFi Attack | Our monitoring system reported that EGD_Finance was attacked (bscscan.com/tx/0x50da0b1b6…), and the loss is around 36,044 USDT.
This is a typical price manipulation attack.
#DeFi #BSC #CryptoSecurity
This is a typical price manipulation attack.
#DeFi #BSC #CryptoSecurity
2/ The process of attack:
1)Flashloan from
Pool1: 2,000 BUSD-T
Pool2: 424,456 BUSD-T
Pool1: Pancake Pool BUSD-T/WBNB
Pool2: Pancake Pool **EGD**/BUSD-T
1)Flashloan from
Pool1: 2,000 BUSD-T
Pool2: 424,456 BUSD-T
Pool1: Pancake Pool BUSD-T/WBNB
Pool2: Pancake Pool **EGD**/BUSD-T
3/ The process of attack:
2) EGD_Finance.claimAllReward()
=> EGD_Finance transfers --- 5,614,105 EGD ---> Mal Contract
Mal Contract: 0xC30808D9373093fBFCEc9e026457C6a9DaB706a7
Attacker: 0xee0221D76504Aec40f63ad7e36855EEbF5eA5EDd
2) EGD_Finance.claimAllReward()
=> EGD_Finance transfers --- 5,614,105 EGD ---> Mal Contract
Mal Contract: 0xC30808D9373093fBFCEc9e026457C6a9DaB706a7
Attacker: 0xee0221D76504Aec40f63ad7e36855EEbF5eA5EDd
Exploit | Our monitoring system reported that Nomad Bridge @nomadxyz_ was attacked (etherscan.io/address/0xb923…), and the loss is around 150M USDT.
#crosschain #CryptoSecurity
#crosschain #CryptoSecurity
2/ As a cross-bridge project, Nomad adopts a merkle-proof technology to verify that user requests are valid. By calling **process** function, a user can pass the request message to the contract.
3/ The verification procedure in the **process** function firstly finds the corresponding Merkle root by the hash of the message and the Merkle root is then passed into the **acceptableRoot** function to see if it is legal or not.
[31/236]
So why did this transaction have a MetaMask pop up and why is this the only function interaction that has been registered on Etherscan. To understand it better let us look at "stateMutability" witin the ABI (docs.soliditylang.org/en/v0.8.13/abi…)
So why did this transaction have a MetaMask pop up and why is this the only function interaction that has been registered on Etherscan. To understand it better let us look at "stateMutability" witin the ABI (docs.soliditylang.org/en/v0.8.13/abi…)
[32/236]
As per the ABI, the state mutability has been pure or view for the other functions. These do not affect the Blockchain. While on the other "authenticate()" function has a state mutability as nonpayable which does affect the blockchain as data is being registered.
As per the ABI, the state mutability has been pure or view for the other functions. These do not affect the Blockchain. While on the other "authenticate()" function has a state mutability as nonpayable which does affect the blockchain as data is being registered.
[33/236]
Back to the transaction, once the approve button is clicked on the Metamask pop up, a transaction hash is generated and broadcast to the network , it is sent to a transaction pool.
Back to the transaction, once the approve button is clicked on the Metamask pop up, a transaction hash is generated and broadcast to the network , it is sent to a transaction pool.
