contract,
0xD6cb2aDF47655B1bABdDc214d79257348CBC39A7 2/ @ndxfi (Index Finance) you should take a look! More hacks are ongoing to other tokens in the protocol.
The attacker got over 15k so far.
Jan 19, 2023 • 4 tweets • 4 min read
1/ We detect a hack on @ThoreumFinance. Hacker (0x1ae2dc57399b2f4597366c5bf4fe39859c006f99) has gained ~2000 BNB and deposited to tornado (via 0x1285fe345523f00ab1a66acd18d9e23d18d2e35c). #Web3#Hacking@ThoreumFinance 2/ we think the root cause is in the "transfer" func. In the Tx, when 0x7d1e1901226e0ba389bfb1281ede859e6e48cc3d calls transfer to itself, its balance will increase. By repeating doing this, it ends with 500k+ $THOREUM tokens
Dec 2, 2022 • 6 tweets • 3 min read
10,000,000,000,000 aBNBc Token was minted in tx: 0xe367d05e7ff37eb6d0b7d763495f218740c979348d7a3b6d8e72d3b947c86e33, and sent to addr: 0xf3a465c9fa6663ff50794c698f600faa4b05c777. These aBNBc token is being swapped to USDC and WBNB now
/2 0xf3a465c9fa6663ff50794c698f600faa4b05c777 is transferring $$ out via Tornado and cBridge now
Nov 30, 2022 • 6 tweets • 3 min read
1/ Our monitor system found token MBC bscscan.com/address/0x4e87… was hacked. @CXH21294765@Moonbirds_Club. Hack(0x9cc3270de4a3948449c1a73eabff5d0275f60785) gained around 5.6k BUSD and transferred to contract 0xad2D2CB5F91e7AdEE7b029958A58fE6a38e282EB
@CXH21294765@Moonbirds_Club 2/ The root cause is that the MBC contract use function addLiquidity() wrong and also it accidentally exposed the interface as public. The function swapAndLiquifyStepv1() use the balance of address(this) as the desired reserve amount which mean to keep the reserves.
Nov 22, 2022 • 4 tweets • 2 min read
1/ Our system detected a suspicious tx which gained over 49BNB (~$13K) from @AURofficial_ pancakeswap AUR/WBNB pool.
@AURofficial_ you should take a look.
bscscan.com/tx/0x7f031e854…
@AURofficial_ 2/ It seems a hack. Attacker 0x6903499751f973052155df339116b6c6b24ac24b use contract 0x3d743b2f760a431cc20047cb5c7758c9a8860d6b to call createNode() with 0.01 BNB in TX bscscan.com/tx/0xb3bc6ca25….
Oct 25, 2022 • 4 tweets • 3 min read
1/ #web3#hacks, our system detected highly suspicious txn from this address
0x8ca72f46056d85db271dd305f6944f32a9870ff0
the attacker was able to gain over 24 eth in two Txn,