Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
SunSec Profile picture
SunSec
@1nf0s3cpt
CISO @xrexinc | Founder @DeFiHackLabs Web3 Security Community.
Jun 17, 2023 5 tweets 2 min read
🔥[Link updated] Root Cause Analysis of 101 DeFi Hacks!!!

👉English: web3sec.notion.site/web3sec/ba4593…

🧵This analysis is supported in 5 languages. Image 👉Chinese: web3sec.notion.site/web3sec/8e9274…
Oct 5, 2022 5 tweets 2 min read
🤖 MEV bot hacked - case 1

Root cause: Inappropriate visibility
When: 2022/09/13
Lost: ~$140k
Total 86,288 transactions in MEV bot.
MEV contract: 0x64dD59D6C7f09dc05B472ce5CB961b6E10106E1d

Attacked tx: bscscan.com/tx/0xd48758ef4…

👇Check what happened on MEV bot.
#MEV 1) Decompile contract
We can see a public function called pancakeCall, which means anyone can call this function. Image
Oct 2, 2022 8 tweets 3 min read
@TransitFinance

Root cause: Incorrect owner address validation.

POC: github.com/SunWeb3Sec/DeF…

#DeFi #Web3 #Security

👇Steps Image It's simple, but you need to study past transactions to know how to combine the call data.

1. You can input any innocent user who granted approvals to "0xed1afc8c4604958c2f38a3408fa63b32e737c428" before.
Jul 24, 2022 7 tweets 3 min read
Governance attack! Attacker profited ~$1M. etherscan.io/tx/0x4227bca8e… The bug was in Audius community treasury contract.
Exploited steps:
Tx (1): initialize + ProposalSubmitted + Staked.
Attacker called initialize() to modify configurations:
_votingPeriod to 3 blocks,
_executionDelay to 0 block
_guardianAddress

etherscan.io/tx/0xfefd829e2… Image
Jul 1, 2022 4 tweets 3 min read
@quixotic_io

Attacker Wallet: 0x0a0805082ea0fc8bfdcc6218a986efda6704efe5
688 accounts hacked.
Around 214k $OP lost
fillSellOrder issue in Quixotic contract optimistic.etherscan.io/address/0x065e…
If you are in Quixotic, urgent to revoke this address, 0x065e8a87b8f11aed6facf9447abe5e8c5d7502b6 @quixotic_io Crazy, unlimited ATM XD Attacker can input whatever buyer address XD Image
Jun 24, 2022 8 tweets 3 min read
Hackers exploited a vulnerability to steal 85,837 ETH (appr. $100 million) from Harmony's Horizon Bridge.

All the tokens drained to this address
etherscan.io/address/0x0d04…

Bridge address:
0x2dccdb493827e15a5dc8f8b72147e6c4a5620857
#harmonyprotocol First exploited since block 15012646, transfered 13,100 Ether.
TransactionID: 21106
etherscan.io/tx/0x27981c728…
Jun 8, 2022 7 tweets 5 min read
@GymNet_Official hacked analysis summary. $2+ million lost.

Attacker wallet: 0xb2c035eee03b821cbe78644e5da8b8eaa711d2e5

Attacker contract: 0x7cBfD7BCCd0a4a377eC6f6e44857eFe42c91b6eA

🚨Details in thread. 1.Unauthorized call depositFromOtherContract function to deposit 8,000,000 (GYMNET)
Due to incorrect access control.
bscscan.com/tx/0x8432c1c66… Image