Tay 💖 @tayvano_ Twitter profile | Pikagi

Pikagi

Tay 💖

@tayvano_

71,241

Followers

7,068

Following

2,975

Media

25,325

Statuses

dont believe their lies 🦊 💖🗡️

Joined January 2009

Don't wanna be here? Send us removal request.

Pinned Tweet

@tayvano_

Tay 💖

11 months

A thread of misc. interesting things related to the Atomic Wallet hack, Lazarus, and especially what sprawling hacks look like on-chain. (this thread is gunna get into the weeds. i suggest the other thread if you want something shallow and easy-to-digest 😉)

@tayvano_

Tay 💖

11 months

Yes, it's still getting bigger. The list @zachxbt and I have been compiling is @ $67m. The list @elliptic has is @ $100m. There's some overlap in data but it's not the same data. Meanwhile, Atomic Wallet still can't be bothered to update the folks they've rekt. 🤬

Tweet media one

39

110

513

49

267

537

Last Seen Profiles

@SciKotz

@ConmebolRecopa

@Robin_VdE

@MudechaAramath1

@nit_54

@kaori0516kaori

@1_ostsola

@Solasher_

@dansnation

@yandere0127202

@A10Nerd

@IUICampusCenter

@WacoWingPolitik

@kushloungekla

@MiSoccerCoaches

@bbcnickrobinson

@NYCHealthSystem

@SuccessfulJocks

@donkeydragonfly

@spica_shiori

@Hexmoondrop

@MangaCult

@lilmonix3

@uncbau

@rwmclain

@addisonpenn

@oihantxabarri

@pilgrimrut33607

@iafgalloway

@seipma1

@OliveTreeRD

@BransonHickman

@pplsassembly

@BrumLabour

@amerdailyindy

@shiyooori

@tayvano_

Tay 💖

1 year

For the past 48hrs I've been unwinding a massive wallet draining operation 😳😭 I don't know how big it is but since Dec 2022 it's drained 5000+ ETH and ??? in tokens / NFTs / coins across 11+ chains. Its rekt my friends & OGs who are reasonably secure. No one knows how.

Tweet media one

839

2K

6K

@tayvano_

Tay 💖

1 year

The selling of this bitcoin is, by far, the least interesting part of the saga. The govt's seizure, the dude who had his bitcoin seized, and why it even got seized in the first place is full of so many amazing, hysterical, enraging gems. Heads up...not a short story. Buckle up.

@tier10k

db

1 year

[DB] US Govt Sold 9,800 BTC on March 14, Intends to Sell a Further 41,500 BTC Connected to Silk Road in Four Batches Over the Course of the Year: Court Filing

805

985

4K

80

612

2K

@tayvano_

Tay 💖

2 years

gm all my new netflix frens! 👋 as requested here's my top beginners guides, resources & reading lists covering... The Fundamentals! Bitcoin! Ethereum! How to Not Lose Your Crypto! Web3! DeFi! NFTs! DAOs! How to get a web3 job! How to dev crypto things! READY OR NOT LFG! 🚀💖

392

408

2K

@tayvano_

Tay 💖

1 year

so uhhh i dont wanna alarm anyone but i think we're all fucked or maybe its just those who use circleci slack okta auth0 lastpass travisci heroku oauth github npm twilio authy signal cloudflare mailchimp digital ocean or anything that hasnt realized its been breached yet 🤷‍♀️😬🧵

90

312

2K

@tayvano_

Tay 💖

3 years

I know a lot of research and technical brilliance went into EIP-1559. And I know I've stayed relatively quiet on the subject for a variety of reasons but...ugh. fml. EIP-1559 does NOT deliver. (ps: read before you speak. this isn't personal so don't @ me like it is. 😒)

128

281

1K

@tayvano_

Tay 💖

2 years

Patryn joined TalkGold on April 3rd, 2003 This is not a "oops a person made a mistake once." He has been professionally rugpulling for your ENTIRE full ass life.

@danielesesta

Daniele

2 years

1/ Today allegations about our team member @0xSifu will circulate. I want everyone to know that I was aware of this and decided that the past of an individual doesn’t determine their future. I choose to value the time we spent together without knowing his past more than anything.

1K

265

2K

38

209

1K

@tayvano_

Tay 💖

2 years

Nothing super remarkable about the Nate / OpenSea indictment except that ALL of it was discovered, investigated, and confirmed, live, in public, by random NFT-faced internet sleuths way back on Sept 14 2021. Not by the FBI. Not by the SEC. Not by the DoJ. By motherfucking CT.

38

176

1K

@tayvano_

Tay 💖

2 years

here's a dump of examples of the sneaky malicious phishing emails and messages and sites designed to trick you. mostly crypto. or used to target crypto folks. mostly Lazarus / Bluenoroff / North Korean APT. 🎣 these will ruin you. all of you.

Tweet media one

48

436

1K

@tayvano_

Tay 💖

1 year

DONT FUCKING SAVE FUCKING SECRETS TO FUCKING LOCAL FUCKING STORAGE YOU FUCKING FUCKS

Tweet media one

Tweet media two

@myalgo_

MyAlgo

1 year

IMPORTANT: ⚠️We strongly advise all users to withdraw any funds from Mnemonic wallets that were stored in MyAlgo. As we still don't know the root cause of recent hacks, we encourage everyone to take precautionary measures to protect their assets. Thank you for your understanding.

168

342

612

81

128

1K

@tayvano_

Tay 💖

2 years

@0xMerp This is a phishing email. Do not give anyone your secret recovery phrase. Do not believe people who tell you your non-custodial wallet needs to verify you. Do not fall for scams.

11

51

994

@tayvano_

Tay 💖

9 months

this little bitch stole from people, rekt projects, attempted to intimidate when he got caught, and then picked a fight he had no intention of actually fighting. by far one of the most pathetic, bottom of the barrel frauds in town. plz gtfo.

Tweet media one

50

78

991

@tayvano_

Tay 💖

11 months

⚠️ Heads up y'all—we're seen a huge increase in the # of ultra-targeted spearphishes lately. The most deadly one? A Google Doc share that appears to come from *someone you know* about *something you're interested in* It won’t be flagged and looks super legit. DO NOT CLICK! 🙏

Tweet media one

49

319

772

@tayvano_

Tay 💖

11 months

Fuck you @AtomicWallet Fuck you @gladkos Fuck you @Changelly_team Your security posture sucks, you refuse to listen to people, you aggressively silence people, and your products and services facilitate theft on a daily basis and have for years.

Tweet card media

Disclosure of Security Vulnerabilities in Atomic Wallet, Audited by Least Authority - Least...

Our security research team conducted a comprehensive security audit of the Atomic Wallet system design, in addition to the corresponding core, desktop, and mobile coded implementations. The initial...

web.archive.org

80

135

762

@tayvano_

Tay 💖

10 months

When it comes to financial crime, money laundering, etc. everyone goes thru a phase of thinking that the solution is knowing the identity of the account holder. "if only we knew who moved these assets! then we would be able to catch them and stop crime!" N O .

31

216

765

@tayvano_

Tay 💖

5 years

Here's the clip w/ "the US Dollar is a very powerful tool" which captures a LOT more than the tweets do. It's a masterful play by both parties, though Zuck wins this micro-parley because of his subtlety. What isn't said is just as important as what is said.

73

255

744

@tayvano_

Tay 💖

2 years

maybe I missed it but is no one talking about the fact that robinhoods no-fee web3 wallet is going to match their no-fee stock trading app and sell their users order flow to market makers who profit from frontrunning etc those orders??

60

114

759

@tayvano_

Tay 💖

1 year

We're only going to be figure this out if we share info but it's hard bc CT loves to shit on ppl who get hacked. Stop shaming ppl. They aren't stupid. There are SO many sophisticated, methodical, insane APTs targeting this space. Stay safe out there & help each other. 💖

65

36

739

@tayvano_

Tay 💖

1 year

I'm tired af but I'll lay out some details of the attacker below. Really the ONLY thing you need to read is this: PLEASE DON'T KEEP ALL YOUR ASSETS IN A SINGLE KEY OR SECRET PHRASE FOR YEARS. THE END. Split up your assets. Get a hw wallet. Migrate. Now.

26

73

660

@tayvano_

Tay 💖

11 months

For years, Zach has worked 24/7 to stop thieves, hold scammers accountable, and help people recover funds. And what does he get in return? Harassed, threatened, doxxed, and finally sued by top-tier slimeball, Machi. FUCK THAT 🤬

@zachxbt

ZachXBT

11 months

1/ It’s unfortunate I have to make this thread but I am being sued by MachiBigBrother for an article I published in June 2022. Today Machi filed the defamation lawsuit. The lawsuit is baseless and an attempt to chill free speech. I intend to fight back & defend free speech.

Tweet media one

2K

7K

23K

20

83

665

@tayvano_

Tay 💖

5 years

👏 DON'T 👏 ENTER 👏 YOUR 👏 PRIVATE 👏 KEYS 👏 ON 👏 WEBSITES 👏

45

99

626

@tayvano_

Tay 💖

1 year

I’m genuinely disgusted that so many of you have dedicated untold amounts of rage to a deeply theoretical attack that has lost 0 dollars while giving less than zero fucks about the millions being actively lost and stolen via real attack vectors every single day.

72

63

619

@tayvano_

Tay 💖

11 months

omggggggggggggggggg @etherscan just dropped the most epic update and im just straight stunned at how incredible it is

Tweet media one

25

77

644

@tayvano_

Tay 💖

6 years

Welcome to the newest addition to the @MyCrypto team. 😉 Born 8.1.18 @ 7lb 13oz and has been a champion eater, pooper, and cuddler ever since. 😍😍😍😍😍😍😍😍😍😍😍😍😍😍😍😍 ps: I've missed you crypto twitter.

Tweet media one

79

17

635

@tayvano_

Tay 💖

2 years

@desoprotocol @zhusu DO NOT FUCKING TELL PEOPLE TO ENTER THEIR SEEDS ANYWHERE ESP. NOT A FUCKING WEBSITE DO NOT FUCKING ENCOURAGE DAPP DEVS TO TELL PEOPLE TO ENTER THEIR SEEDS ON A WEBSITE DO NOT FUCKING CALL THEM SEEDS THEY ARE SECRET RECOVERY PHRASES DIE IN A FIRE YOU ARE MOVING BACKWARDS

25

53

622

@tayvano_

Tay 💖

2 years

i labeled it in mid 2019 fml

Tweet media one

25

50

600

@tayvano_

Tay 💖

4 years

The most disgusting thing is just how little sushi douche did for millions. It was entirely built on the backs of others. You can't muster a thank you, let alone millions, for those who built the underlying for years. And then you morally justify the behavior? Fuck off. 🤮

42

56

595

@tayvano_

Tay 💖

7 months

Welp, the hackers and money launderers—both the Russian/CIS region ones and North Korean ones—are loooooving @ThorChain lately. In fact, in the last four months, ***more than 50%*** of the ETH -> to ThorSwap Router -> to BTC have been stolen funds. 😬😬😬😬😬 rip.

Tweet media one

119

108

563

@tayvano_

Tay 💖

11 months

@machibigbrother You *worked* to doxx him you fucking washed-up wash-trading little twerp. YOU scammed people and then, when you got busted for YOUR actions, you chose to put someone's life in danger. Get the fuck out.

10

15

581

@tayvano_

Tay 💖

4 months

@JQT_web3vc @iampaulgrewal @coinbase @SECGov They have successfully secured billions of dollars of digital assets for hundreds of millions of people while having thousands of employees around the globe in the most unique, adversarial environment. You do not make it as a crypto exchange without being a security co first.

2

0

5

@tayvano_

Tay 💖

6 years

EOS is pretty much the Kardashians 💁💄 - You love it or hate it w/ passion - Cultish AF - Watching is guilty pleasure of otherwise sane people - Far more $ than sense - You are never sure what's real - The drama is so pure & tangible & unending that you can't look away

@econoar

eric.eth

6 years

( @EOS_io ) has decided to take over BP voting by using their 10% stack: They have 90mn tokens. The current winning range of votes for BPs is 29-49mn. So, can now singlehandedly pick the BP list for #EOS .

24

45

139

34

92

545

@tayvano_

Tay 💖

8 months

North Korean state-sponsored hackers aka Lazarus Group have stolen over $270 million dollars worth of crypto in the last 102 days. That's an average of $2.64 million dollars stolen every single day. They show no sign of slowing down.

Tweet media one

@zachxbt

ZachXBT

8 months

It appears North Korea is also responsible for the $54M @coinexcom hack from yesterday after they accidentally connected their address to the $41M Stake hack on OP & Polygon. 0x75497999432b8701330fb68058bd21918c02ac59

Tweet media one

300

336

2K

42

129

562

@tayvano_

Tay 💖

2 years

YES LETS TALK WEB TWO BRO. Your product and your team tell people to enter their secret recovery phrases (you call them “seeds”) on websites that store those seeds in plain text in local storage or on a server. That is bad. That harms people. That is NOT web3.

@nadertheory

nader.deso

2 years

Let's talk about Chrome extensions and seed phrases in web3 🧵

Tweet media one

136

40

291

24

70

569

@tayvano_

Tay 💖

11 months

Yes, it's still getting bigger. The list @zachxbt and I have been compiling is @ $67m. The list @elliptic has is @ $100m. There's some overlap in data but it's not the same data. Meanwhile, Atomic Wallet still can't be bothered to update the folks they've rekt. 🤬

Tweet media one

@tayvano_

Tay 💖

11 months

it's going to keep getting bigger 😭 @AtomicWallet @gladkos tell your users to move their funds *now.* then shut all your infra down, turn off all logging, revoke everyones access to all systems, rotate all keys & hire a *professional* ffs

Tweet media one

27

72

298

39

110

513

@tayvano_

Tay 💖

1 year

To be completely clear: this is NOT a MM-specific exploit. Users of *all* wallets, even those created on a hardware wallet or generated for the Ethereum presale, have been impacted by this. This source of this exploit is unidentified, and I'm trying to identify it.

120

61

497

@tayvano_

Tay 💖

1 year

If you are reading this, you're the type to be drained by this. This is NOT a low-brow phishing site or a random scammer. It has NOT rekt a single noob. It ONLY rekts OGs. If you have all your stuff under a single Secret Recovery Phrase / Private Key, please be safe migrate. 🙏

Tweet media one

35

45

490

@tayvano_

Tay 💖

6 years

The market won't stop going down until y'all stop asking why its still going down. Crypto must die, the world must end, and then and only then can the next cycle start. For those who don't know, the builders are still building, unfazed by the death of crypto (once again).

20

76

490

@tayvano_

Tay 💖

4 years

😐😐😐😐🥺🥺😂😂😂😂😂🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣🤣

Tweet media one

24

36

496

@tayvano_

Tay 💖

8 years

She thinks she's people. Look at that thumb action. #dogsofinstagram #peanutbutter #nomnom

Tweet media one

0

92

490

@tayvano_

Tay 💖

6 years

1 step forward: realizing your conference lineup is a total bro-fest & adding women with expertise & experience to the lineup. 2 steps back: ignoring their industry expertise completely & sticking them all on a "Women in Blockchain" panel while the rest of the panels are manels.

44

70

483

@tayvano_

Tay 💖

1 year

Afaik, no one has determined the source of their compromise. Multiple devices have been forensic'd. Nothing. The only known commonalities are: - Keys were created btwn 2014-2022 - Folks are those who are more crypto native than most (e.g. multiple addresses, work in space, etc)

28

25

466

@tayvano_

Tay 💖

7 months

@WatcherGuru gm. MM 🦊 here. we're aware, working on figuring out what happened, and resolving the issue asap. please report & let us know if you see any fake MM apps that are in the App Store. The biggest harm in removing legit apps is it makes room for malicious apps & phishers. 😢

29

59

476

@tayvano_

Tay 💖

8 months

Stake hackers looking quite methodical 😬 ETH 0x3130662aece32f05753d00a7b95c0444150bcd3c 0x94f1b9b64e2932f6a2db338f616844400cd58e8a 0xba36735021a9ccd7582ebc7f70164794154ff30e 0xbda83686c90314cfbaaeb18db46723d83fdf0c83 0x7d84d78bb9b6044a45fa08b7fe109f2c8648ab4e MATIC…

Tweet media one

@peckshield

PeckShield Inc.

8 months

Hi @Stake , you may want to take a look:

250

280

1K

41

85

469

@tayvano_

Tay 💖

2 years

1/ Okay so I factory’d my iPad, turned ON all the backups on my iPhone, had my mom pretend to be a hacker to determine that maybe, theoretically, if you had the right toggles on AND a hacker finds a way to obtain 4 separate factors of auth, 2 of which are time based…then maybe..

@MetaMask

MetaMask 🦊🫰

2 years

🔒 If you have enabled iCloud backup for app data, this will include your password-encrypted MetaMask vault. If your password isn’t strong enough, and someone phishes your iCloud credentials, this can mean stolen funds. (Read on 👇) 1/3

1

7K

14K

13

154

457

@tayvano_

Tay 💖

1 month

2017 ico’s were genuinely more innovative and interesting than this

48

37

484

@tayvano_

Tay 💖

9 months

wowwwwwwwww 10hrs ago someone sent $20m to one of the address poisoning / 0-value transfer spams 😱😱😱😱😱😱😱😱😱😱 bad addy 0xa7bf48749d2e4aa29e3209879956b9baa9e90570 real addy 0xa7b4bac8f0f9692e56750aefb5f6cb5516e90570

Tweet media one

81

59

461

@tayvano_

Tay 💖

5 years

There is no one person or project that will kill Ethereum. Ethereum will die if the community decides to focus more on hostile, toxic gossip instead of focusing on being collaborative, open source & welcoming. What attracted you to Ethereum? Be that attraction. Keep it going.

48

76

458

@tayvano_

Tay 💖

1 month

On March 13, 2024, Lazarus began to move the funds they stole from HTX / Heco bridge back on November 22, 2023. It's sprawling and tedious and huge. I hate it. how it started how its going

Tweet media one

Tweet media two

16

65

469

@tayvano_

Tay 💖

2 years

This is an absolutely insane timeline. You got THE MOST rekt and then just like “alright alright no worries we fixed the bug and topped off the missing HUNDREDS OF MILLIONS OF DOLLARS calm down sheesh” in a matter of………hours???!!? Guys.

@wormhole

Wormhole

2 years

The team is working on a detailed incident report and will share it asap 18:26 UTC - contract was exploited for 120k ETH 00:33 UTC - vulnerability was patched 13:08 UTC - ETH contract has been filled and all wETH are backed 1:1 13:29 UTC - the Portal (token bridge) is back up

44

86

804

37

40

437

@tayvano_

Tay 💖

2 years

hahahahahha bloggers at @TheBlock__ couldn't be bothered so i'll do the numbers: YES: 321,000 TIME NO: 39k TIME TIME traded at $30-$35 this week which gives us.... It cost <$11.2M TIME to give Sifu $25M and that, kids, is how you make $25M in clean ass money in a "legit" way

@TheBlock__

The Block

2 years

Wonderland passes vote to invest $25 million in Sifu Vision

109

61

540

22

70

438

@tayvano_

Tay 💖

3 years

Because low inflation is good. It makes the ETH price is go up. It allows the ETH maxis to better fight with the BTC maxis on Twitter. And everything is better as a store of value rather than a promising network of open finance aiming to revolutionize our world. Right? 🤔

62

29

436

@tayvano_

Tay 💖

4 months

🚨 If you're reading this, please stop what you are doing and go to your Twitter settings Click "Account Info" Make sure there is NO phone number in the phone number field Do NOT assume there is no phone number there Actually click 2 times and make damn fucking sure

Tweet media one

37

160

413

@tayvano_

Tay 💖

1 year

My best guess rn is that someone has got themselves a fatty cache of data from 1+ yr ago & is methodically draining the keys as they parse them from the treasure trove. But that's just a guess. I *don't* know. It is NOT cryptographic/entropy related tho, don't waste your time.

21

16

403

@tayvano_

Tay 💖

5 years

Who is your favorite person you follow on #cryptotwitter ? Just one favorite. Not two. Not a list. Literally I will block you if you give me more than one.

775

44

367

@tayvano_

Tay 💖

1 year

🚨 If you're using Cloudflare for your web3 product, stop what you're doing right now. You NEED to: 1. Rotate the Global API Key for all your accounts 2. Remove all accounts added to your Cloudflare unless you rotated their Global API Key in step 1

Tweet card media

Get Global API key (legacy) · Cloudflare Fundamentals docs

Global API key is the previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API key.

developers.cloudflare.com

17

153

390

@tayvano_

Tay 💖

2 years

tell me you’ve only been around for half a cycle without telling me you’ve only been around for half a cycle

@divdotvc

chishee

2 years

3ac holds avax jump holds terra sam holds solana sequoia holds polygon paradigm holds cosmos institutions hold near saylor holds btc only tetra holds eth lmao, and you are thinking eth will go to 20k during PoS merge kek

103

81

817

26

21

383

@tayvano_

Tay 💖

4 months

Orbit Bridge Hack looking v methodical 👀 Looks like 2024 is going to be another year of handing DPRK billions of dollars on a silver platter. 🙄 embarrassing af.

Tweet media one

25

72

371

@tayvano_

Tay 💖

2 years

You really need SO MUCH BACKSTORY to even start to grok this but Patryn is a masterful puppet master. Some of joseph's more paranoid tweets have me sitting here now thinking, "just because youre paranoid doesn't mean they aren't after you"

Tweet media one

9

26

380

@tayvano_

Tay 💖

2 years

If you think building a better world means getting your entire group or dao or class or company to sit around a fucking campfire in complete agreement…hanging on every word…eating every ass…please stop what you’re doing rn and go build a fucking summer camp for puppies.

37

28

375

@tayvano_

Tay 💖

2 months

On February 19 - 20, @zachxbt and I observed a new batch of 22+ LastPass hack victims. Losses for this session exceed $6.2M. Stolen funds on EVM chains were quickly swapped and bridged to Bitcoin, per usual. LastPass users, I’m begging you, PLEASE ROTATE YOUR KEYS TODAY.

Tweet media one

35

116

378

@tayvano_

Tay 💖

9 months

Here's the addresses and ~$ values I have for today's jpegd / vyper / curve carnage Looking like ~$70m as of now? Lots of whitehat activity + automated MEV bots though, so it'll be interesting to see what was taken by intentionally malicious operators vs what is returned.

Tweet media one

10

79

359

@tayvano_

Tay 💖

3 years

@VitalikButerin Which (Ethereum) use-case has surprised you most? (h/t @JYSquall )

1

27

357

@tayvano_

Tay 💖

2 years

i mean why hide your tracks when no one is looking fffffffffffffuuuuuuuuuuuuuuuuuu

Tweet media one

22

28

363

@tayvano_

Tay 💖

4 months

this industry puts good people thru the absolute ringer. be better. do right by one another. appreciate more. love each other. that's all i have to say on the situation. 💖

18

47

363

@tayvano_

Tay 💖

4 years

This is not financial advice. You should not take my advice. If you do things that could have a detrimental impact on your life or financials bc of anyone's tweets, you will end broke & angry. K? K!

14

73

358

@tayvano_

Tay 💖

6 months

lol ive trained my mom better than you've trained your team thats responsible for millions of dollars of other people's money 🙈

Tweet media one

22

26

358

@tayvano_

Tay 💖

1 year

I'm seriously soooooo fucking tired and cannot look at a screen any longer but @spencecoin + @sniko_ + me will get a form up for folks who think they might have been hit by this. For now, sit tight or, better yet, share your story and intel *in public.*

9

9

346

@tayvano_

Tay 💖

5 years

I'm seeing NO indication of Quadriga ever having cold / reserve wallets for ETH. Looking at their 3 main addresses: 0x027beefcbad782faf69fad12dee97ed894c68549 (green) 0x0ee4e2d09aec35bdf08083b649033ac0a41aa75e (blue) 0xb6aac3b56ff818496b747ea57fcbe42a9aae6218 (purple - active)

26

100

330

@tayvano_

Tay 💖

5 months

stop fucking idolizing these narcissistic attention whore hackers they are fucking *thieves*

24

33

330

@tayvano_

Tay 💖

2 years

srsly at least skim this so you understand the time periods we're talking about. this isnt typical defi drama, patryn is old school schemey shit from before some of you degens were even born

Tweet card media

TalkGold—the Ponzi forum where Quadriga’s Patryn and Cotten first met

Previously, I wrote that QuadrigaCX cofounders Michael Patryn and the now-deceased Gerald Cotten worked together for a period at Midas Gold, a Liberty Reserve exchanger that ran from 2008 until May…

4

21

333

@tayvano_

Tay 💖

8 months

At this point I'm also confident in saying that, in most of these cases, the compromised keys were stolen from @LastPass The number of victims who only had the specific group of seeds/keys that were drained stored in LastPass is simply too much to ignore.

22

72

328

@tayvano_

Tay 💖

4 years

DeFi making up for lost time. Exponential is so much fun. See you tomorrow! 😂 $0 - $1 billion: 917 days $2 billion: 146 days $3 billion: 20 days $4 billion: 4 days $5 billion: 12 days $𝟔 𝐛𝐢𝐥𝐥𝐢𝐨𝐧: 𝟐.𝟐 𝐝𝐚𝐲𝐬

@spencernoon

Spencer Noon 🕛

4 years

Time Between #DeFi Milestones $100 million locked: 160 days $500 million: 495 days $1 billion: 263 days $2 billion: 146 days $3 billion: 20 days $4 billion: 4 days h/t @defipulse

23

126

488

15

89

320

@tayvano_

Tay 💖

3 years

@VitalikButerin What's something you had an insane amount of confidence in, only to have it turn out you were dead wrong?

1

7

306

@tayvano_

Tay 💖

1 year

6. "Out" is always a centralized swapper such as: FixedFloat SimpleSwap SideShift ChangeNOW LetsExchange Unknown swapper @ 0xca60 Other unlabeled swappers nested at Binance Large Dec'22 thefts used RenBridge Final desty is always Bitcoin LTC, XRP, XMR, etc also moves to BTC.

11

17

311

@tayvano_

Tay 💖

1 year

The theft and post-theft on-chain movement is VERY distinct. It's incredible. If you've been drained by this attacker you will gasp as you read this. If you don't gasp, this isn't your thief, sorry. 1. Primary theft txns are almost always between 10am–4pm UTC.

Tweet media one

6

13

307

@tayvano_

Tay 💖

11 months

it's going to keep getting bigger 😭 @AtomicWallet @gladkos tell your users to move their funds *now.* then shut all your infra down, turn off all logging, revoke everyones access to all systems, rotate all keys & hire a *professional* ffs

Tweet media one

@zachxbt

ZachXBT

11 months

Some things to note about this hack. Largest single victim I have observed is for 2.8M USDT. Multiple other losses for 6 figures across different chains. Thanks to all of the victims who have messaged me their transaction hash. The root cause is still tbd.

Tweet media one

347

662

2K

27

72

298

@tayvano_

Tay 💖

5 months

Nov 22: HTX/HECO - $100m+ Nov 10: Poloniex - $125m+ Sept 12: Coinex - $54m+ Sept 4: Stake - $41m+ July 22: Alphapo/Coinspaid - $70m+ June 3: Atomic Wallet - $115m+ ~$505m+ in 172 days. ~$2.93m / day. 💀

Tweet media one

@tayvano_

Tay 💖

8 months

North Korean state-sponsored hackers aka Lazarus Group have stolen over $270 million dollars worth of crypto in the last 102 days. That's an average of $2.64 million dollars stolen every single day. They show no sign of slowing down.

Tweet media one

42

129

562

30

61

307

@tayvano_

Tay 💖

4 years

I haven't sent any BTC in over a year ( #hodl ) but is it really $4 to send a basic tx? And that's "low"??!

Tweet media one

121

32

294

@tayvano_

Tay 💖

3 years

Your new years resolutions 😉 1. Take profits (to the asseylt you pay your living expenses in) all the way up 2. Never sell more than half your crypto (unless you need today it for living expenses) 3. Don't go all in w your childs savings 4. Be humble, love more 💖

22

16

235

@tayvano_

Tay 💖

5 years

Decentralization is not the value proposition.

33

49

301

@tayvano_

Tay 💖

1 year

8. Except in large sweeps, which are scripted, attacker is sending txns via MM🦊. Yes, this attacker is draining OG MM users and OG MM employees using MM. Yayyyyy. 😩 (ps: I don't know this bc of some secret MM intel—I know it bc its easily discernible on-chain. Don't even.)

16

11

291

@tayvano_

Tay 💖

10 months

for a decade now, good-faith players have been held more “accountable” than literal liars and schemers and cheats and thieves. its far more risky to call out a scammer than it is to scam. don’t be surprised by what happens next. incentives are clear as day.

@zachxbt

ZachXBT

10 months

Threats already coming in. Today some random account attempted to extort me for $100k.

Tweet media one

Tweet media two

718

420

4K

13

33

286

@tayvano_

Tay 💖

2 years

this is........magnificent.

Tweet media one

19

50

297

@tayvano_

Tay 💖

4 years

Hey, what happened to the "Bitcoin as a safe haven asset" narrative? 🤔

111

24

280

@tayvano_

Tay 💖

4 years

So you support repeatedly giving millions to anon dudes who havent built a damn thing but heaven fucking forbid you support @metamask_io @kumavis_ @danfinlay after they've been building a product you use for 4+ years. stfu and pay them you greedy garbage sucker. 🖕

@defiprime

defiprime

4 years

Hmm... so nobody noticed 0.875% fee slapped on top of the swap at Metamask? #ethereum

Tweet media one

44

52

258

35

33

293

@tayvano_

Tay 💖

3 years

To every person who works their ass off to make this insane space just a little bit stronger, better, safer I want you to know that I fucking love and I fucking appreciate you. 🤗💕

13

17

292

@tayvano_

Tay 💖

4 months

ohhhh so this is why i feel shitty af after flying

Tweet media one

Tweet media two

25

21

287

@tayvano_

Tay 💖

3 years

Money's cheap. Good people who care deeply are the real value.

10

25

288

@tayvano_

Tay 💖

2 years

If you or your protocol is reeling from Patryn / Wonderland / Frog Nation shit, putting your faith in the first person who comes out the woodwork making promises will almost certainly result in MORE loss, not less. Here’s a quick story that will hopefully help illuminate why.

13

33

282

@tayvano_

Tay 💖

2 years

IF YOU ARE OPEN SOURCE AND FOR THE GOOD OF THE PEOPLE AND YOU DONT HAVE A BITCOIN OR ETHEREUM ADDRESS DISPLAYED FRONT AND CENTER YOU HAVE A 0% CHANCE OF GETTING MY DRUNK RE-DROPS THIS HOLIDAY SEASON LFG PEOPLE

31

11

281

@tayvano_

Tay 💖

8 months

Wow, the UN just dropped a whole ass report on how humans are being trafficked and forced to operate scam centers & steal crypto. This report is much more eloquent and well-researched than me. Everyone should read it.

Tweet media one

@tayvano_

Tay 💖

10 months

You know what costs less than FUCKING TRILLIONS? - Fake ID documents - Real ID documents - REAL ASS FUCKING HUMAN BEINGS Yes, literally, it does not cost trillions of dollars to *buy* humans. And criminals do it all the time to operate scam centers and money mule networks.

2

11

188

18

82

282

@tayvano_

Tay 💖

6 months

This is your weekly, weekend reminder that every credential you had in LastPass at this time last year should be considered compromised. Please prioritize rotating your most valuable / oldest secrets + migrating assets today. Non-LastPass users should honestly do the same. 🙏

7

81

276

@tayvano_

Tay 💖

2 years

If you continue to believe anyone anywhere close to this shitshow, you are choosing to get rekt. DO NOT TRUST. VERIFY. DO NOT TRUST. VERIFY. DO NOT TRUST. VERIFY. DO NOT TRUST. VERIFY. DO NOT TRUST. VERIFY. DO NOT TRUST. VERIFY.

Tweet media one

12

45

282

@tayvano_

Tay 💖

2 years

Tweet media one

Tweet media two

Tweet media three

Tweet media four

13

28

277

@tayvano_

Tay 💖

5 years

"The USD is very powerful & is a tool of US power. We'd rather enact sanctions than send soldiers. It makes us nervous when that is threatened. Do you understand that?" "If we don't innovate, we cannot continue to project that influence globally." this collective we is weird af

12

48

269

@tayvano_

Tay 💖

2 years

wait, we still don’t know the Ronin bridge signing scheme, the actual entry point for attack, or anything remotely technical abt how they were able to escalate / move laterally to access a supposedly independent 5th signer? And ALL code for it is closed source?

17

34

277

@tayvano_

Tay 💖

3 years

And since EIP-1559 seems to ignore much of this.... NOTHING IS GOING TO CHANGE IN TERMS OF WHAT YOU PAY FOR YOUR TRANSACTION. NOTHING IS GOING TO CHANGE IN TERMS OF REDUCING COMPLEXITY FOR THE USER. WHEN ETH PRICE GOES UP YOUR TXS ARE GUNNA BE GO WAAAAY UP. 👍👍👍👍👍🤦‍♀️

14

24

271

@tayvano_

Tay 💖

4 years

@dhh Let's be clear. Balaji tweets for months about covid. Says there should have been better investigative journalism. "Journalist" from BuzzFeed takes personal offense. Subtweets him "you only built a stupid tech product." Balaji claps back with his relevant credentials.

4

3

275

@tayvano_

Tay 💖

4 years

$FEW understand the power of a telegram group. Even a tele full of non-devs who can't even register a domain name. 🤫

24

34

266