BLOCKMAGE @BlockmageSec
Web3 Native Threat Intelligence. blockmage.dev The Ether Joined December 2022-
Tweets266
-
Followers1K
-
Following152
-
Likes390
Takeaway: Automated scanners are essential for flagging capabilities, but manual verification is the only way to determine intent. We acted quickly in hopes of preventing harms, but in this case, we were mistaken. We've removed the post to avoid any confusion (sorry!).
- The SOL wallet identified was actually a character property table in the Oniguruma regex engine. - The "Dropper" patterns were standard Emscripten/LLHTTP boilerplate. - The "Stealer" hits were bundled dotenv and undici dependencies.
Earlier today, we flagged a VS Code extension (rphlmr.vscode-drizzle-orm) based on 21 critical YARA hits from vsix-audit. After manual inspection and deeper analysis, inspecting the .vsix, and reversing the WASM binaries, we’ve confirmed this is a False Positive.
1/ I've been doing some research into how Unity Packages (similar to Node or Pip packages) could be weaponized for malware delivery Let me tell you, it doesn't exactly look good... 🧵
Links: CVE-2025-31201: Apple CVE-2025-31200: Apple and Google Threat Analysis Group macOS Sequoia 15.4.1: support.apple.com/en-us/122400 iOS 18.4.1 and iPadOS 18.4.1: support.apple.com/en-us/122282 visionOS 2.4.1: support.apple.com/en-us/122402
No excuses. These are live use, not theoretical CVEs. Apple doesn’t push same-day cross-platform updates and delete vulnerable code unless the stakes are real. Stay sharp. Patch everything. Watch your traffic. 🧙♂️
July 2023 #TornadoCash exit worth 1,400 ETH ($2.6M) Exit via 100 ETH Contract, swaps for USDC, heads out over the Synapse bridge, to Polygon 0xc09d3c2 and get gambled away at @Stake. I see this fairly often when analysing TC. Tool: @MetaSleuth
@zaingaziani @Ledger @Microsoft Sadly received two messages about this from victims today. Seems another person lost funds in just past few min.
Community Alert: There is currently a fake @Ledger Live app on the official @Microsoft App Store which was resulted in 16.8+ BTC ($588K) stolen Scammer address bc1qg05gw43elzqxqnll8vs8x47ukkhudwyncxy64q
1/ An investigation into the Canadian scammer known as Yahya for their involvement in 17+ SIM swaps which resulted in more than $4.5M stolen.
@solminingpunk How else would we know what they are up to all the time?
Unfortunate but true, web3 sees security as something you pay for once prior to your contract deployment. Brand protection gets sidelined in favor of keeping hype perpetually alive. Not to mention, those who do help, very often get nothing in return, so there's little incentive for professionals, albeit rife with opportunity to improve security across the board. We hardly have a name for the position though, so it can certainly be and feel overwhelming. That said, its always appreciable seeing the builders and the devs and security techs that are here, reaching out and making such efforts. This has been a constant in the space for years despite any market or trends otherwise. There's a sense of purpose to the whole thing because of this, and it certainly brings a level of quality and enthusiasm that you can't rightly find elsewhere. Nice post - cheers.
@PeckShieldAlert This is another MakerDAO deposit. Now, I dont understand the exact mechanics of this, but after a bit of digging, funds seem to get withdrawn from Maker as USDC and deposited into Coinbase x.com/0xFantasy/stat…
@MistTrack_io seems that it was a deposit into maker. call trace and debank show it properly, but etherscan doesnt for some reason docs.makerdao.com/smart-contract…
It's release time 🎃 - Responses can now be intercepted and modified - Delete requests from HTTP History - [Pro] Import/export your projects using our new "backups" page - [Pro] Add shell commands to your convert workflows with the new "Shell" node github.com/caido/caido/re…
GM GMers! Tagging people who do great work in this space but I feel are not shown enough love! Go follow ⬇️ @CryptoaaService @WoAS_Necksus @0xFantasy @0xSaiyanElite @1c4m3by @Plumferno @BlockMageSec @boringsecurity @brookejlacey @ManicalEngineer Who did I miss? Tag them!
@PocketUniverseZ @1c4m3by @OxSaiyanGod @BlockMageSec @Plumferno @opensea @Server_Forge @1c4m3by saved me the other day 🤝 appreciate your work ♥️
Introducing the Pocket Guardians They've already saved *hundreds* of you from dangerous websites Here's a quick intro ⬇️
3/ - @1c4m3by is a security researcher who's already blocked hundreds of scams - @OxSaiyanGod is a security researcher from @BlockMageSec - @plumferno works at @opensea's trust & safety team and founded @Server_Forge
gamba @GetWrecktGamba
285 Followers 1K Following
BreAnne Ferris @FerrisBreanne
1 Followers 23 Following
𝕸𝖊𝖗𝖑◬�... @MerloOfficial
2K Followers 426 Following GOBLIN MODE 👺 @Goblinarinos | AI Onchain agentic solutions https://t.co/tQ38I3qc8l 2026 Ethscription MINT: Pixel Goblins https://t.co/J2cIKnTR4j
️ @lostinalpha
13 Followers 541 Following
Testy Net _ ADD+ @NetTesty
96 Followers 2K Following We are into Wed Development, Graphics Design, Social & Digital Marketing, Cryptocurrency, Blockchain Tutorial and Good at Moderating any Groups...
Cesalet @cesalet
35 Followers 585 Following
Immortal Wanderer | S... @immortalwanderr
73 Followers 2K Following Seclusion isn't isolation; it's liberation, shaping my destiny | Where attention goes, Money flows 💸💰
alto @etheraltog
5K Followers 5K Following
Seanna Price @SeannaPrice1
746 Followers 6K Following unicorn that's what I am. That's how I act. if you were to ask my friends that's what they tell you. I go with life I do myself because everyone else is taken.
whitelotus @whitelo82440508
24 Followers 2K Following Threat Researcher - Malware Analyst - Malware Hunter - Reverse Engineer . Open to work
Tarek (Privacy Arc) �... @tarekeleter
94 Followers 2K Following Security Engineer - Incident Response @StarknetFndn | All views here are my own. #DFIR Ex - @Mozilla, @Livenation, @Ticketmaster
Jokerbaum @ChristianZ2303
296 Followers 352 Following
mani XBT @ManeXBT
29 Followers 285 Following Scam survivor Investigating crypto threats Web3 safety & awareness. WITH LAW STUDENT
ThreatCTI @ThreatCTI
1 Followers 542 Following
James Miller @JamesMille43645
0 Followers 9 Following
Connor Johnson @Conjon1993
197 Followers 623 Following Let’s get freakishly wealthy together!#crypto#blockchain#btc🚀#realestate#shorttermrentals#SaaS#worldtravels#entrepreneur
Jose Alfredo Montes L... @alfredo_jo66100
11 Followers 279 Following
ปรัช @prch137135
0 Followers 6 Following
Tom Scholl @schllent1
68 Followers 336 Following
Onchain Mage @OnchainMage
0 Followers 71 Following
Subash Jaganathan @subash_0fficial
56 Followers 365 Following உள்ளுவதெல்லாம் உயர்வுள்ளல். | Computer Hacking Forensic Investigator👨💻🔎|Cyber Crime Investigator |Ethical Hacker| lngenious| DFIR| #hacktivist #entepreneur
Dimsk @DDimsk
16 Followers 80 Following
Wallet-Watch.org @OrgWalletWatch
16 Followers 187 Following Monitor suspicious crypto wallets and report scams. Join the community or build with our public API. #CryptoSecurity #Blockchain
SecureKYC团队 @miamdmasum190
1K Followers 4K Following 帮助交易者快速完成账户验证|值得信赖的加密KYC服务 💬 私信开始合作 WeChat: wxid_rze0cxczqyk922 🌍 全球服务 | 3年以上经验 | 快速安全 Wechat:wxid_rze0cxczqyk922 Tg:@Secure2458
Akshay H @AkshayH572940
1 Followers 83 Following
Intelligence_Enthousi... @IEnthousia11317
3 Followers 65 Following Cybersecurity student ✦ OSINT addict Fueled by coffee and anime soundtracks ☕🎧
Angelica @OTMF9i8fGarKo
167 Followers 6K Following
Nikita Sachdev @nikita_sac
25 Followers 370 Following
Osama Atef @OsamaAtef644546
24 Followers 257 Following
Md Shahab Uddin @Md1206Md
33 Followers 803 Following
JAHL @J4HL_
2 Followers 58 Following
CrackHead Mentality @Crackhead_Boy
10 Followers 160 Following
Sylvie @K1m8y350yGoqAw
52 Followers 972 Following Beauty begins the moment you decide to be yourself. — Coco Chanel
Kammal Agrawaal @2ToThePower10
96 Followers 2K Following
ju xu @xxxxx2049
18 Followers 712 Following
Umair Khan Khan @UmairKhanK23092
37 Followers 475 Following
Scam Sniffer | Web3 A... @realScamSniffer
90K Followers 46 Following Crypto Anti-Scam🛡️ | User-safety advocate 🌐 🧩 Extension: https://t.co/How2d4sL8b 📲 | ✈️ TG: https://t.co/qbfM5Z44mZ
HashDit | now with Pr... @HashDit
6K Followers 82 Following Web3 Security Firm - Defending against Hacks & Scams on #BSC & More! 🛡️ Users stay safe with our Chrome Extension & Metamask Snaps! ⚙️ Links below 👇
Let's Encrypt @letsencrypt
84K Followers 5 Following A nonprofit Certificate Authority providing TLS certs to 350M websites. 100% of our funding comes from donations. https://t.co/Qzy8VWWXks
Tailscale @Tailscale
32K Followers 168 Following Simple, secure networks for teams of any scale. Built on WireGuard.
Tailscale Security Bu... @TailscaleSec
610 Followers 1 Following Security updates from @Tailscale. Tweets new security bulletins.
Boring Security @BoringSecurity
23K Followers 209 Following Powered by ApeCoin - Security Awareness Public Good for Web3/NFTs and beyond We provide free classes, security awareness, and track scam/hack trends in Web3.
NFT_Dreww.eth @nft_dreww
13K Followers 2K Following Drew Security Founder/CEO | @BoringSecurity Contributor | Cybersecurity Engineer, Consultant, & Auditor | Opinions are my own
MetaMask 🦊 @MetaMask
1.4M Followers 532 Following 🦊 The world’s leading crypto wallet. Need help? https://t.co/gIVYDT65Ls | @MetaMaskSupport 🧡
Velodrome @VelodromeFi
242K Followers 248 Following The central trading and liquidity marketplace on OP Stack chains. https://t.co/QZy6lfLfPL https://t.co/ixNGV3OZiA
Jesse McBrower @Jesse_McBrower
482 Followers 1K Following ✌️❤️🥒 | 🧠🔌⚡️ | 🎨 Art | 🥒 Pickles | 📈 Stonks | ⚾️ Baseball | 🙌 I love when folks feel awesome, and I still believe 🙌 🙏 Bury me with Red Sox on 🙏
MistTrack🕵️ @MistTrack_io
25K Followers 230 Following A crypto tracking and compliance platform for everyone. Built by @SlowMist_Team
PeckShieldAlert @PeckShieldAlert
95K Followers 1 Following Free Chrome Extension: https://t.co/yvXOjS8ZRI Telegram: https://t.co/qX5sVtdkFD
Justin Gardner @Rhynorater
37K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 4x LHE MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️
Joel Margolis (teknog... @0xteknogeek
16K Followers 1K Following AppSec by day, Hacker by night || Puzzle addict
ProjectDiscovery @pdiscoveryio
42K Followers 144 Following Real, exploitable vulnerabilities. No noise. Nuclei scans fast. Neo closes the loop. @pdnuclei × @neo_ai_engineer
Mastering Burp Suite ... @MasteringBurp
16K Followers 0 Following Tips and tricks for Burp Suite Pro Managed by @Agarri_FR | Not affiliated with @Portswigger More free resources at https://t.co/MWqXmV66lr
PortSwigger @PortSwigger
106K Followers 23 Following We are a leading provider of software and learning on web security. We make @Burp_Suite and @WebSecAcademy.
Caido @CaidoIO
11K Followers 35 Following We help security professionals and enthusiasts audit web applications with efficiency and ease
Webacy @mywebacy
67K Followers 2K Following Institutional ratings for digital finance. Real-time risk intelligence and due diligence for digital assets.
Foxtrot @nft_sec
3K Followers 925 Following MLS cyber law and policy || Combat Veteran || Threat Hunter || certified gen AI engineer || https://t.co/EjMTli9A67
🙃 Ben WΞst 🦋 @BenWest
14K Followers 13K Following 'Seasoned' campaigner & computer whisperer. Ecology, democracy & infosec advocate. Doing research & data viz + 🌐 knowledge graphs @ClimateRace 🍉
͔̤͎̝̣͈̩̤͈̭�... @1c4m3by
2K Followers 886 Following Web2/3 - Security Researcher. - Guardian/Researcher @pocketuniverseZ
Jacob 🚀 @AugmentedMode
780 Followers 867 Following Most likely at the dog park | Tech lead of Product Safety @Metamask | Previously cofounder @wallet_guard (acquired)
tacitPanda @tacitPanda
194 Followers 733 Following InfoSec | Hacking is a team sport | The CLI is God | お前はもう死んでいる | #pandagang
Stellar @StellarOrg
848K Followers 712 Following Stellar is a network for innovators building real-world blockchain solutions that create financial access for everyone.
Decrypt @DecryptMedia
234K Followers 49 Following A next-generation media company capturing the most compelling narratives in emerging technology. Powered by @MyriadMarkets.
Coinbase 🛡️ @coinbase
6.9M Followers 172 Following The future of finance is on Coinbase. For support: @CoinbaseSupport
Chainalysis @chainalysis
63K Followers 562 Following Building trust in blockchains among people, businesses, and governments. Our crypto compliance and investigation software powers hundreds of top institutions.
CoinDesk Podcast Netw... @CoinDeskPodcast
10K Followers 248 Following Check out our @CoinDesk shows on your favorite podcast network.
CoinMarketCap @CoinMarketCap
7.1M Followers 595 Following #CMC is the world’s most trusted source for crypto data & insights. Have a question about crypto? Ask https://t.co/54uUtCsuxw
Crypto.com @cryptocom
3.1M Followers 496 Following The best place to buy, sell, and pay with crypto #BTC #CRO #DeFi #FFTB
FastFoodRembrandt.oni... @solminingpunk
6K Followers 2K Following CEO of HellHounds Cybersecurity/ Information Security/ CISSP/ CEH/ https://t.co/sFJ9rj9y7h / ENDGame
PeckShield Inc. @peckshield
82K Followers 604 Following A blockchain security and data analytics company (telegram: https://t.co/x72dANZur3)
Poly Network @PolyNetwork2
57K Followers 247 Following Enhancing connections between ledgers by providing #interoperability in #Web3. Discord: https://t.co/HnwJsfnbrz
Blockchain Threat Int... @blockthreat
5K Followers 2 Following A weekly, independent newsletter to capture the latest security news, tools, events, vulnerabilities, and threats in the cryptocurrency landscape by @iphelix
Peter Kacherginsky @iphelix
6K Followers 1K Following @blockthreat Editor and vCISO. ex @Coinbase Unit 0x / BlockSec @mandiant FLARE, @federalreserve NIRT
MichaelK.eth @mikashi
29K Followers 5K Following Senior BD Manager @consensys | Product Safety @metamask | Cybersecurity Specialist @wallet_guard | I WILL NOT DM YOU | OPINIONS ARE MY OWN!
Group-IB Threat Intel... @GroupIB_TI
16K Followers 182 Following Official account of the @GroupIB Threat Intelligence Unit. Latest research, analytics, IOCs and threat alerts.
CISA Cyber @CISACyber
298K Followers 73 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.
Troy Hunt @troyhunt
248K Followers 1K Following Creator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Have I Been Pwned @haveibeenpwned
174K Followers 1 Following Check if you have an email address or password that has been compromised in a data breach. Created and maintained by @troyhunt.
ultra sound money �... @ultrasoundmoney
47K Followers 10K Following ETH is ultra sound add the bat signal emojis 🦇🔊 to join the ultra sound fam
Martin @TheMindofMar
2K Followers 2K Following Product @ MetaMask 🦊 | prev. co-founder & co-CEO @wallet_guard (acquired) | Building a safer web3 for all. Opinions are my own.Trends for United States
You might like
