We used our @MistTrack_io OpenAPI to examine FTX withdrawals in the past couple days.
Starting on the #TRON network, most funds were sent to Binance, FTX US, and OKX via TYD....tW6. Binance also received the greatest number of deposits from FTX, followed by KuCoin and OKX.
Switching over to the ETH network, FTX hot wallet 0x2f...6ad2 transferred most of the funds @binance, followed by @krakenfx and @coinbase .
When it comes to the exchange of choice for withdrawals, most choose Binance, then @Bybit_Official and Kraken.
Another FTX hot wallet(0xc0...3a94) on the ETH network also sent most of the funds to Binance, followed by @Gemini and @coinhako.
However, based on the number of withdrawals transactions, most users chose to deposit to Binance, then @coinbase and @cryptocom.
On November 9, 2022, the brahTOPG project on the ETH chain was attacked, leading to the loss of $89,879.
We conducted an investigation into this incident and these were our findings.
1. The attacker first queries the balance of the victim user 0x392472, and then calls the zapIn function of the Zapper contract.
2. The function will transfer the token specified by the requiredToken to the contract. Since the parameter passed in by the function can be modified externally, the attacker can create a fake token for the requiredToken and transfer it to Zapper contracts.
Recently, we've seen a new phishing attack against the crypto community. Scammers are currently soliciting victims to participate in beta testing in return for financial compensation.
Here's how it works🧵👇
Typically, scammers will contact victims through Discord or other messaging apps and send over a compressed file.
The file is generally an 800M exe file, once opened, it will scan your computer for files containing keywords such as "wallet" and send them to the scammer.
The reason why these files were so large is because it’s filled with a large number of 0000 empty files, this helps them evade antivirus software.
(Note: Most online antivirus software can analyze files up to 50 M, while PC antivirus software can analyze files up to 500M.)
The Ethereum Virtual Machine (EVM) is a computing engine that can be thought of as a distributed computer with millions of executable applications.
While the EVM's representation cannot be pinpointed like a cloud or an ocean wave, it does exist as a whole and is maintained by thousands of interconnected computers each running the Ethereum client.
The purpose of an EVM is to determine the state of every block in the Ethereum blockchain. While EVMs are similar to other blockchains that use distributed ledgers, they add another layer of functioning due to their smart contract capabilities.
We’ve expanded our consulting services to help support #Web3 projects stay secure from A to Z.
Our services will not only include on-chain support such as smart contract auditing but off-chain as well.
Web3 services include:
1. Complete Security Analysis 2. On-chain Emergency Response Service 3. Threat Intelligence Sharing (Vulnerabilities&Risks) 4. Product Testing of Security Service (@MistTrack_io, Smart Contract Monitoring) 5. Priority Scheduling of Security Audit Services
This was only made possible because our team of security experts has years of practical experience as well as monitoring services in place to stay up to date on the latest attacks.