PeckShield Inc.
@peckshield
A blockchain security and data analytics company (telegram:
604 Following 81.7K Followers
#PeckShieldAlert# @THORChain has been exploited for ~$10M worth of crypto, including 36.75 $BTC ($3M) and ~$7M worth of assets from #BNBChain#, #Ethereum#, and #Base#.
The stolen funds mainly sit in:
bc1ql4u94klk265lnfur2ujk9p6uh52f2a8jhf6f37
0xd477b69551f49C0519F9B18c55030676138890Bd
Show more
After liquidating the KelpDAO exploiter's aave position, previously-affected ethereum:0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2 core market on Ethereum now has available liquidity of ~$177m !
Show more
It seems the 0x1f4c_Kelp DAO Exploiter on ethereum is being liquidated (w/ ~$123m debt) in @aave
Here is the related tx:
The arbitrum position is also liquidated:
Show more
It seems the admin key of @wasabi_protocol has been compromised with the estimated loss of $5.5m across multiple chains, including ETH, BASE, BLAST, and BERA chains.
Here is the related tx to add the malicious admin:
Show more
We're aware of an issue and are actively investigating.
As a precaution, please do not interact with Wasabi contracts until further notice.
We'll share an update as soon as we have more information. Thanks for your patience.
Show more
#PeckShieldAlert# @syndicateio reported a compromise of the Commons bridge. $SYND has dropped -35%.
A victim just lost a Alchemix Yearn yvVault position $yvWETH (estimated $~1m), from an earlier approval to an unverified contract ( This unverified contract, created 10 days ago, turns out to be buggy and can be exploited for arbitrary call execution.
Here is the vulnerable logic from the decompiled contract, affected in the following exploit tx:
Show more
It seems the @KelpDAO exploiter moved stolen funds via @LayerZero_Core to Tron for laundering.
Related steps:
1: Transfers on Ethereum:
Kelp DAO Exploiter1
-> 0xF9802c5EB6b972Ba686aFa7CA615910Ea8310b85
-> 0x42a71A7ED12582378d4A4567A1af6Bad4f03dF84
-> 0x0BA9e88059c85fBD76b0C025F00C8B8Ebb0AddDf
2: Cross-chain: Ethereum -> Arbitrum:
0x0BA9e88059c85fBD76b0C025F00C8B8Ebb0AddDf (Ethereum)
-> 0x4D5A08A96D644d7CA7F4541E1512a53D55aA5842 (Arbitrum)
3: Swap on Arbitrum from ETH -> USDT
4: Cross-chain: Arbitrum -> Tron
0x4D5A08A96D644d7CA7F4541E1512a53D55aA5842 (Arbitrum)
-> TLTCf565jGgSeCsUhBpWuPhrrHcGGX9ekT (Tron)
Show more
#PeckShieldAlert# The @KelpDAO exploiter bridged $ETH from #Ethereum# to #Arbitrum# via @AcrossProtocol, swapped for $USDT0, and subsequently routed funds to @trondao via @LayerZero_Core
Show more
The latest fund movement from the @KelpDAO exploiter:
Today's @KelpDAO exploiter deposited the stolen $rsETH into various lending protocols (AaveV3, CompoundV3, Euler) and and borrowed massive $WETHs w/ >$236m debt.
Hi @KelpDAO , you may want to take a look at:
Hi @AethirCloud @AethirEco, you may want to take a look at your AethirOFTAdapter
The stolen funds are currently held in the following address:
Hi @Cyrus_finance You may want to take a look
.@ResolvLabs It seems multiple large amounts of $USR have been minted. Stay alert!
$50m:
$30m:
Hi @dTRINITY_DeFi, you may want to take a look:
