PeckShield Inc. @peckshield Twitter profile | Pikagi

Pikagi

PeckShield Inc.

@peckshield

82,301

Followers

433

Following

429

Media

1,476

Statuses

A blockchain security and data analytics company (telegram: )

https://t.co/48Xbg6LCXm

Joined January 2018

Don't wanna be here? Send us removal request.

Pinned Tweet

@peckshield

PeckShield Inc.

2 years

1/ We are thrilled to announce a self-service SaaS platform- #KillSwitch , which aims to detect exploitation TXs before their block inclusion and take contingency measures to block the attack or prevent assets from being stolen. It is in-essence a frontrunning-based DeFi protection

Tweet media one

207

461

1K

Last Seen Profiles

@cywnzn

@we2433600453027

@ObeyMeOG_JP

@StirileProTV

@isa_dartagnan

@XP_Leagues

@SungjaeTracker

@NightcapShow_

@JustinWohlers

@SanderLoones

@NaveedAJamali

@EGeek92

@Humble_demeanor

@RaidingTheGlobe

@defetto

@tigerbbask

@6packvbc

@jace_feely

@SPICARE_jp

@portalkatyperry

@aaalemontoya

@ReadingDune

@panya_panyapany

@Ql4q9lUNtMGUS7q

@Tezzathekchen

@SetonHall

@NagasakiPengin

@SigmaEleMent

@Rapgbee

@safe

@OL_Portugues

@NavoSchmavo

@SHEisLaMour

@valmcbeath

@Praveeeen_

@SebastianTamigi

@peckshield

PeckShield Inc.

8 months

Hi @Stake , you may want to take a look:

Tweet card media

Stake.com Hacker | Address 0x3130662aece32f05753d00a7b95c0444150bcd3c | Etherscan

The Address 0x3130662aece32f05753d00a7b95c0444150bcd3c page allows users to view transactions, balances, token holdings and transfers of ERC-20, ERC-721 and ERC-1155 (NFT) tokens, and analytics.

250

279

1K

@peckshield

PeckShield Inc.

1 year

It seems the @SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth) from @0xSifu . If you have approved , please *REVOKE* ASAP! One example hack tx:

Tweet media one

Tweet media two

147

531

1K

@peckshield

PeckShield Inc.

2 years

The @cryptocom loss is about $15M with at least 4.6K ETHs and half of them are currently being washed via @TornadoCash

Tweet media one

@cryptocom

Crypto.com

2 years

We have a small number of users reporting suspicious activity on their accounts. We will be pausing withdrawals shortly, as our team is investigating. All funds are safe.

958

614

3K

104

351

932

@peckshield

PeckShield Inc.

1 year

Hi @AaveAave @iearnfinance , you may want to take a look:

166

215

831

@peckshield

PeckShield Inc.

2 years

Estimate loss of @BitMartExchange : ~$100M. Here is the list of the transferred-out assets and their amounts

Tweet media one

136

340

747

@peckshield

PeckShield Inc.

2 years

Though unconfirmed, the @opensea hack is most likely phishing. Users authorize the "migration" as instructed in the phishing email and the authorization unfortunately allows the hacker to steal the valuable NFTs...

Tweet media one

63

256

728

@peckshield

PeckShield Inc.

3 years

The #PolyNetwork hack is possibly the largest crypto hack so far. Is the root cause due to a *SINGLE* compromised signer key? Here is the hack flow!!!

Tweet media one

41

238

706

@peckshield

PeckShield Inc.

6 months

Hi @Poloniex , you may want to take a look: @justinsuntron

Tweet card media

Poloniex 4 | Address 0xa910f92acdaf488fa6ef02174fb86208ad7722ba | Etherscan

The Address 0xa910f92acdaf488fa6ef02174fb86208ad7722ba page allows users to view transactions, balances, token holdings and transfers of ERC-20, ERC-721 and ERC-1155 (NFT) tokens, and analytics.

125

185

665

@peckshield

PeckShield Inc.

2 years

#MEV A very profitable MEV bot, internally named as 0xbad, was somehow tricked/hacked with 1,101 ETH loss (~$1.45M) in the following tx:

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0x631d206d49b930029197e5e57bbbb9a4da2eb00993560c77104cd9f4ae2d1a98. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

45

115

625

@peckshield

PeckShield Inc.

2 years

We are actively working with @FEGtoken on pausing and rescuing the funds. Tough time! 💪

@spreekaway

Spreek

2 years

Fegtoken getting attacked again. Looks like a new attacker has gotten another ~$1.9m (~$1.3m on BSC 600k on ETH) so far .

19

29

90

97

196

565

@peckshield

PeckShield Inc.

2 years

Estimated loss @AscendEX_Global : $77.7M in total ($60M on @ethereum $9.2M @BinanceChain $8.5M @0xPolygon ). Here is the list of the transferred-out assets and their amounts on @ethereum

Tweet media one

76

236

549

@peckshield

PeckShield Inc.

2 years

Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum ). And here is the list of affected assets/amounts on @BinanceChain

Tweet media one

127

292

540

@peckshield

PeckShield Inc.

9 months

Hi @JPEGd_69 , you may want to take a look:

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xa84aa065ce61dbb1eb50ab6ae67fc31a9da50dd2c74eefd561661bfce2f1620c. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

138

111

553

@peckshield

PeckShield Inc.

2 years

1/ The @BeanstalkFarms was exploited in a flurry of txs ( and ), leading to the gain of $80+M for the hacker (The protocol loss may be larger), including 24,830 ETH and 36M BEAN.

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xcd314668aaa9bbfebaf1a0bd2b6553d01dd58899c508d4729fa7311dc5d33ad7. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

35

177

551

@peckshield

PeckShield Inc.

10 months

Hi @MultichainOrg you may want to take a look:

Tweet media one

71

134

524

@peckshield

PeckShield Inc.

3 years

We just reported a potential security issue and got the following response. Any community advice on the next step? A. Continue the private disclosure to the team B. Raise necessary alerts to the affected community C. Do a white-hat demonstration

Tweet media one

307

57

520

@peckshield

PeckShield Inc.

1 year

It seems the exploited RouteProcess02 contract has been deployed in multiple chains. @SushiSwap Please *REVOKE* the following addresses ASAP. ETH: 0x044b7..7357 BSC: 0xd75f...6550 POLYGON: 0x5097...649a AVAX: 0xbace...9c4f FTM: 0x3e60...c715

Tweet media one

@peckshield

PeckShield Inc.

1 year

It seems the @SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth) from @0xSifu . If you have approved , please *REVOKE* ASAP! One example hack tx:

Tweet media one

Tweet media two

147

531

1K

68

257

490

@peckshield

PeckShield Inc.

2 years

Hi, @BeanstalkFarms , you may want to take a look:

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xcd314668aaa9bbfebaf1a0bd2b6553d01dd58899c508d4729fa7311dc5d33ad7. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

59

99

507

@peckshield

PeckShield Inc.

1 year

Hi @eulerfinance : you may want to take a look:

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

51

123

491

@peckshield

PeckShield Inc.

2 years

@timotej13

Tweet media one

23

42

450

@peckshield

PeckShield Inc.

3 years

#ScamAlert A bunch of #Scam tokens are identified. Please stay ALERT and do *NOT* Approve on the following phishing sites: ShibaDrop[.]io ($SHIB), AAExchange[.]io ($AAE), BSCTOKEN[.]IO ($BSCTOKEN), BestAir[.]io ($AIR), AirStack[.]net ($AIR), and BNBw[.]me ($BNBW). @BinanceChain

52

141

361

@peckshield

PeckShield Inc.

1 year

1/ @eulerfinance was exploited in a flurry of txs on Ethereum (one hack tx: ), leading to the lost of ~$197m from the project.

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xc310a0affe2169d1f6feec1c63dbc7f7c62a887fa48795d327d4d2da2d6b111d. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

20

149

398

@peckshield

PeckShield Inc.

2 years

Here is the current whereabouts as well as the total loss: $120.3M (with ~2.1k BTC + 151 ETH) @BadgerDAO

Tweet media one

52

113

397

@peckshield

PeckShield Inc.

3 months

Hi @MIM_Spell , you may want to take a look (w/ $6.49M Loss)

Tweet media one

64

79

376

@peckshield

PeckShield Inc.

6 months

Hi @TeamUnibot , you may want to take a look:

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xcbe521aea28911fe9983030748028e12541e347b8b6b974d026fa5065c22f0cf. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

31

67

324

@peckshield

PeckShield Inc.

2 years

The @Meter_IO is hacked with the loss of $~4.3M (including 1391.24945169 ETH + 2.74068396 BTC). The extension over the original (unaffected) ChainBridge introduces a false deposit issue !!!

Tweet media one

9

113

344

@peckshield

PeckShield Inc.

7 months

Our initial analysis on today's @starsarenacom $2.9M hack indicates a reentrancy issue on the Stars Arena: Shares contract at The reentrancy is abused to update the weight when the share/ticket is issued so that 1 share can be sold at a much higher price…

Tweet media one

@PeckShieldAlert

PeckShieldAlert

@PeckShieldAlert

7 months

@starsarenacom #PeckShieldAlert @starsarenacom has been hacked for ~$2.9M

Tweet media one

50

44

123

38

115

333

@peckshield

PeckShield Inc.

5 months

👀👀👀 New development on the @KyberNetwork exploit:

Tweet media one

52

93

313

@peckshield

PeckShield Inc.

2 years

Interesting. The hacker kills the contract, but forgets to transfer the profit.

Tweet media one

@PeckShieldAlert

PeckShieldAlert

@PeckShieldAlert

2 years

#PeckShieldAlert It appears that @zeedcommunity suffered an exploit. The exploiter gained ~$1m. The gains currently sit in the attack contract. @peckshield

3

11

48

43

51

330

@peckshield

PeckShield Inc.

2 years

The @opensea scammer just made use of @TornadoCash to wash 1,100 ETH...

Tweet media one

28

50

302

@peckshield

PeckShield Inc.

3 years

1/4 @CreamdotFinance was exploited in ), leading to the gain of ~$117M for the hacker.

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0x0fe2542079644e107cbf13690eb9c2c65963ccb79089ff96bfaf8dced2331c92. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

20

98

299

@peckshield

PeckShield Inc.

2 years

Hi, @InverseFinance , you may want to take a look:

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0x600373f67521324c8068cfd025f121a0843d57ec813411661b07edc5ff781842. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

52

57

303

@peckshield

PeckShield Inc.

2 years

The old reentrancy bug bites again on Compound forks w/ $80M loss! This time, it re-enters via exitMarket()!!! Watch out, all Compound forks in EVM-compliant chains. Get in touch with your auditors now or feel free to contact us if we can be of any help

Tweet media one

30

76

302

@peckshield

PeckShield Inc.

2 years

Hi, @BNBCHAIN you may want to take a look: It seems huge $293M rewards are claimed from the token hub.

Tweet card media

BNB Smart Chain Transaction Hash (Txhash) Details | BscScan

Binance (BNB) detailed transaction info for txhash 0xebf83628ba893d35b496121fb8201666b8e09f3cbadf0e269162baa72efe3b8b. The transaction status, block confirmation, gas fee, Binance, and token transfer...

18

46

293

@peckshield

PeckShield Inc.

2 years

1/ The @InverseFinance is exploited in a flurry of txs (one representative hack: ), leading to the gain of at least 11.7M for the hacker (The protocol loss is much larger).

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0x600373f67521324c8068cfd025f121a0843d57ec813411661b07edc5ff781842. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

23

105

305

@peckshield

PeckShield Inc.

1 year

It appears the root cause is due to the misconfigured yUSDT, which is exploited to mint huge yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. The huge yUSDT is then cashed out by swapping to other stable coins.

Tweet media one

@peckshield

PeckShield Inc.

1 year

Hi @AaveAave @iearnfinance , you may want to take a look:

166

215

831

29

88

249

@peckshield

PeckShield Inc.

2 years

Hi, @BNBCHAIN Apparently, two huge reward claims with each claiming 1M BNB and in total ~$586M rewards are claimed from its token hub. ()

Tweet media one

@peckshield

PeckShield Inc.

2 years

Hi, @BNBCHAIN you may want to take a look: It seems huge $293M rewards are claimed from the token hub.

18

46

293

20

90

240

@peckshield

PeckShield Inc.

10 months

Hi @PolyNetwork2 , you may want to take a look:

Tweet card media

DeBank | The Web3 Messenger & Best Web3 Portfolio Tracker

The real Web3-native messenger and the best web3 portfolio tracker that covers all your tokens, DeFi protocols, NFTs across all EVM chains.

42

89

258

@peckshield

PeckShield Inc.

6 months

The estimated loss of @Poloniex hack is ~$125m, mainly on three chains: $56m (ETH), $48m (TRX), $18m (BTC). Also an interesting tx to look into:

Tweet media one

@peckshield

PeckShield Inc.

6 months

Hi @Poloniex , you may want to take a look: @justinsuntron

125

185

665

19

104

258

@peckshield

PeckShield Inc.

1 year

The loss of today's @HundredFinance hack is ~$7m. The root cause appears the attacker donates 200 WBTC to inflate hWBTC's exchange rate so that even a tiny amount (2 wei) of hWBTC can basically drain current lending pools. Here comes the hack tx:

Tweet media one

@HundredFinance

Hundred Finance

@HundredFinance

1 year

It looks that Hundred got hacked on #Optimism . We will update when there is more information to it.

12

18

32

23

90

251

@peckshield

PeckShield Inc.

2 years

hot wallet compromised? @BitMartExchange

Tweet media one

35

79

253

@peckshield

PeckShield Inc.

11 months

It appears today's @jimbosprotocol hack leads to the 4090 ETH loss (w/ ~$7.5M). This hack is due to the lack of slippage control of liquidity-shifting operation -- such that the protocol-owned liquidity is invested into a skewed/imbalanced price range, which is exploited in…

Tweet media one

@peckshield

PeckShield Inc.

11 months

Hi @jimbosprotocol , you may want to take a look:

9

5

53

38

60

226

@peckshield

PeckShield Inc.

2 years

The @DeusDao was exploited today in with ~$13.4M gain for the hacker (The protocol loss may be larger).

Fantom Transaction Hash (Txhash) Details | FTMScan

Fantom (FTM) detailed transaction info for txhash 0x39825ff84b44d9c9983b4cff464d4746d1ae5432977b9a65a92ab47edac9c9b5. The transaction status, block confirmation, gas fee, Fantom, and token transfer...

26

68

250

@peckshield

PeckShield Inc.

1 month

Hi @PrismaFi , you may want to a look (w/ $8.1m)

Tweet media one

24

61

262

@peckshield

PeckShield Inc.

4 years

PeckShield is starting the security audit of $SUSHI smart contracts. #SushiSwap @SushiSwap @NomiChef

20

49

245

@peckshield

PeckShield Inc.

8 months

Hi @coinexcom , suspicious outflow of large funds from #coinex hot wallets.

Tweet card media

CoinEx Fund Drainer 2 | Address 0x8bf8cd7f001d0584f98f53a3d82ed0ba498cc3de | Etherscan

The Address 0x8bf8cd7f001d0584f98f53a3d82ed0ba498cc3de page allows users to view transactions, balances, token holdings and transfers of ERC-20, ERC-721 and ERC-1155 (NFT) tokens, and analytics.

30

63

227

@peckshield

PeckShield Inc.

11 months

The loss of today's @SturdyFinance hack is ~442 ETH (w/ ~$800K). The root cause is due to the faulty price oracle to compute the cB-stETH-STABLE asset price @SturdyFinance

Tweet media one

Tweet media two

@peckshield

PeckShield Inc.

11 months

Hi @SturdyFinance , you may want to take a look: The issue seems to be related to the price manipulation

15

36

112

21

54

230

@peckshield

PeckShield Inc.

1 year

Rubic @CryptoRubic is exploited (w/ ～$1.41M) 1,100 $ETH already into Tornado Cash from the exploiter

Tweet media one

23

55

226

@peckshield

PeckShield Inc.

1 year

The loss of today's @iearnfinance yUSDT hack is ~$11.6m. As mentioned earlier, the hacker exploits a bug in the misconfigured yUSDT - - to mint extremely huge amount of yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. Next, the minted yUSDT is…

Tweet media one

@peckshield

PeckShield Inc.

1 year

Hi @AaveAave @iearnfinance , you may want to take a look:

166

215

831

17

64

202

@peckshield

PeckShield Inc.

2 years

Interesting from @BitMartExchange ...😳😳😳 🙏🙏🙏

Tweet media one

Tweet media two

Tweet media three

Tweet media four

@peckshield

PeckShield Inc.

2 years

Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum ). And here is the list of affected assets/amounts on @BinanceChain

Tweet media one

127

292

540

36

76

212

@peckshield

PeckShield Inc.

4 months

Today's hack on @RDNTCapital results in the loss of 1.9k eth (~$4.5m). The root cause is not new: It basically exploits a time window when a new market is activated in a lending market (forked from the popular Compound/Aave). The exploitation also relies on a known rounding…

Tweet media one

15

65

214

@peckshield

PeckShield Inc.

4 months

Today's hack on @SocketDotTech results in the loss of >$3.3m. The bad route exploited in the hack was added 3 days ago and is now disabled. Here are related txs: - add route tx: - disable route tx: The hack is due to…

Tweet media one

Tweet media two

@SocketProtocol

Socket

@SocketProtocol

4 months

Urgent Socket has experienced a security incident which affected wallets with infinite approvals to Socket contracts. We have identified the issue & have paused the affected contracts. We’re working on the situation & will keep you informed with regular updates & next steps.

86

168

556

24

65

194

@peckshield

PeckShield Inc.

7 months

Hi @Platypusdefi , you may want to take a look:

Tweet card media

Transaction Details - Snowtrace

Snowtrace Explorer allows you to explore and search for transactions, addresses, tokens, prices and other activities taking place on Snowtrace

47

46

211

@peckshield

PeckShield Inc.

3 years

1/4 @CreamFinance was exploited in (one hack tx: ), leading to the gain of ~$18.8M for the hacker.

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xa9a1b8ea288eb9ad315088f17f7c7386b9989c95b4d13c81b69d5ddad7ffe61e. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

12

73

205

@peckshield

PeckShield Inc.

10 months

Hi @Platypusdefi , you may want to take a look:

Tweet card media

Address 0xc64AfC460290ed3Df848F378621b96cB7179521a Details - Snowtrace

Snowtrace Explorer allows you to explore and search for transactions, addresses, tokens, prices and other activities taking place on Snowtrace

47

54

215

@peckshield

PeckShield Inc.

11 months

The loss of today's @MidasCapitalxyz hack is >$600K. The root cause is due to the rounding issue in its lending protocol (forked from the popular @compoundfinance v2 code base ). The same issue has been exploited earlier in @HundredFinance :

Tweet media one

@peckshield

PeckShield Inc.

1 year

The loss of today's @HundredFinance hack is ~$7m. The root cause appears the attacker donates 200 WBTC to inflate hWBTC's exchange rate so that even a tiny amount (2 wei) of hWBTC can basically drain current lending pools. Here comes the hack tx:

Tweet media one

23

90

251

18

63

195

@peckshield

PeckShield Inc.

2 years

#rugpull The deployer had huge amount of TMT pre-minted, just dumped to 2660+ BNB, and washed through @TornadoCash

Tweet media one

@PeckShieldAlert

PeckShieldAlert

@PeckShieldAlert

2 years

#Slippage @TopGoal_NFT $TMT price dropped -55.9%

Tweet media one

6

11

46

496

192

115

@peckshield

PeckShield Inc.

9 months

Our analysis shows the root case is from the exposed LeetSwapV2Pair::_transferFeesSupportingTaxTokens() function, which is hardly forked from solidly.

Tweet media one

@LeetSwap

LeetSwap

9 months

As our DEX is forked from Solidly, our factory had a security pause function. We noticed that some pool liquidity might have been compromised and we temporarily stopped the trading to investigate.

259

128

516

15

39

218

@peckshield

PeckShield Inc.

3 years

1. #PolyNetwork was exploited on @ethereum @BinanceChain @0xPolygon , loss of ~$611M w/ 2857 ETH, 96.3M USDC, 26KW ETH, 1K WBTC, 33.4M USDT, 259B SHIB, 14 renBTC, 673KDAI, 43KUNI on @ethereum 6.6KBNB, 87.6MUSDC, 26.6KETH,1KBTCb, 32.1MBUSD on @BinanceChain 85MUSDC on @0xPolygon

29

78

200

@peckshield

PeckShield Inc.

4 months

It seems @Orbit_Chain is being drained with >$62m

Tweet card media

Orbit Bridge Exploiter 4 | Address 0x009b60aab8e64c8f5fe449bd96fa78b1a7fffcc5 | Etherscan

The Address 0x009b60aab8e64c8f5fe449bd96fa78b1a7fffcc5 page allows users to view transactions, balances, token holdings and transfers of ERC-20, ERC-721 and ERC-1155 (NFT) tokens, and analytics.

24

47

210

@peckshield

PeckShield Inc.

2 years

1/ @InverseFinance was exploited in , leading to the gain of ~$1.26M for the hacker (The protocol loss may be larger).

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0x958236266991bc3fe3b77feaacea120f172c0708ad01c7a715b255f218f9313c. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

14

60

211

@peckshield

PeckShield Inc.

3 years

#scam We have tangible evidences showing the connection between @ZooTokenio and a few previous scams. The ZooToken ($ZOOT) fair launch on @PancakeSwap is 7 hours away (today's 2PM, UTC). Be alert! @bsc_daily @news_of_bsc @RugDocIO

44

66

195

@peckshield

PeckShield Inc.

3 years

@TheDaoMaker hacked for over $7,000,000 USDC -- still under investigation

31

74

203

@peckshield

PeckShield Inc.

4 months

The @Wise_Lending market was exploited today, resulting in ~177 ETH loss (~$464K). Our initial analysis shows the share accounting logic is flawed with a precision issue to drain the market funds. Here is the related hack tx:

Tweet media one

14

33

162

@peckshield

PeckShield Inc.

2 years

Here is the list of funds that were so far transferred out from victims @BadgerDAO

Tweet media one

26

55

207

@peckshield

PeckShield Inc.

1 year

It seems last upgrade introduced a public burn bug.

Tweet media one

Tweet media two

@safemoon

SafeMoon

1 year

To the @SAFEMOON community: We want to inform you that our LP has been compromised. We are taking swift action in an attempt to resolve the issue as soon as possible. Follow here for updates. Thank you for your support as we work to address this situation.

0

582

2K

32

42

195

@peckshield

PeckShield Inc.

2 years

Our initial investigation indicates it might be a false positive: They are normal operations on collecting fees and withdrawing the liquidity of positions of 260876 and 264378.

Tweet media one

Tweet media two

@cz_binance

CZ 🔶 BNB

2 years

Our threat intel detected a potential exploit on Uniswap V3 on the ETH blockchain. The hacker has stolen 4295 ETH so far, and they are being laundered through Tornado Cash. Can someone notify @Uniswap ? We can help. Thanks

1K

2K

8K

22

61

205

@peckshield

PeckShield Inc.

1 year

🚨🚨🚨 We notice the following account is impersonating us! And it is using fake security news to attract your attention and advertise the phishing links. Stay vigilant and do *NOT* click the advertised link!

16

50

163

@peckshield

PeckShield Inc.

10 months

Hi, @Rodeo_Finance you may want to take a look:

Arbitrum Transaction Hash (Txhash) Details | Arbiscan

Arbitrum (ETH) detailed transaction info for txhash 0xb1be5dee3852c818af742f5dd44def285b497ffc5c2eda0d893af542a09fb25a. The transaction status, block confirmation, gas fee, ETH, and token transfer...

63

55

191

@peckshield

PeckShield Inc.

2 years

1/ @deusdao Deus Finance was exploited in , leading to the gain of ~$3M for the hacker (The protocol loss may be larger), including 200,000 DAI and 1101.8 ETH

Tweet card media

Fantom Transaction Hash (Txhash) Details | FTMScan

Fantom (FTM) detailed transaction info for txhash 0xe374495036fac18aa5b1a497a17e70f256c4d3d416dd1408c026f3f5c70a3a9c. The transaction status, block confirmation, gas fee, Fantom, and token transfer...

16

72

198

@peckshield

PeckShield Inc.

9 months

Hi @zunamiprotocol , we have detected an ongoing attack. Users are strongly suggested to take necessary actions. Here is the encrypted hash: 2638ae2969ce932d61c3ca66f9b8a4a6c01c4d89bb2b34ddcf2c4145960f41c4. Actual hash will be released once the situation is stable.

21

42

191

@peckshield

PeckShield Inc.

2 years

#SafeMath # matters!The @UmbNetwork reward pools are drained at both @BNBCHAIN and @ethereum , leading to the ~$700K gain for the hacker! The hack is possible because of an unchecked underflow in withdraw() so that anyone can withdraw any amount even without any balance!

Tweet media one

15

58

191

@peckshield

PeckShield Inc.

11 months

Hi @ede_finance you may need to take a look and explain:

Tweet media one

Tweet media two

@resdegen

Res

11 months

Seems @ede_finance has been exploited for around $580,000 This wallet has been sending smalls funds to the ELP-1 pool in Arbitrum and withdrawing big amounts immediately after

Tweet media one

Tweet media two

19

25

118

10

36

180

@peckshield

PeckShield Inc.

3 years

This bug is unbelievable ... ! @avaterrafinance

Tweet media one

@RugDocIO

Rugdoc.io

3 years

Earlier today @avaterrafinance suffered an exploit. Their chef contract is a Goose fork, but their token contained custom elements...including this mint function anyone could call. So someone called it and minted and dumped thousands of tokens. This is why audits are important.

Tweet media one

23

33

109

18

32

187

@peckshield

PeckShield Inc.

9 months

Hi @exactlyprotocol , we have detected an ongoing attack. Users are strongly suggested to take necessary actions. Here is the encrypted hash: 20bae0a96e90d5590a98bc81a16c2b1e8e96eba8248f266c244870d18232b258. Actual hash will be released once the situation is stable.

22

47

171

@peckshield

PeckShield Inc.

1 year

👀

Tweet media one

16

27

181

@peckshield

PeckShield Inc.

11 months

Hi @hashflow , you may want to take a look: It appears there is an approve-related issue.

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xdedda493272b6b35660b9cc9070d2ea32ee61279b821184ff837e0a5752f4042. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

33

53

169

@peckshield

PeckShield Inc.

5 months

Our initial analysis indicates the suspicious $86.6m outflow from @HECO_Chain #bridge was from a compromised operator, which was operational since 2022-10-08: Will this be connected w/ earlier $125m @Poloniex incident? Example outflow tx: Operator:…

Tweet media one

Tweet media two

@PeckShieldAlert

PeckShieldAlert

@PeckShieldAlert

5 months

#PeckShieldAlert Suspicious huge withdrawal of 10,145 $ETH (~$19m) from #Heco_Bridge . @justinsuntron Note the tx is initiated by the operator. Looks like a compromised operator?

Tweet media one

17

29

138

12

57

142

@peckshield

PeckShield Inc.

3 years

#FlashLoanAlert

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0x0fe2542079644e107cbf13690eb9c2c65963ccb79089ff96bfaf8dced2331c92. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

30

60

179

@peckshield

PeckShield Inc.

2 years

The stolen funds from @Ronin_Network is on the move:

Tweet media one

10

49

179

@peckshield

PeckShield Inc.

2 years

We've confirmed an active exploit that makes use of huge gas price to game the TransactionRequestCore contract for reward at the cost of original owner. In fact, the exploit pays the 51% of the profit to the miner, hence this huge MEV-Boost reward.

Tweet media one

Tweet media two

@PeckShieldAlert

PeckShieldAlert

@PeckShieldAlert

2 years

#PeckShieldAlert #MEVBoost 💸💸💸 A @LidoFinance validator rewarded 121.59 ETH ($157.9k) via the @builder0x69 @ block #15782459 . Here comes the payment tx:

1

13

60

11

46

174

@peckshield

PeckShield Inc.

3 years

#FundReturn @CreamdotFinance hacker just returned 5,152.6 ETH

Tweet card media

Ethereum Transaction Hash (Txhash) Details | Etherscan

Ethereum (ETH) detailed transaction info for txhash 0xab7b3eb3dd09dc30fe6edb44e50a9542df05b55c6d51a1deebcbfc179c90e19e. The transaction status, block confirmation, gas fee, Ether (ETH), and token...

10

31

177

@peckshield

PeckShield Inc.

1 year

Hi @safemoon The upgrade, with the exploited public burn bug, was initiated by the official SafeMoon: Deployer. (Admin key leak?) And here comes the upgrade tx.

Tweet media one

@peckshield

PeckShield Inc.

1 year

It seems last upgrade introduced a public burn bug.

Tweet media one

Tweet media two

32

42

195

28

52

177

@peckshield

PeckShield Inc.

2 years

PeckShield found that one of the @nomadxyz_ bridge exploiters is @RariCapital (Fuse Arbitrum) exploiter, who gained ~$3m in this exploit.

Tweet media one

19

40

171

@peckshield

PeckShield Inc.

2 years

Looks like @QuickswapDEX @market_xyz @QiDaoProtocol was exploited on polygon again

Tweet media one

14

35

170

@peckshield

PeckShield Inc.

1 year

The @Allbridge_io hack results in the loss of ~$570K (282,889 BUSD + 290,868 USDT). The root cause appears to be the manipulation of pool's swap price. The actor plays dual roles of acting as LP and swapper to manipulate the price and then drain the pool funds.

Tweet media one

@peckshield

PeckShield Inc.

1 year

Hi @Allbridge_io , you may want to take a look at . It seems the swap-related formula may be manipulated.

Tweet media one

5

16

64

12

49

166

@peckshield

PeckShield Inc.

4 years

PeckShield just completed SushiSwap audit with all identified issues confirmed or fixed. No critical or high severity issues related to the business logics; Two high severity opsec issues need to be fixed by having extra care with deployment. Final report:

10

51

173

@peckshield

PeckShield Inc.

2 years

Here comes an initial flow chart @Ronin_Network ! Hope it helps to recover the stolen funds! @binance @HuobiGlobal @FTX_Official @SBF_FTX @cz_binance @MultichainOrg

Tweet media one

@peckshield

PeckShield Inc.

2 years

Largest crypto hack in history?! $625M stolen from @Ronin_Network :

Tweet media one

7

10

61

16

58

164

@peckshield

PeckShield Inc.

2 years

The BSC deployment of @CreamdotFinance suffers from a liquidity crisis, caused by (inappropriately?) allowing a credit user to borrow up to 107k BNB limit w/o collateral. The credit user is a 1-out-2 multisig wallet and borrowed 25.7k BNB debt on 06/27.

Tweet media one

Tweet media two

32

37

167

@peckshield

PeckShield Inc.

1 year

We need to clarify that the root cause is due to misconfigured yUSDT, not related to @AaveAave .

@peckshield

PeckShield Inc.

1 year

It appears the root cause is due to the misconfigured yUSDT, which is exploited to mint huge yUSDT (1,252,660,242,212,927.5) from a small $10K USDT. The huge yUSDT is then cashed out by swapping to other stable coins.

Tweet media one

29

88

249

4

25

167

@peckshield

PeckShield Inc.

5 months

👀👀👀It seems promising progress in tracking @poloniex stolen funds. @justinsuntron The whitehat reward of $10m is being offered.

Tweet media one

@peckshield

PeckShield Inc.

6 months

Hi @Poloniex , you may want to take a look: @justinsuntron

125

185

665

14

46

152

@peckshield

PeckShield Inc.

2 years

It's unbelievable a token's mint() function is publicly exposed without restriction. @Uerii_Official

Tweet media one

24

23

169

@peckshield

PeckShield Inc.

9 months

Hi @ConicFinance Based on the initial analysis from the malicious tx, our initial analysis shows the root cause comes from the new CurveLPOracleV2 contract. FWIW, our audit identifies a similar read-only reentrancy issue. However, the same issue is…

Tweet media one

Tweet media two

@ConicFinance

Conic Finance

9 months

We are currently investigating an exploit involving the ETH Omnipool and will share updates as soon as they are available.

36

49

168

11

43

164

@peckshield

PeckShield Inc.

2 years

Hope it may be helpful to recover @wormholecrypto funds

Tweet media one

18

24

168

@peckshield

PeckShield Inc.

1 year

It seems @DFXFinance 's DEX pool (named Curve) is hacked (w/ loss of 3000 ETH or $~4M) due to the lack of proper reentrancy protection. Here comes an example tx: . The stolen funds are being deposited into @TornadoCash

Tweet media one

Tweet media two

10

44

163

@peckshield

PeckShield Inc.

2 years

It turns out AnyswapV3ERC20/AnyswapV4ERC20/AnyswapV5ERC20 are all vulnerable to another critical vulnerability. And @MultichainOrg makes use of a privileged function to *DRAIN* the funds of multiple chain-bridges (~$44.5M: $38M in #AVAX , $5M in #BSC , $1.5M #Polygon )

Tweet media one

@MultichainOrg

Multichain (Previously Anyswap)

2 years

⚠️Again, a reminder to the users who have ever approved the contracts of $WETH $PERI $OMT $WBNB $MATIC $AVAX on #Multichain , please log into to remove the approvals as instructed () Read FAQ for more 👉

Tweet media one

1

184

459

27

56

165

@peckshield

PeckShield Inc.

2 years

Pretty straightforward: transfer-out, swap, and wash @sheldonbitmart

Tweet media one

19

43

158

@peckshield

PeckShield Inc.

4 months

👀👀👀 We've observed a few in-the-wild exploitations. The exploiter has stolen ~$3.4M worth of cryptos and bridged them from #Arbitrum to #Ethereum

@PeckShieldAlert

PeckShieldAlert

@PeckShieldAlert

4 months

#PeckShieldAlert PeckShield has detected that @CryptoAlgebra has been exploited for ~211.9 $ETH (worth ~$469K)

Tweet media one

32

65

188

7

57

138

@peckshield

PeckShield Inc.

6 months

The @raft_fi hack leads to the mint of unbacked ~$6.7m stablecoin R. Our analysis shows the hack takes advantage of round issue and donation to (1) manipulate the collateral token's index rate of rcbETH-c to borrow/mint $6.7m R and (2) mint extra rcbETH-c so that the donation…

Tweet media one

Tweet media two

@raft_fi

Raft

6 months

We are aware of a potential security vulnerability. We are currently investigating and will provide an update as soon as we can.

15

21

78

15

59

154