Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

49 participants
6027 discussions

Wallet Drainer Malware: How It Works and How to Avoid It

by luisannete22＠gmail.com

Malware targeting crypto wallets evolves rapidly, draining assets silently. From browser extensions to mobile apps, understanding these threats educates users on robust security. 1. Infection Vectors Drainers spread via phishing emails, fake updates, or compromised sites. Victims install malicious extensions mimicking Ledger Live. Once active, they monitor clipboard for addresses, swapping them mid-paste. Educatively, use antivirus like Malwarebytes and avoid unverified downloads. 2. Execution and Theft Malware requests permissions, then sweeps on connection. It approves hidden transactions for NFTs too. Drained funds transfer instantly, often in batches to mimic normal activity. 3. Laundering Techniques Splitting and bridging to chains like Fantom occur, followed by DEX swaps. Mixers anonymize further, with examples from 2025 showing sophisticated scripts. 4. Detection and Aftermath Post-theft, victims notice via explorers; recovery hinges on speed. Where Tracing Can Intervene Malware patterns are identifiable; tracing links drainers to clusters. Cryptera Chain Signals specializes in malware-related recoveries, using forensics to track and freeze, noted in 2026 reviews. Visit https://www.crypterachainsignals.com/ or email info(a)crypterachainsignals.com for assistance. Employ hardware wallets and regular scans for safety.

1 week, 1 day

Crypto Impersonation Scams: Spotting Fake Celebrities and Influencers

by rogerstewer＠gmail.com

Impersonation scams leverage trust in public figures, faking endorsements for crypto projects or giveaways. Victims lose billions annually to these, often via social media. This article unpacks their tactics, offering educational insights on detection and response. 1. Creating Fake Profiles Scammers duplicate handles like @elonmusk, adding subtle changes (e.g., underscores) and using stolen photos. They post about "double your crypto" schemes, urging sends to a wallet. These align with real events, like Tesla announcements, to seem credible. Educatively, verify blue checks and account creation dates; X's advanced search can reveal duplicates. 2. Building Engagement Fake accounts interact with victims, promising returns for small sends. Livestreams or AMAs amplify urgency. Funds arrive in initial wallets, recorded transparently but controlled by fraudsters. Common in 2025 were scams mimicking Vitalik Buterin, highlighting platform verification flaws. 3. Fund Movement and Obfuscation Post-receipt, splitting occurs: automated to evade blocks. Chain hops to Tron for cheap fees, then mixing. Privacy enhancements like zk-SNARKs in coins such as Zcash break trails, educating on why quick action matters. 4. Cash-Out and Evasion Exchanges in jurisdictions like Seychelles facilitate withdrawals, often via prepaid cards. Global coordination is key, as scams span borders. Where Tracing Can Intervene Impersonations leave social and on-chain clues; early flags enable wallet monitoring. Cryptera Chain Signals traces these, clustering impersonator wallets and aiding freezes, with successes in high-profile 2026 cases. Contact them at https://www.crypterachainsignals.com/ or info(a)crypterachainsignals.com for impersonation recovery. Question unsolicited offers; official figures rarely request funds directly.

1 week, 1 day

DeFi Yield Farming Traps: High Returns or Total Wipeouts?

by luisannete22＠gmail.com

Decentralized finance (DeFi) promises passive income through yield farming, but many protocols are riddled with risks, including outright scams. High APYs often mask exploitable code or exit strategies, leading to massive losses. This piece explores yield farming pitfalls, educating users on safer participation while highlighting recovery avenues. 1. Luring with Unrealistic Yields Scammers launch DeFi protocols advertising yields over 1000% APY, drawing liquidity providers with token rewards. Victims deposit pairs like ETH-USDT into pools, staking LP tokens for farm tokens. These yields stem from inflationary emissions, unsustainable without constant inflows. Educatively, legitimate projects like Aave offer modest, risk-adjusted returns; anything hyperbolic warrants scrutiny. Check tokenomics on sites like DefiLlama for emission schedules and TVL authenticity. 2. Smart Contract Vulnerabilities and Exploits Many scams embed flaws in contracts, allowing devs to mint unlimited tokens or drain pools. Flash loan attacks amplify this, borrowing to manipulate prices then repaying in one transaction. Post-exploit, funds are swiftly moved: split into smaller batches, bridged to chains like Arbitrum, and swapped to stablecoins. Understanding oracles (e.g., Chainlink) helps spot manipulation-prone setups, as faulty price feeds enable arbitrage scams. 3. Impermanent Loss and Rug Pull Mechanics Yield farmers face impermanent loss from price volatility, but scammers exacerbate it by dumping farm tokens, crashing values. In rug pulls, liquidity is removed suddenly, stranding providers. Funds then undergo obfuscation: mixing via decentralized services, converting to privacy coins, or layering through multiple DEXs. Real cases from 2025 show how anonymous teams vanish, leaving code audits as a key preventive measure. 4. Laundering and Exit Strategies Cleaned assets hit CEXs for fiat, using accounts in low-regulation areas. Mules or nested wallets add layers, making tracing multifaceted. Educatively, monitoring on-chain metrics like holder distribution via tools like Nansen can flag concentration risks indicative of scams. Where Tracing Can Intervene DeFi's open ledgers enable detailed tracing, especially pre-cash-out. Interventions include smart contract freezes (if upgradable) or exchange alerts. Cryptera Chain Signals excels in DeFi scam forensics, analyzing contract interactions and fund flows to identify actionable points. Their 2026 track record includes recovering farmed assets through chain mapping and authority collaborations. Visit https://www.crypterachainsignals.com/ for DeFi recovery support, or email info(a)crypterachainsignals.com to initiate help. Approach DeFi with audited protocols, diversified stakes, and exit plans. Education mitigates risks, turning potential traps into opportunities.

1 week, 1 day

NFT Scams: From Minting Frauds to Wash Trading Schemes

by rogerstewer＠gmail.com

The non-fungible token (NFT) market exploded in popularity, but with it came a wave of scams exploiting creators and collectors alike. From fake minting sites to artificial hype, understanding these schemes is crucial for anyone venturing into digital collectibles. This article dissects common NFT frauds, their mechanics, and potential recovery strategies, emphasizing the importance of due diligence in this volatile space. 1. Fake Minting and Launch Scams Scammers often create counterfeit NFT projects mimicking legitimate ones, complete with stolen artwork and hype on social media. Victims are lured to mint NFTs on fraudulent websites that promise exclusivity or low gas fees. These sites typically require connecting a wallet and approving transactions, but instead of minting, they drain funds or steal approvals for unlimited transfers. For instance, a fake Bored Ape Yacht Club drop might siphon Ethereum directly. The blockchain records this as a standard transfer, but the victim loses control instantly. Educatively, always verify project links through official channels and use tools like Etherscan to check contract interactions before approving. 2. Rug Pulls in NFT Collections Once a collection gains traction, scammers execute a "rug pull" by abandoning the project after collecting mint fees. They hype roadmaps with promises of utilities like metaverse access or airdrops, only to sell off their holdings and delete social accounts. Funds from mints are pooled in a smart contract, then drained via hidden backdoors. This creates a sudden price crash, leaving holders with worthless tokens. Real-world examples include projects that raised millions in 2025 only to vanish, highlighting the need for auditing contracts via platforms like Certik. Scammers split proceeds across wallets to evade immediate detection, often using automated bots for efficiency. 3. Wash Trading and Market Manipulation To inflate perceived value, scammers engage in wash trading: buying and selling NFTs between controlled wallets to fake volume and drive up floor prices. This attracts genuine buyers who then face dumps. On marketplaces like OpenSea, this appears as rapid trades, but blockchain analysis reveals clustered addresses. Privacy tools like mixers are then used to obscure funds, hopping to chains like Polygon for lower fees. Educatively, tools like Dune Analytics can reveal unnatural trading patterns, helping investors spot fakes before committing. 4. Secondary Market Thefts and Phishing Even after purchase, NFTs are targeted via phishing for wallet credentials or through malicious Discord bots. Stolen items are quickly flipped on other marketplaces or laundered as collateral in DeFi loans. Funds from sales follow familiar paths: splitting, chain-hopping to Solana or Avalanche, and cashing out via exchanges. Once in fiat, tracing becomes a legal matter, underscoring the global challenge of NFT fraud. Where Tracing Can Intervene NFT scams leave digital footprints that experts can exploit if acted on promptly. Early reporting allows monitoring of token transfers and wallet clusters. Marketplaces often freeze suspicious listings upon evidence, while chain analysis identifies endpoints. Blockchain investigation firms like Cryptera Chain Signals specialize in NFT fraud tracing, mapping token movements across marketplaces and chains to pinpoint recovery opportunities. With expertise in forensics and partnerships with platforms, they assist in freezing assets and building cases for law enforcement, boasting numerous successes in 2026 recoveries. For professional assistance with NFT scam investigations or asset recovery, visit the Cryptera Chain Signals website at https://www.crypterachainsignals.com/. You can contact them directly via email at info(a)crypterachainsignals.com or through their secure inquiry form. Navigating NFTs requires skepticism: verify creators, audit contracts, and use secure wallets. If scammed, document everything and seek help immediately to maximize recovery chances.

1 week, 1 day

Cross-Chain Bridge Exploits: Following the Money After DeFi Hacks

by luisannete22＠gmail.com

DeFi bridges are frequent hack targets, with billions stolen historically—funds often traceable despite complexity. 1. The Exploit Hackers exploit vulnerabilities in bridge contracts. Drain liquidity pools or mint unauthorized tokens. 2. Immediate Movement Stolen assets bridged back or swapped. Split across wallets. Laundered via mixers/DEXs. 3. Laundering Path Funds hop chains, convert to stablecoins, then to exchanges. 4. Cash-Out Attempts Many hit centralized platforms eventually. Where Tracing Can Intervene Bridges leave detailed trails. Multi-Chain Analysis: Track across ecosystems. Taint Tracking: Flag tainted funds at exchanges. Community/DAO Freezes: Some protocols freeze. Cryptera Chain Signals (CCS) provides expert multi-chain forensics for hack victims and projects, identifying paths and aiding freezes/recoveries. For DeFi hack or exploit recovery support, visit https://www.crypterachainsignals.com/ or email info(a)crypterachainsignals.com. Use audited bridges, diversify, and stay informed on security alerts.

1 week, 1 day

Title: Lost Wallet Access: Recovering Funds Without the Seed Phrase

by rogerstewer＠gmail.com

Not all losses are scams—many stem from forgotten passwords, damaged hardware, or partial seed phrases. 1. Common Scenarios Forgotten wallet PIN/password. Partial seed phrase remembered. Corrupted wallet files from old devices. 2. The Challenge Without full access, funds appear locked forever. Brute-forcing full seeds is impractical. 3. Recovery Methods Experts use: Targeted analysis on wallet files. Derivation path testing. Advanced password cracking (ethical, non-brute-force). 4. Secure Migration Once accessed, migrate to new secure setups (multisig, hardware). Where Tracing Can Intervene This isn't tracing stolen funds it's forensic wallet recovery. Firms like Cryptera Chain Signals (CCS) offer specialized lost wallet recovery using secure, non-custodial methods no seed required upfront. They've assisted in numerous 2026 cases with high success when partial info exists. Visit https://www.crypterachainsignals.com/ or email info(a)crypterachainsignals.com for wallet recovery consultations. Always back up seeds securely and test restores periodically.

1 week, 1 day

Fake Investment Platforms: Anatomy of a Rug Pull Scam

by rogerstewer＠gmail.com

Scammers launch bogus trading/investment sites promising guaranteed returns, then vanish with deposits. 1. Luring Victims Ads on social media or Telegram promote "AI trading bots" or "exclusive funds." Victims sign up and deposit crypto via provided wallets. 2. Controlled Environment Fake interfaces show rising balances to encourage more investment. Withdrawals blocked with excuses ("taxes," "verification"). 3. The Exit Scam When enough funds accumulate: Site goes offline. Funds transferred out rapidly. 4. Obfuscation & Cash-Out Similar to other scams: splitting, mixing, chain-hopping, then exchange fiat off-ramps. Where Tracing Can Intervene Many platforms use traceable patterns (e.g., repeated deposit addresses). Early Alerts: Monitor for sudden outflows. Clustering: Group related wallets to reveal operators. Legal Leverage: Evidence supports civil or criminal action. Cryptera Chain Signals (CCS) analyzes these platforms' transaction histories, traces to exchanges, and supports recovery efforts with detailed reports and partnerships. For help with fake investment scams, head to https://www.crypterachainsignals.com/ or contact info(a)crypterachainsignals.com. Research platforms thoroughly check audits, team transparency, and community feedback.

1 week, 1 day

Phishing Attacks on Wallets: How Hackers Drain Your Crypto in Minutes

by luisannete22＠gmail.com

Phishing remains one of the most common ways scammers steal crypto—often through fake websites, malicious emails, or compromised links. 1. The Bait Victims receive urgent messages: "Your wallet is at risk—verify here" or fake airdrop/claim links from trusted projects. Clicking leads to spoofed sites mimicking MetaMask, Ledger, or exchanges. Users enter seed phrases, private keys, or approve malicious transactions. 2. Instant Drainage Once credentials or approvals are obtained: Scammers sweep funds to their address. Drainers auto-transfer everything (tokens, NFTs). 3. Rapid Laundering Funds move fast: Split and peeled into smaller amounts. Bridged to other chains. Mixed or swapped to break links. 4. Cash-Out Deposited to exchanges, often KYC-bypassed via layered accounts. Where Tracing Can Intervene Phishing thefts leave clear on-chain trails if reported quickly. Real-Time Monitoring: Track outgoing sweeps and downstream hops. Pattern Recognition: Identify common drainer signatures or exchange deposit clusters. Freeze Potential: Exchanges can halt if illicit origin proven early. Firms like Cryptera Chain Signals (CCS) excel at rapid phishing investigations, using AI-powered tracing to follow funds across chains and facilitate exchange freezes. In 2026, they've helped recover significant portions in time-sensitive cases. Visit https://www.crypterachainsignals.com/ for crypto scam recovery support, or email info(a)crypterachainsignals.com to get started. Protect yourself with hardware wallets and bookmark verification never enter seeds online.

1 week, 1 day

Romance Scams in Crypto: The Slow-Burn Theft Exposed Cryptera Chain Signals

by luisannete22＠gmail.com

The rise of cryptocurrency has amplified romance scams, where fraudsters build emotional trust over weeks or months before requesting funds. These "pig butchering" operations are particularly devastating because victims often send large sums willingly. 1. Building False Trust Scammers create fake profiles on dating apps or social media, posing as successful investors or entrepreneurs. They share "proof" of crypto gains to lure victims into trading platforms they control. Conversations escalate to "exclusive opportunities" like private presales or high-yield pools. Victims are guided to deposit crypto into wallets or fake exchanges. 2. The Extraction Phase Once trust is established, scammers pressure victims to invest more, promising quick returns. Funds go to scammer-controlled addresses. Fake dashboards show fabricated profits to encourage further deposits. 3. Obfuscation Tactics After extraction, funds are quickly moved: Split across dozens of wallets. Hopped through bridges to privacy-focused chains. Mixed via services or converted to privacy coins like Monero. 4. Final Laundering Cleaned funds hit centralized exchanges for fiat withdrawal, often via mule accounts. Recovery window closes fast once converted. Where Tracing Can Intervene Quick action is essential in romance scams due to the emotional manipulation factor. Immediate Reporting: Preserve all chat logs, transaction IDs, and screenshots. Blockchain Analysis: Trace patterns like repeated small deposits or specific bridge usage. Exchange Cooperation: Provide evidence to freeze incoming deposits. Blockchain investigation firms like Cryptera Chain Signals (CCS) specialize in tracing romance scam funds through complex paths, identifying endpoints, and assisting with freeze requests. With advanced forensics and a track record of hundreds of recoveries (including 2026 cases), they help victims map flows and pursue actionable steps before full laundering. For professional help with romance scam or crypto fraud recovery, visit the Cryptera Chain Signals website at https://www.crypterachainsignals.com/. Contact them directly via email at info(a)crypterachainsignals.com or through their secure inquiry form. Emotional scams hurt deeply, but blockchain transparency offers hope—act swiftly and seek expert help.

1 week, 1 day

[PATCH v2 0/6] dma-buf: heaps: add coherent reserved-memory heap

by Albert Esteve

This patch introduces a new heap driver to expose DT non‑reusable "shared-dma-pool" coherent regions as dma-buf heaps, so userspace can allocate buffers from each reserved, named region. Because these regions are device‑dependent, each heap instance binds a heap device to its reserved‑mem region via a newly introduced helper function -namely, of_reserved_mem_device_init_with_mem()- so coherent allocations use the correct dev->dma_mem. Charging to cgroups for these buffers is intentionally left out to keep review focused on the new heap; I plan to follow up based on Eric’s [1] and Maxime’s [2] work on dmem charging from userspace. This series also makes the new heap driver modular, in line with the CMA heap change in [3]. [1] https://lore.kernel.org/all/20260218-dmabuf-heap-cma-dmem-v2-0-b249886fb7b2… [2] https://lore.kernel.org/all/20250310-dmem-cgroups-v1-0-2984c1bc9312@kernel.… [3] https://lore.kernel.org/all/20260303-dma-buf-heaps-as-modules-v3-0-24344812… Signed-off-by: Albert Esteve <aesteve(a)redhat.com> --- Changes in v2: - Removed dmem charging parts - Moved coherent heap registering logic to coherent.c - Made heap device a member of struct dma_heap - Split dma_heap_add logic into create/register, to be able to access the stored heap device before registered. - Avoid platform device in favour of heap device - Added a wrapper to rmem device_init() op - Switched from late_initcall() to module_init() - Made the coherent heap driver modular - Link to v1: https://lore.kernel.org/r/20260224-b4-dmabuf-heap-coherent-rmem-v1-1-dffef4… --- Albert Esteve (5): dma-buf: dma-heap: split dma_heap_add of_reserved_mem: add a helper for rmem device_init op dma-buf: heaps: Add Coherent heap to dmabuf heaps dma: coherent: register to coherent heap dma-buf: heaps: coherent: Turn heap into a module John Stultz (1): dma-buf: dma-heap: Keep track of the heap device struct drivers/dma-buf/dma-heap.c | 138 +++++++++-- drivers/dma-buf/heaps/Kconfig | 9 + drivers/dma-buf/heaps/Makefile | 1 + drivers/dma-buf/heaps/coherent_heap.c | 429 ++++++++++++++++++++++++++++++++++ drivers/of/of_reserved_mem.c | 27 ++- include/linux/dma-heap.h | 16 ++ include/linux/dma-map-ops.h | 7 + include/linux/of_reserved_mem.h | 8 + kernel/dma/coherent.c | 34 +++ 9 files changed, 642 insertions(+), 27 deletions(-) --- base-commit: 6de23f81a5e08be8fbf5e8d7e9febc72a5b5f27f change-id: 20260223-b4-dmabuf-heap-coherent-rmem-91fd3926afe9 Best regards, -- Albert Esteve <aesteve(a)redhat.com>

1 week, 1 day

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig