Share this page!

CIA Officer Profile picture
Twitter logo
25 Dec, 14 tweets, 7 min read
Warning ❗️ An attack on thematic @telegram crypto chats ongoing now. The attackers use an account named "Smokes Night" to spread Echelon malware by dropping a file into the chat room.

TLDR: Disable auto-downloading in Telegram settings right now.

👇 See the thread below 👇
@telegram 1/X

Here is a good article themed how to configure your TG, which don't have "out-of-the-box" privacy settings, correctly.

medium.com/immunefi/how-n…
2/X
Original report: cisomag.eccouncil.org/echelon-malwar…

Full report: safeguardcyber.com/hubfs/Threat%2… Image
3/X
Looks like @github did not delete malware sources and it is still being sold at underground forums with using GitHub as a landing page.

1 - github.com/BitcoinFakeSen…

2 - github.com/swagkarna/Eche…

3 - postimg.cc/8FcSDzL6
4/X
Actually this malware reminded me oldschool MaaS (Malware-as-a-Service) like cyberint.com/blog/research/…
Solarwinds RTBM, PRTG Network Monitor should detect it as well as other bandwidth monitors.
5/X
This malware is operated via special Telegram bot. Unusual implementation of classic MaaS. Image
6/X
Stay safe fam! Made a guide for you:

github.com/OffcierCia/Cry…
7/X
Extended resources for those who want to avoid this malware:

- ledger.com/academy/securi…

- github.com/drduh/macOS-Se…

- github.com/jlopp/physical…

- usenix.org/system/files/1…
8/X Follow-up the discussion

t.me/solidity_learn…
9/X

Check out this convo (and my replies) as well, answered on questions here

TLDR: There are 2 ways of attack, 1st requires click from you, 2nd, which will cost the attacker more, not.

To protect from the 1st just stay accurate, from 2nd - keep auto downloading disabled.
10/10

In this convo I explained the attack (passive XSS) with using animated @telegram stickers, same as attackers did against @opensea users a month ago. Just to add on topic. Remember to keep “Loop Animated Stickers” setting off as well.

👇👇👇
See problem No20 github.com/OffcierCia/Cry…
Adding some info on topic

- shielder.it/blog/2021/02/h…

- thehackreport.com/secret-chats-o…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with CIA Officer

CIA Officer Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @officer_cia

CIA Officer Profile picture
6 Nov
GN! Another very serious thread/manifest in which I would like to bring up an important problem. It is called cybersquatting. I will explain everything in details 👇
1/X So, let's begin. What exactly is cybersquatting? Cybersquatting is the bad-faith registration and use of a domain name that would be considered confusingly similar to an existing trademark, for example CADDNA.org or AppleProducts.com.
2/X Cybersquatters often conduct a variety of illegal and illicit practices: they can deliver malware, sell counterfeit goods, host phishing schemes, steal identities, and make money from deceptive advertising ruses.
Read 9 tweets
CIA Officer Profile picture
4 Nov
According to @_CPResearch_, users of the Metamask and Phantom crypto wallets, as well as the Pancake platform, were victims of a crypto-fishing scam that stole more than $500,000.

In this thread I ll try to explain how did attackers do that in my own words 👇 Image
1/X

When searching in google on crypto keywords such as “metamask” the spoofed links would appear at the top of search results. When clicked, the link would redirect to a “white” page and serve phishing content in the native language of the geographic region of the victim.
2/X
This attack method is called "cloaking". Cloaking refers to the practice of presenting different content or URLs to human users and search engines.

support.google.com/adspolicy/answ…
Read 11 tweets
CIA Officer Profile picture
16 Aug
In this thread I would like to tell you how to pass my #DeFi roadmap in an faster way 👇

Map: github.com/OffcierCia/DeF…
🔖 Learn the basics of Distributed Ledger Technology:

🔖 Elliptic Curve Cryptography: medium.com/coinmonks/lear…

🔖 Watch the video:

🔖 Read: medium.com/@preethikasire…

🔖 Read: blog.zeppelin.solutions/the-hitchhiker…

🔖 Watch: youtube.com/channel/UCJWh7…
📌Сheck out: solidity-by-example.org

📌 Read this study: arxiv.org/pdf/2106.10740…

📌 Don’t be afraid of using Google: powersearchingwithgoogle.com

📌 Сheck this tutorial: github.com/willitscale/le…

📌 Watch this intro: youtube.com/playlist?list=… and
Read 9 tweets
CIA Officer Profile picture
30 Jul
Today I would like to collect all good governance and DAO-related researches 🤔

Check the thread below
👇
arxiv.org/abs/2107.06790

Governing Decentralized Complex Queries Through a DAO
Collective intelligence and the blockchain: Technology, communities and social experiments

arxiv.org/abs/2107.05527
Read 16 tweets
CIA Officer Profile picture
30 Jul
Greetings, Dear Community! ❤️ Today I would like to tell you about blockchain forensics a bit more!

👇
To determine if a wallet is related to suspicious activity, services cluster addresses on the blockchain belonging to the same owner.  Clustering most often uses two heuristics: the total spend heuristic and the surrender heuristic.
The first clusters addresses that are separate inputs of the same transaction. Since different addresses send funds in the same transaction and have access to each other's private keys, we can assume that these addresses share the same owner.
Read 5 tweets
CIA Officer Profile picture
30 Jul
Dear community! ❤️ From this thread you will know about the most interesting DeFi and crypto-related databases and curated lists!

👇
1/x
ETH Dapp Developer Roadmap:
github.com/thecryptoshed/…

DeFi Defence DAO Tools:
github.com/defi-defense-d…

Blockchain Learning Path:
github.com/protofire/bloc…

ADF:
github.com/ong/awesome-de…

DeFi Toolkit:
github.com/gweicz/defi-to…

BlockTools:
github.com/nujabes403/blo…
2/x
Public APIs:
github.com/public-apis/pu…

BTC List:
github.com/igorbarinov/aw…

ConsenSys:
github.com/ConsenSys/ethe…

EVM Tools:
github.com/CoinCulture/ev…

Solidity Pro:
github.com/bkrem/awesome-…

Zhihu Research Base:
zhuanlan.zhihu.com/p/265374061
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @officer_cia has new unrolls!

Check out other threads from @officer_cia!

Read all threads by @officer_cia

:(