When you DeFi you make fat stacks in secs if you grab a flash loan using anonymoused code bits and then trade them to these other deflationary-on-trade bits so your precoded automated loanbot can gulp, buy a weiBit and another until there's no more to buy
which are simultaneously and instantaneously determined to have value far greater than they were thought to have in the line of code just above bc there is no time in flash loan land and scarcity=value and value=scarcity and what you really want is
the bits that rep the governance of the protocol that permissionlessly allows for the creation of the pools of arbitrary anythings that you just loanbotted to 1/10^18 above zero bc they get rewards distributed via chat app and meatballs using the mighty trusted gecko oracle and
they only really have value bc AMM works both ways and brains do too and the market trusts meat more than the trustless system used to create the market and the belief in receipt grants you piles of these bits so you
repay the Schrodinger's loan you took out originally (or didn't take out) in this very second in time as well as paying the anti-ddos mechanism that similtaneously incentivizes borderless bots in all jurisdictions to agree that this did indeed happen and there's no going back.
Then you just go to the decentralized permissionless unicorn to sell those bits at a rate the market algorthim sets for new original code bits x 10^6 and tornadoing to safety yeah now you're rich #fomo it bro #flashloans4lyfe#defi#bitcoinisforboomers#whatcouldgowrong
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Crypto folks (hopefully) already know that Lazarus is one of the most prevalent threat actors targeting this industry.
They rekt more people, companies, protocols than anyone else.
But it's good to know exactly how they get in. Bc another smart contract audit won't save you.
For example, one long-time fave method:
- Contact employee via social/messaging app
- Direct them to a Github for a job offer, "skills test," or to help with a bug
- Rekt individual's device
- Gain entry to company's AWS
- Rekt company (and their users)
When it comes to financial crime, money laundering, etc. everyone goes thru a phase of thinking that the solution is knowing the identity of the account holder.
"if only we knew who moved these assets! then we would be able to catch them and stop crime!"
N O .
Literally NO.
It doesn't work at any scale. It's never worked at any scale. It never will work at any scale.
AML laws and all the related shit don't stop crime or money laundering. And it never has.
And it's really important to note that the implementation is NOT the issue.
The laws are *designed* to detect and block people from accessing the financial system.
And they do exactly that. Really well. So well in fact that like 1/4th of the world's population doesn't have a basic ass bank account.
On Fri June 2nd, thousands of Atomic Wallet users had their wallets drained across basically every chain.
Each theft involved 1-3 new addies. Initially we were only able to link thefts on-chain if they sent gas to multiple addresses.
(green guys are what we put alerts on first)
The lack of consolidation means the majority of addresses collected so far came direct from users sharing their info w/ folks like @zachxbt or w/ Atomic, @elliptic, @SlowMist, etc.
We have no idea how complete our lists are currently, or how long the long tail will be.