Ancilia, Inc. Profile picture
Cybersecurity partner for web3
Mar 20, 2023 4 tweets 2 min read
1/ #Ancilia_Alerts : Looks like @ndxfi's ORCL5 Token contact lost $9925 due to a flashloan attack,

hacker,
0x65d437e852ac699e3951e1722bcc4a0660053596

contract,
0xD6cb2aDF47655B1bABdDc214d79257348CBC39A7 ImageImage 2/ @ndxfi (Index Finance) you should take a look! More hacks are ongoing to other tokens in the protocol.

The attacker got over 15k so far. Image
Jan 19, 2023 4 tweets 4 min read
1/ We detect a hack on @ThoreumFinance. Hacker (0x1ae2dc57399b2f4597366c5bf4fe39859c006f99) has gained ~2000 BNB and deposited to tornado (via 0x1285fe345523f00ab1a66acd18d9e23d18d2e35c). #Web3 #Hacking ImageImage @ThoreumFinance 2/ we think the root cause is in the "transfer" func. In the Tx, when 0x7d1e1901226e0ba389bfb1281ede859e6e48cc3d calls transfer to itself, its balance will increase. By repeating doing this, it ends with 500k+ $THOREUM tokens Imagerepeat calling transfer to ...
Dec 2, 2022 6 tweets 3 min read
10,000,000,000,000 aBNBc Token was minted in tx: 0xe367d05e7ff37eb6d0b7d763495f218740c979348d7a3b6d8e72d3b947c86e33, and sent to addr: 0xf3a465c9fa6663ff50794c698f600faa4b05c777. These aBNBc token is being swapped to USDC and WBNB now /2 0xf3a465c9fa6663ff50794c698f600faa4b05c777 is transferring $$ out via Tornado and cBridge now
Nov 30, 2022 6 tweets 3 min read
1/ Our monitor system found token MBC bscscan.com/address/0x4e87… was hacked. @CXH21294765 @Moonbirds_Club. Hack(0x9cc3270de4a3948449c1a73eabff5d0275f60785) gained around 5.6k BUSD and transferred to contract 0xad2D2CB5F91e7AdEE7b029958A58fE6a38e282EB @CXH21294765 @Moonbirds_Club 2/ The root cause is that the MBC contract use function addLiquidity() wrong and also it accidentally exposed the interface as public. The function swapAndLiquifyStepv1() use the balance of address(this) as the desired reserve amount which mean to keep the reserves. ImageImage
Nov 22, 2022 4 tweets 2 min read
1/ Our system detected a suspicious tx which gained over 49BNB (~$13K) from @AURofficial_ pancakeswap AUR/WBNB pool.

@AURofficial_ you should take a look.

bscscan.com/tx/0x7f031e854… Image @AURofficial_ 2/ It seems a hack. Attacker 0x6903499751f973052155df339116b6c6b24ac24b use contract 0x3d743b2f760a431cc20047cb5c7758c9a8860d6b to call createNode() with 0.01 BNB in TX bscscan.com/tx/0xb3bc6ca25….
Oct 25, 2022 4 tweets 3 min read
1/ #web3 #hacks, our system detected highly suspicious txn from this address

0x8ca72f46056d85db271dd305f6944f32a9870ff0

the attacker was able to gain over 24 eth in two Txn,

etherscan.io/tx/0x8037b3dc0… 2/ This is caused by an re-entry attack when contract Xn00d etherscan.io/address/0x3561… _mint() before doing transferFrom @n00dleSwap