Pinned
OtterSec
1,165 posts
OtterSec
@osec_io
Audits that protect blockchain ideas.
Joined February 2022
Our research team achieved client RCE on Minecraft Bedrock Edition via a heap overflow to bypass ASLR and sidestep CFG. Writeup to come.
00:00- In light of our recent partnership with @xNFT_Backpack, we are giving away 20 invite codes to the Backpack Beta! 🎒 To enter: -Follow @xNFT_Backpack and @osec_io -Like and retweet this tweet 20 people will be randomly selected on October 29th @ 3PM PST! #WAO
- 🦦 🤝 🎒 Bag Secured. We're proud to keep @xnft_backpack safe with ongoing security audits. To celebrate our ongoing partnership, we’re giving away 5 @madladsnft madlist. To participate simply: 🦦 Like & RT 🦦 Follow @osec_io and @xnft_backpack
- Closed source @solana programs used to be safe. We’ve changed that. Learn how to hack Solana programs with our open-source #BinaryNinja plugin 👇 osec.io/blog/tutorials…
- Over $4M was drained from Solana wallets over the past 2 days. We’ve been working directly with @solana and @slope_finance to investigate. Here’s what we found.
- SPL-token-swap: This February, we discovered a critical rounding exploit in the Solana Program Library token-swap implementation. With over $74 M at risk, this was one of the most impactful bugs we’ve reported. Let’s take a deep dive: 1/
- We’re continuing to investigate the recent Mango Markets hack. Let’s clear up some misinformation. 🧵
- Thread of interesting audits we have done, blog posts for a quick read, and more!
- Replying to @osec_ioIt appears the attacker was able to manipulate their Mango collateral. They temporarily spiked up their collateral value, and then took out massive loans from the Mango treasury.
