Trusted by Coinbase, MetaMask, Stellar, and more to detect, understand, and protect against fraud, scams, and exploits in real time.
Joined February 2023
- Tweets 1,633
- Following 390
- Followers 22,876
- Likes 1,484
505 Photos and videos
Pinned Tweet
May 13
Introducing Blockaid's Risk Exposure:
A real-time onchain compliance solution that lets organizations monitor addresses, transactions, and act the moment they're exposed to illicit funds.
Powered by Blockaid’s first-party signals to make policies programmatically enforceable.
3
18
55
14,927
Jun 12
Blockaid is attending Stablecoin Conference:
Onchain demand continues to grow across Latin America, and as that activity scales, real-time onchain security is what keeps it protected.
We look forward to meeting with everyone there.
1
4
649
Jun 12
🚨Community alert: Blockaid detected a @MIM_Spell depeg on Arbitrum. MIM is trading around ~$0.91-$0.92 in executable routes, driven by thin/imbalanced Arbitrum liquidity pools.
Token: arbiscan.io/token/0xfea7a6a0…
5
16
1,913
Jun 10
🚨Community Alert
Blockaid Exploit Detection system detected compromise key incident involving the @MILCplatform bridge on BNB and Ethereum.
The historical bridge admin wallet was used to grant role for new exploiter EOA, withdraw MLT from bridge contracts and transfer admin control to attacker wallets.
🧵
3
9
33
5,586
Jun 10
Compromised bridge contracts:
BSC:
0xCDcCc91C9a3310566035dD831Cf7D6810fb013e1
Ethereum:
0x262fBcb8dC672fD4a8471d9e25367e5Eb4901974
Proceeds so far:
~97,003 USDT on BSC
~39.21 ETH routed through Rhino.fi on Ethereum
Total: ~$161k
1
1,375
Jun 10
Key exploit txs:
BSC withdrawal:
0x6364bc6305384f6d7832d47f0de6b95e81af4968e948e6246918c6f6e9630961
ETH withdrawal:
0x6785ce80c1c11a16ab87d1ccc5513821b0b58e80036d5413f09686b06b089d9b
904
Jun 9
🚨Community Alert: 1.5m$ Exploit on Token of Power (TOP) - Ethereum
Blockaid Exploit Detection system detected a governance-takeover attack. attacker drained 944.2 WETH ($1.585M) from the TOP/WETH Balancer V1 BPool. Balancer protocol itself is not the bug the pool was just the venue.
More details in 🧵
6
8
53
9,978
Jun 9
Exploiter EOA (Funded by Torando):
0xff8eF7bC455a57e5893232203052Ce0232b39Fa2
Exploit contract:
0x25c68C44A96518294f5B47D758f98309c6729A21
Exploit tx:
0x967aa34c69b7775c718545c7f94d92e965eb5fc553c0f27f6f1a9c65c93ac156
TOP token:
0x0EBD5eC91680d3B0CEDbb1d5BB61851154D3eDb6
2
1
4
1,767
Jun 9
Root cause: Aragon DAO misconfiguration on TOP.
TOP MiniMeToken had a total supply of only 16,384 TOP. The attacker held 8,192.000001 TOP (>50%), and the Aragon Voting app allowed create → vote → execute in a single tx with no timelock. The vote called TokenManager.mint → MiniMeToken.generateTokens to mint 10,000,000,000 TOP directly to the attacker's contract, which then dumped TOP into the BPool for WETH.
1
7
1,374
Jun 9
🚨Blockaid detected an ongoing incidnet targeting the @Humanityprot on multiple chains.
Multiple wallets drained to attacker addresses on Ethereum & BNB Chain, ~$10M in $H moved so far. Evidence points to compromised key, not a token-contract exploit.
More details in 🧵
3
9
53
12,192
Jun 9
The same attacker has now extended the exploit on BSC by taking over the H token's proxy admin and minting an additional 100,000,000 H (~$12.9M) to a fresh wallet.
Mint tx: 0x5a8f82f1064a7846ab3eb77bd1d36ec52dfd773c3957ad0aeea28da95fe9c5fb
H token (BSC): 0x44F161aE29361E332dEA039DFA2F404E0bC5B5Cc
Mint operator: 0x6Aa22CB8420E94Fc2119364b4c7885710aE753bB
Funded by main exploiter: 0xAf2a4989922299EB14A29E332dad1012A8aaD3A0
1
8
7,191
Jun 5
Blockaid is attending @ethconf:
As more value moves onchain and Ethereum continues to scale, protecting those who build, transact, and deploy capital has become critical.
We look forward to meeting with everyone there.
3
2
14
1,802
A sincere thank you to the @blockaid_ team for being the first to detect the exploit and for their support throughout the investigation.
We would also like to thank the @SEAL_911 team for their assistance and responsiveness during the incident.
The collaboration and professionalism shown by both teams have been invaluable as we work through this situation.
May 30
Based on additional information from our investigation and the Alephium team's analysis, the exploit does not appear to have involved a compromise of guardian private keys. Instead, it appears to have involved an exploit that allowed forged malicious events/messages to be observed and signed by guardians. We look forward to the Alephium team's forthcoming postmortem for additional technical details.
16
13
66
7,972
May 30
🚨Blockaid detected an exploit targeting the Alephium TokenBridge on Ethereum.
~$815K drained in ~7 minutes via 3-of-4 compromised guardian keys signing forged VAAs. 13.76M wrapped ALPH minted (>100% of prior supply) USDT/USDC/WBTC/WETH unlocked from custody.
More details in 🧵
35
41
169
55,652
May 30
2/ Exploiter (still holds ~$815K in drained assets 13.76M unbacked wrapped ALPH): etherscan.io/address/0x6681e…
Drained TokenBridge proxy: etherscan.io/address/0x579a3…
Largest drain tx (13.76M wrapped ALPH minted from thin air): etherscan.io/tx/0x06cc0f3615…
1
13
4,835
May 30
Based on additional information from our investigation and the Alephium team's analysis, the exploit does not appear to have involved a compromise of guardian private keys. Instead, it appears to have involved an exploit that allowed forged malicious events/messages to be observed and signed by guardians. We look forward to the Alephium team's forthcoming postmortem for additional technical details.
1
2
22
12,933
May 27
🚨 Blockaid detected an ongoing exploit targeting
@StakeDAOHQ on Arbitrum.
The attacker just minted over 5.4 trillion vsdCRV and is actively swapping it for ETH.
More details in 🧵
36
49
307
110,371
May 27
Suspected root cause is compromised private key.
Malicious peer deployment: etherscan.io/tx/0x94c12206
Cross-chain mint: etherscan.io/tx/0x52941877
setPeer #3 (before mint): arbiscan.io/tx/0xf97ddff0...
Mint tx: arbiscan.io/tx/0x7489ec5f...
3
1
35
11,292
May 27
The StakeDAO deployer private key (0x000755Fbe4A24d7478bfcFC1E561AfCE82d1ff62) was compromised. The attacker used it to reconfigure the LayerZero v2 OFT peer on the vsdCRV (Vote Boosted sdCRV) token contract, redirecting trust from the legitimate Ethereum-side vsdCRVOFTAdapter to an attacker-deployed malicious contract - then sent a forged cross-chain message that minted 5,446,744,073,709 vsdCRV (~5.4 trillion tokens).
9
6
71
53,674