Slow Mist Cosine said that it has followed up the Infini hacking incident for the first time. The attacker is very technical and understands smart contract operations, so it is possible to steal the funds in its Vault and related strategies with a private key, stealing twice: 11,455,666 USDC and 38,060,996 USDC.
According to Slow Mist Cosine, in view of the fact that a large number of ETH has been washed out through eXch and replaced by BTC, XMR, etc., all platforms should upgrade the risk control level for funds from eXch. Previously, it was reported that eXch refused to intercept the stolen funds for Bybit.
According to SlowMist founder Cosine Monitor, Starknet's on-chain lending protocol zkLend was hacked on February 12, losing more than $9.50 million. The reason for the attack is that the safeMath library used in its market contract uses direct division when performing division calculations, resulting in a rounding vulnerability in the number of zTokens that actually need to be destroyed when calculating withdrawals. The attacker is taking advantage of this vulnerability to profit. The on-chain d...
According to the founder of Slow Mist, Cosine, it was found that multiple X accounts were stolen in the past two days, because the relevant personnel entered the correct password (possibly 2FA and other information), resulting in the account being taken over by phishing. Phishing used the copyright infringement of the relevant tweets to intimidate and steal the correct password, 2FA code, email, mobile phone number, some KYC related documents and other information. Everyone needs to be vigilant ...
Cosine Yu X, founder of SlowMist, said in a post: "I found that several X accounts have been hacked by phishing in the past two days. Among them, Aizel Network (@aizel_network) and Foresight Ventures (@ForesightVen) were taken over by phishing because relevant personnel entered the correct password (possibly 2FA and other information). Phishing used the copyright infringement of relevant tweets to intimidate and deceive, stealing the correct password, 2FA code, email, mobile phone number, some K...
SlowMist founder Cosine tweeted, "BitmapPunks, which is driving up Ethereum Gas fees, is indeed a fully-onchain, ultra-large, hybrid collection. However, the contract is not open-source verified, and it is not carefully checked whether there is any risk."
According to the founder of Slow Mist Cosine Disclosure, the Humanity Protocol project directly stores the plaintext private key in the browser sessionStorage, provided that it is logged in by Web2, such as email, and the platform will automatically assign wallets to users. Fortunately, this is just a test network, and there is no actual harm.
Slow Mist Cosine wrote on X: "In the early morning, the DEXX hacker transferred another 300 ETH into the Tornado Cash mixing protocol."
SlowMist founder Cosine tweeted that the EVM (ETH/BSC/BASE) address of DEXX hackers continued to change, and many funds (including some Meme) continued to collect to the address starting with 0xffb9 from around 7:00 in the morning. On-chain data shows that the address currently holds about 440,000 US dollars in assets.
According to cosine detection, the DEXX hacker's EVM (ETH/BSC/BASE) address continues to change, and many funds (including many MEMEs) continue to be collected into the 0xffb9926310b291e17d7df846cded66cda2c68228 from almost 7 am.