shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

277
active users

#lazarusgroup

2 posts2 participants0 posts today

this interview w/one of the only #cybersecurity people in the crypto industry who has any idea what he's talking about goes through all the incredible failures at every level of both #Bybit & #SafeWallet (whose main product is #GnosisSafe, AKA "the most important smart contract in the industry"), from the most basic opsec to permissioning to whatever, is a fun time if you're interested in that kind of thing.

tl;dr the whole crypto industry is an absolute clown car. a clown car that stores $1.4 billion in a single account that the entire C-suite can access.

youtube.com/watch?v=W82FxAK9Ac

wherein a crypto bro straight up rejoices that #NorthKorea is driving tons of liquidity (in the form of laundering billions of dollars of stolen #Bybit customer funds) through #ThorChain's app:

> "who really cares it's good for #ThorChain"

I’m calling it now, this is a serious contender for the greatest crypto tweet of all time.
x.com/ThorChainz/status/189484

p.s. remember that #ThorChain's banking app imploded just a few weeks ago and took $100 million of its customers money with it.

#Bybit released the conclusions of their investigation into how they got rekt for $1.4 billion by North Korea's #LazarusGroup. Summary:

1. (background) Bybit were dumb enough to store billions of dollars in a single wallet contract using software from a company called SafeWallet (a "Gnosis Safe")

2. A dev machine of SafeWallet (name is lol) was compromised by Lazarus and used to access SafeWallet's cloud data stores (S3)

3. malicious JavaScript was pushed to the cloud drive and eventually distributed in a release (?).

4. The malicious JavaScript code targeted specifically the Bybit contract address to change the content of the transaction during the signing / approval process.

* Bybit reports: docsend.com/view/s/rmdi832mpt8
* Full Statement from SafeWallet: x.com/safe/status/189476852272

in a normal world Bybit could probably sue SafeWallet, but I'm sure SafeWallet barely exists as an entity.

this is what it looks like when #NorthKorea launders stolen crypto (through services created or funded by Trump friendly broligarchs like #MarcAndreessen).

#LazarusGroup is hands down best in class at this. They have no serious competition. Iranian and Russian crypto launderers are rank amateurs in comparison.

#Elliptic's overview of how the steps of this process work these days is pretty good.
elliptic.co/blog/bybit-hack-la

#bybit#crypto#DPRK

watching crypto bros who literally spent the last decade of their lives talking about "decentralization" and "uncensorability" make a hard 180 to "censorship by centralized entities is good, actually, because we're losing a lot of money" would be surprising if i had ever taken any of these clowns seriously.

"open source", "uncensorable", "decentralized" - it's all a farce. these guys believe whatever makes the number go up right now and nothing more.

p.s. #SamsonMow is also a #Tether bro who's probably literally on some chinese organized crime payroll.
x.com/Excellion/status/1894614

#Bybit#crypto#infosec

another day another $50 million crypto theft involving a stablecoin even i have never heard of called #0xinfini.

will it be #NorthKorea this time? (it's usually North Korea, an inside job, or a "highly profitable trading strategy")

the project devs have tweeted to assure their users that everything will be fine bc "trust me bro", but only from their personal accounts. there is no acknowledgement of the theft on the official 0xInfini X account.

somewhat hilariously the "project" tweeted a self congratulations about reaching $50 million in deposits just yesterday. 100% of that is gone now.
x.com/officer_cia/status/18938

#TheCryptocalypseChronicles: Of Tech Bros And Trumpers

The reason so many Silicon Valley billionaires suddenly decided to back #DonaldTrump is not the mystery the media is making it out to be.

tl;dr The billionaires backing #Trump are crypto bros and they want to continue profiting from committing various kinds of crimes.

This is a "follow the money" deep dive into how some of these bros profit by investing in companies like #Uniswap that create excellent tools for #NorthKorea to launder stolen money with a passing explanation of how #Coinbase facilitates the overall system.

Ω👇Ω
cryptadamus.substack.com/p/of-