Blog
Security research, write-ups and malware investigations from the RasterSec team.
$40M in Exolix Swaps Exposed via API Vulnerability
Broken access control in Exolix's API exposes $40M worth of swap data, including deposit addresses, withdrawal addresses, and on-chain hashes
By İrem Kuyucu
Security Engineering via Fleet
How to setup Fleet and import queries for policies, detection and incident reponse.
By İrem Kuyucu
Coupongogo: Remote-Controlled Crypto Stealer Targeting Developers on GitHub
Deep dive into the Coupongogo browser extension (v1.1.12): The alarming cryptostealer waiting for activation.
By İrem Kuyucu
Disrupting a Telegram-Based Phishing Campaign
RasterSec reverse engineered and disrupted a global phishing campaign affecting large corporations and governments, notifying victims.
By İrem Kuyucu
How Chainalysis Made Their Way into Popular Monero Wallets
An investigation into how malicious nodes run by Chainalysis made their way into defaults of popular Monero wallets.
By İrem Kuyucu, Laurynas Četyrkinas