Crypto scam awareness & fund tracing. We break down exploits, phishing, and wallet drains. Transparency first. Victims deserve clarity.
Joined April 2009
- Tweets 11,643
- Following 650
- Followers 18,523
- Likes 8,377
612 Photos and videos
Pinned Tweet
We operate at the intersection of blockchain forensics and incident response.
We reconstruct exploits, trace digital asset flows, and produce evidence-grade analysis to support asset recovery, enforcement, and remediation across the on-chain ecosystem.
x.com/messages/compose?recip…
11
13
16
3,816
RT @SecureTrace_Lab: $30M drained from @Humanityprot after a compromised private key gave an attacker admin access. They upgraded the contr…
10
RT @SecureTrace_Lab: The attacker manipulated a fake token supply to drain five legacy pools, stealing approximately 150,177 RAY, 5,603 SOL…
7
Secure Trace Lab retweeted
Where your scammed crypto goes:
1. Deposit to fake platform
2⃣. Split obscured (mixers/peel chains)
3⃣. Aggregated in hubs
4⃣. Cashout on exchanges
That last step is their mistake, exchanges get frozen with proof. 🔍
Most think it’s gone forever. Often, it’s not.
#CryptoScam
5
11
14
1,568
Secure Trace Lab retweeted
We reverse this daily:
• Full on-chain forensic mapping (txids, clusters, heuristics)
• Identify KYC endpoints
• Build evidence for rapid freezes
Recent cases: big recoveries in 24hrs-72hrs. Success-fee only.
#CryptoSafety #BlockchainForensics
10
12
945
Secure Trace Lab retweeted
The attacker exploited the lack of permission checks in the execute function exposed by 0xc851, causing 0xc851 to invoke the fund account as the owner and transfer away 224,865 USDC and 183,453.18 USDT.
🚨🚨🚨Exploit Alert Chain: Ethereum
Loss: $408,318.18
Target: 0xc851e5a046819b022091b50f05ae3bd052e034a4
Attack Attack Tx:
etherscan.io/tx/0x81f9aeaa69…
Summary: An attacker deployed 0x2196b3f31a43de49a2951c514488a8dd7c96ad67 and abused execute(uint256,address,uint256,bytes) on 0xc851e5a046819b022091b50f05ae3bd052e034a4 to pull 224,865 USDC and 183,453.18 USDT through 0x34be478993b60561c7c9f3b8a3851e9a3a15cd53 and 0x2a69893ec6d332101750eed731d52891717af671.
Funds flow: 0x2196b3f31a43de49a2951c514488a8dd7c96ad67
forwarded both token balances to
0xdb2096ffceef50106c4457b12fc139d89d179cce.
#DeFiSecurity #ETH #ExploitAlert
3
8
15
1,418
RT @SecureTrace_Lab: We investigate exploits by reverse-engineering contract logic and approval flows, mapping swaps, liquidity burns, and…
11
RT @SecureTrace_Lab: How to avoid getting phished? ⚠️
Be cautious of phishing attempts in these common scenarios and familiarize yourself…
10
RT @SecureTrace_Lab: If you've signed a malicious approval, we reconstruct cross-chain exploit paths, cluster attacker wallets & trace flow…
7
RT @SecureTrace_Lab: 🚨Victim lost $388,051 after approving a phishing token permit on Ethereum.
Victim interacted with a spoofed dApp that…
8
Secure Trace Lab retweeted
A suspicious transaction on #BSC targeted contract
0x9B0FF36de2FC477cdA8E4468e0067322Ae18ce70 (likely associated with @ XPlayer_Media), resulting in ~$717K in losses.
The liquidity pool was fully drained. Preliminary analysis points to a burn pair design flaw.
6
13
1,115
Secure Trace Lab retweeted
MFA bypass via AI-generated zero-day is a game-changer. Traditional 'seed approval' protection isn't enough anymore. Expect more drains originating from compromised email/SIM rather than on-chain mistakes. We're tracking. Stay vigilant. #CryptoSafety #IncedentResponse
May 11
🚨 ALERT: Google says hackers used AI to create a zero-day exploit capable of bypassing multi-factor authentication, per Bloomberg.
Community note
Google's GTIG report anticipates future AI use in zero-day development but does not state hackers used AI for an MFA-bypassing exploit. A Gmail MFA bypass involved social engineering to obtain app passwords, not AI or zero-days. cloud.google.com/blog/topics/th… cloud.google.com/blog/topics/th…
7
7
13
2,190
Secure Trace Lab retweeted
To protect yourself:
• Avoid buying tokens from unsolicited tips or hype groups
• Verify contract addresses via official sources
• Simulate approvals before signing (e.g. Revoke.cash)
• Revoke unused approvals regularly
Contact us if you’ve been compromised.
🚨 Warning to all traders:
Beware of highly promoted tokens in unverified pump groups, VIP trading channels, or random “hot tips” on social media.
These are frequently baits designed to lure you into signing malicious approvals or sending funds to attacker-controlled contracts.
3
9
13
1,256
$30M drained from @Humanityprot after a compromised private key gave an attacker admin access. They upgraded the contract, minted 100M $H, and swapped it for $BNB and $ETH. Forta Firewall detected the exploit in real time, stopping threats before they spread. 🛡️
1
10
15
1,534
The attacker manipulated a fake token supply to drain five legacy pools, stealing approximately 150,177 RAY, 5,603 SOL, and 893,700 USDC.
Current users were not affected, and the pools were inaccessible through its UI.
7
10
226
Secure Trace Lab retweeted
🛡️ How to protect yourself:
• When signing a multicall, expand every sub-call; don't just check the top-level function
• Any approval with MAX_UINT256 is a red flag
• Never rush transactions from unfamiliar dApps
• Seek expert guidance 💡
How to avoid getting phished? ⚠️
Be cautious of phishing attempts in these common scenarios and familiarize yourself with common phishing signatures that can lead to the theft of your assets.
8
13
1,361
RT @SecureTrace_Lab: 🚨 ALERT: ~$242K drained from MT–WBNB pool on BSC hours ago.
Exploit abused flawed buyer-limitation in deflation mode:…
9
RT @SecureTrace_Lab: Attacker then sold MT to accumulate pendingBurnAmount called distributeFees() to burn MT directly from the pair, artif…
2
RT @SecureTrace_Lab: victim:
0xb3031572f09ac8506eba3c39e5a404d08bed4e18
scammers:
0x6fE314fD4CF845f35fc461eD98e2FB8d9356B566
0xF06b3310486…
1
Secure Trace Lab retweeted
Wallet Extension Compromise 🚨
Another victim lost $118K (ETH USDC) after installing a fake MetaMask browser extension. Seed phrase exfiltrated in under 2 minutes.
These fakes now mimic official extensions pixel-for-pixel.
We’ve seen 14 similar cases this month alone.
8
6
12
1,484
Secure Trace Lab retweeted
We’ve helped victims recover meaningful amounts after extension drains: $41K of $62K ETH in 11 days (C2 traced downstream freeze), $19K USDC from a 3-week drain, $27K partial after 38 days (mixer-hop correlation exchange cooperation). Reach out to us for preliminary analysis.
5
11
563