The CIA not only invests with Venture Capitals, but also helps with finding interesting projects and security issues.

Why is it worth #revoking smart contracts that you interacted with?

A thread! 🧵

1/11
#CIA #crypto #approval #revoke #exploit #cybersecuritytips
Yesterday, we received an information from one of the Venture Capital company that after sending a transfer to other address, the funds immediately disappeared and according to their findings everything went to 0xdead~.

They asked us for assistance and clarification.

2/11
1) Firstly, we examined the transfer from the VC to another address. Nothing unusual happened here - it was just a normal transfer:

3/11 Image
2) Exactly in the same block height, a transaction occurred that automatically took over the $BUSD sent by the VC, and executed a transfer to another address. The transfer was not initiated and authorized by the VC:

4/11 Image
3) We took a closer look at this transaction. As it turned out, besides the transfer to an unauthorized address, we also see an approval for the contract address 0x544fde4e25dd7e0aff084f4975d808ae366b746b:

5/11 Image
4) Quick research on our side revealed that this is one of the smart contracts that received approval from VC Address 2 exactly 2 years ago:

6/11 Image
5) During the deeper research, we established that this smart contract is known and was compromised along with other smart contracts on February 27th, 2023, following the tweet from @peckshield/@PeckShieldAlert below:

7/11
6) This event is most likely related to the exploit on @launchzoneann. The initial announcement on this incident can be found here:

8/11
The final conclusion is that the above incident is the result of an exploit and the lack of removal of #approval (by #revoke) by VC Address 2. 0xdead~ is not the real 0xdead~ or the 0x0000~, but rather another scammy smart contract.

9.1/11
As you can see, the consequences can come even after a few years since the interaction, even if then the contract was not malicious.

9.2/11
We have informed the VC about what happened, what they should do, and how to behave. As a result, only a few hundred $ disappeared. The entity revoked the malicious smart contracts and managed to save a significant portion of the funds by sending it to their fresh wallet!

10/11
To perform revokes, you can find plenty of tools!
For example you can use @RevokeCash or even Etherscan. For more information regarding approvals and revokes, see this article by @ConsenSys

consensys.net/blog/metamask/…

11/11
Kindly reminder that we published our first public report. For more information see the tweet below:

Thank you for reading. If you liked this thread don't forget to leave your feedback.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Crypto Insiders Association

Crypto Insiders Association Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(