关于「slowmist」的内容列表
SlowMist CISO 23pds revealed in a post on X: "North Korean hackers launched a cyber attack on Web3 and cryptocurrency software developers called'Operation 99 '. The operation started with fake recruiters and was conducted on platforms such as LinkedIn, using project testing and code reviews to lure developers." Once the victim takes the bait, they are directed to clone a malicious GitLab repository, seemingly harmless but full of disaster. The clone code connects to a command and control (C2) se...
Slow Mist Chief Information Security Officer @im23pds posted a warning on social media, recently monitoring that the Lazarus organization no longer relies solely on video conferencing tools such as Zoom and Meeting as a means of attack, but instead turns to Trojan software disguised as the Willo-Talent recruitment video platform to trick recruiters into downloading and running malicious programs.
According to SlowMist Alert on social media, UniLend was detected to be attacked and lost $197,600. The root cause of the attack was that the attacker took advantage of a vulnerability in the redemption process and manipulated the share price, causing the protocol to miscalculate the value of the attacker's collateral.
SlowMist Chief Information Security Officer @im23pds posted a warning on social media that the email address leaked in 2024 due to the attack on the OpenSea email service provider has been fully disclosed after multiple broadcasts. Please be aware of the relevant risks and be alert to phishing emails and other potential cyber attacks, including email addresses including CZ. Previously reported, on June 30, 2024, according to OpenSea official news, the NFT trading market disclosed its email deliv...
SlowMist tweeted that it has detected potentially suspicious activity related to the Mosca token on the BNB Chain.
According to Slow Mist Cosine Monitor, Solv Protocol official X account was stolen and released misinformation, please be vigilant and beware of the risk.
Slow Mist Chief Information Security Officer 23pds said on the X platform that in the past two months, North Korean hackers have continued to impersonate Hack VC, SevenX Ventures and other institutions or individuals to commit conference fraud. Please be vigilant against the risks.
According to the founder of Slow Mist Cosine Disclosure, the Humanity Protocol project directly stores the plaintext private key in the browser sessionStorage, provided that it is logged in by Web2, such as email, and the platform will automatically assign wallets to users. Fortunately, this is just a test network, and there is no actual harm.
According to the Department of Justice, Israeli national Rostislav Panev allegedly worked as a developer and coder for the LockBit ransomware group since around January 2022, and received about $230,000 in cryptocurrency transfers as part of his work.
SlowMist Chief Information Security Officer 23pds tweeted that the cumulative value of cryptocurrencies stolen between January 2024 and July 2024 has reached $1.58 billion, which is about 84.4% higher than the value stolen during the same period in 2023. In 2024, private key leakage accounted for the largest proportion of stolen cryptocurrencies, reaching 43.8%.
Slow Mist Technology Chief Information Security Officer 23pds issued a statement saying that 1inch disclosed that it discovered a security bugs on December 9, and the attacker fraudulently obtained access to the private key belonging to the owner of the 1inch Labs parser smart contract.
According to MistTrack, a Web3 security tool owned by SlowMist, DEXX attackers have transferred more than 4,700 ETH to Tornado Cash so far.
SlowMist's Web3 security tool MistTrack has released a DEXX security incident update: DEXX hackers have transferred 1,512.4 ETH to Tornado Cash. There are still a total of 3,149.55 ETH in some Ethereum addresses. The main EVM collection address (starting with 0xFFB9) has a current balance of 1,253.83 ETH and other tokens worth 130,000 USD; Solana addresses (starting with 4smi8T) have a balance of $96,417, and Solana addresses (starting with GPuNX8) have a balance of $2200. The team will continue...
According to the Slow Mist hacking database, the total cost of the Web3 security incident last month was about $86.24 million. Of the 21 hacks, about $76.86 million was lost, and "$25.50 million was recovered". The main causes of these incidents include: smart contract vulnerabilities, account breaches, and price manipulation. In addition, 9,208 victims were victims of phishing attacks in November, with "total losses of $9.38 million".
