Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
mononaut (tx/acc) Profile picture
@mononautical
Jun 1 11 tweets 3 min read Read on X
Japanese exchange DMM Bitcoin recently lost 4503 BTC, worth over $300m.

So what happened? Did North Korea hack their mainframe? Perhaps a team of elite thieves executed a series of elaborate heists to exfiltrate multisig keys from DMM's vaults?

Let's investigate... 🧵
Here's the "theft" transaction. Note the output address, and the absurdly high fee of 0.1 BTC.

mempool.space/tx/975ec405ac9…
Image
Here's a legitimate withdrawal to one of DMM's own addresses from earlier this month.

mempool.space/tx/a673525b3c8…
Image
And here's a random unconfirmed dust transaction to DMM's multisig address, that's been floating in the mempool for months.

mempool.space/tx/e40ef6bc0eb…
Image
Did you spot it?

Yep, the stolen funds were sent to an address that matches the first 5 and last 2 characters of the address DMM routinely uses to handle withdrawals from this wallet.

Classic address poisoning* attack, right? Image
Well, maybe not.

Remember the crazy fee? DMM has never overpaid like that before from this wallet.

And what are the odds that a poisoned withdrawal just so happened to be sweeping an unprecedented 90% of the total balance in a single transaction?
This was a 2-of-3 multisig holding hundreds of millions of dollars of Bitcoin.

Unless DMM is completely insane, each of those keys will be controlled by a separate person.

So imagine you gain access to just one of those keys, but want to steal all of the money.

What do you do?
Perhaps you craft a consolidation to a confusingly similar address, and send it off to another keyholder for approval.

And then hope they don't compare the actual destination with their whitelist of safe addresses too carefully before signing the transaction.
Which leaves some obvious questions:

How did the attacker get access to even one key?

And how did they know who and how to contact to secure that crucial second signature?

I suspect we'll never know...
h/t to my eagle-eyed anonymous source for spotting the address similarities!
*("address poisoning" is when an attacker sends funds from an address they control, which has been "mined" to look confusing similar to one of the victim's own, in the hope that they'll accidentally copy and paste the wrong address from their transaction history)

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with mononaut (tx/acc)

mononaut (tx/acc) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @mononautical

mononaut (tx/acc) Profile picture
Feb 3
uh guys? Image
seems to be driven by lots of transactions like this, committing to a large batch of inscriptions, but also creating a bunch of seemingly pointless 420-sat outputs.
mempool.space/tx/010b7b61208…
the inscriptions that have been revealed so far are recursive references to some 3D orb model.

so I assume this is another mint event for one of these vaporware metaverse projects.
Read 5 tweets
mononaut (tx/acc) Profile picture
Nov 30, 2023
It looks like @AntPoolofficial finally noticed that 83.7 BTC fee sitting in their wallet.

antpool.com/newsDetail/457

Image
It's worth reiterating that this is a woefully inadequate way to verify the rightful owner of those coins.

Especially in light of the claims of a compromised wallet.

So while this might sound like good news for @83_5BTC, there's a serious risk that AntPool ends up returning the overpaid fees to the hacker, not the victim.

(especially if they just send it right back to the allegedly compromised address 😱)
Read 4 tweets
mononaut (tx/acc) Profile picture
Nov 27, 2023
The signature checks out, @83_5BTC apparently controls the key that paid that 83.7 BTC fee.

1/🧵
Image
2/ They say they sent the coins to a fresh cold wallet, which was instantly swept by a third party.

The attacker managed to steal almost 56 BTC while paying 83.7 in transaction fees.

So the victim lost not only the fee, but their entire 140 BTC stack 😭

3/ The most likely explanation is that the wallet was generated from bad entropy - perhaps a brainwallet, or too few dice rolls/coin flips, or an insecure PRNG.

Let this be a reminder not to take shortcuts with your entropy, and ideally to use multisig for very large sums.
Read 8 tweets
mononaut (tx/acc) Profile picture
Oct 21, 2023
How does a lightning replacement cycling attack work?

There's a lot of discussion about this newly discovered vulnerability on the mailing lists, but the actual mechanism is a bit hard to follow.

So here's an illustrated primer...

🧵 1/n


Image
Image
Image
Image
2/ Imagine Bob is routing a lightning payment from Alice to Carol.

While in flight, the payment is protected by HTLC outputs in his pre-signed channel commitments with each peer. Image
3/ An HTLC (Hash/Time Lock Contract) is a conditional payment from sender to receiver.

It can be spent immediately by the receiver by revealing the preimage to a hash H, or reclaimed by the sender after some timeout.

Check out a real HTLC spend here: mempool.space/tx/4ec0f703e08…
Image
Read 20 tweets
mononaut (tx/acc) Profile picture
Sep 13, 2023
🚨🚨🚨 BREAKING 🚨🚨🚨
The fat fingers belong to PayPal
I had initially discounted that possibility, but after receiving a tip-off I took another look.

The overpaid fee came from a hot wallet reusing the address bc1qr3...zpw3, which started operating in June of this year. Image
The on-chain activity is consistent with automated processing of fiat-denominated withdrawals, and also closely matches the behavior of a now inactive wallet bc1qhs...kx4n, which is labelled as PayPal on .

oxt.me
oxt.me/address/bc1qhs…
Image
Read 8 tweets
mononaut (tx/acc) Profile picture
May 30, 2023
a substack post going around at the moment claims that a single entity owns 64% of all inscriptions created since early March, paying an eye-watering 1056 BTC for the privilege

it's not true.

block21m.substack.com/p/most-bitcoin… Image
I've seen a lot of takes already suggesting this sounds like market manipulation, money laundering, or a well-funded attack on Bitcoin by wealthy adversaries.

but the truth is much less exciting.
inscriptions are created with a two-phase commit/reveal process.

first, a taproot output is created which commits to the inscription data and a public key. Image
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(