{"id":22041914,"url":"https://github.com/blocksecteam/metasleuth_resources","last_synced_at":"2026-01-04T20:45:11.524Z","repository":{"id":171575415,"uuid":"648113833","full_name":"blocksecteam/metasleuth_resources","owner":"blocksecteam","description":"A collection of investigation reports analyzed with MetaSleuth, a crypto fund flow visualization and analysis tool powered by @blocksecteam.","archived":false,"fork":false,"pushed_at":"2023-06-14T00:16:00.000Z","size":7,"stargazers_count":17,"open_issues_count":1,"forks_count":3,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-01-28T19:46:19.967Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/blocksecteam.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-06-01T08:35:03.000Z","updated_at":"2024-12-12T17:05:01.000Z","dependencies_parsed_at":"2023-08-21T09:47:06.530Z","dependency_job_id":null,"html_url":"https://github.com/blocksecteam/metasleuth_resources","commit_stats":null,"previous_names":["blocksecteam/metasleuth_reports","blocksecteam/metasleuth_resources"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blocksecteam%2Fmetasleuth_resources","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blocksecteam%2Fmetasleuth_resources/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blocksecteam%2Fmetasleuth_resources/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blocksecteam%2Fmetasleuth_resources/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/blocksecteam","download_url":"https://codeload.github.com/blocksecteam/metasleuth_resources/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245108333,"owners_count":20562025,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-30T12:10:22.420Z","updated_at":"2026-01-04T20:45:11.493Z","avatar_url":"https://github.com/blocksecteam.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# MetaSleuth Investigation Reports\n\n## Tutorials \u0026 Feature Tips\n### Tutorials\n- [MetaSleuth Tutorials 101 - How to use MetaSleuth to analyze a phishing attack](https://blocksecteam.medium.com/metasleuth-how-to-use-metasleuth-to-analyze-a-phishing-attack-b525caac14c5)\n\n### Feature Tips\n#### Customize Edge Visibility\n- [Filter transfers via Token Selector](https://twitter.com/MetaSleuth/status/1662037812152270849)\n- [Fine-tune edge visibility in Edge List](https://twitter.com/MetaSleuth/status/1662381274957479936)\n\n#### Interact with Address Node\n- [Click on an address node](https://twitter.com/MetaSleuth/status/1661274499080126467)\n- [Edit node appearance](https://twitter.com/MetaSleuth/status/1649343905081724928)\n- [Unlock the power of address panel](https://twitter.com/MetaSleuth/status/1661646760136286208)\n- [Tracing funds in one direction](https://twitter.com/MetaSleuth/status/1664153983961923595)\n\n#### Others\n- [Fake/dust token mark](https://twitter.com/MetaSleuth/status/1641421880942034949)\n- [Incomplete analysis prompt](https://twitter.com/MetaSleuth/status/1646105974078599168)\n- [Share analyzed results via 'Shared Link'](https://twitter.com/MetaSleuth/status/1650065235234160641)\n\n\n\n## Cases of using MetaSleuth to analyze security incidents\n\n### Attack / Hack / Rug Pull\n| Date | Event | MetaSleuth Link |\n| :--- | :---: | ---------------:|\n| 2023.05.26 | [SAMO Suspicious Rug Pull](https://twitter.com/MetaSleuth/status/1662098229083914240) | [🔗](https://metasleuth.io/result/arbitrum/0x7328bEF774b51154DF52873e41682015223b9909?source=3d771dab-9866-409a-b282-907dbd2f7ce0) |\n| 2023.05.21 | [Tornado Cash DAO Attack](https://twitter.com/MetaSleuth/status/1660220008549560322) | [🔗](https://metasleuth.io/result/eth/0x092123663804f8801b9b086b03B98D706f77bD59?source=a253d403-e756-443e-a4ac-bebfbc56ee10) |\n| 2023.05.19 | [Swaprum Rug Pull](https://twitter.com/MetaSleuth/status/1659379410892640256) | [🔗](https://metasleuth.io/result/eth/0xaaf8b44376f4ef3ed477eeeb3553b7623fef5e1c?source=e47c11cf-d3a3-483e-99cf-bb0a54902fd8) |\n| 2023.05.06 | [DEI Token Exploit](https://twitter.com/MetaSleuth/status/1654688526095745024) | [🔗](https://metasleuth.io/result/arbitrum/0x189cf534de3097c08b6beaf6eb2b9179dab122d1?source=ceba641b-f503-4cee-aba8-3345818302da) |\n| 2023.04.28 | [0vixProtocol Attack](https://twitter.com/MetaSleuth/status/1651930386904252421) | [🔗](https://metasleuth.io/result/polygon/0x702ef63881b5241ffb412199547bcd0c6910a970?source=b7631565-4ec8-459d-a0f0-884b6323c215) |\n| 2023.04.19 | [Elleria Bridge Hack](https://twitter.com/MetaSleuth/status/1648905557410201601) | [🔗](https://metasleuth.io/result/eth/0xf2cbf39e7668ebb113f2c609bbd6ea1dfce5d376?source=7bce3560-6758-47cb-ab92-1abd6263fe79) |\n| 2023.04.13 | [Yearn Finance Attack](https://twitter.com/MetaSleuth/status/1646441750918217728) | [🔗](https://metasleuth.io/result/eth/0x8102ae88c617deb2a5471cac90418da4ccd0579e?source=a4bbce7b-0e6b-40d9-a751-e8d09a40bce4) |\n| 2023.04.09 | [GDAC Exchange Hack](https://twitter.com/MetaSleuth/status/1645692516401033216) | [🔗](https://metasleuth.io/result/eth/0x87597bdb421482190e223aca0a4dead75ab0a98d?source=7b74f8f1-a74d-47db-b76e-c50c11f25409) | \n| 2023.04.09 | [SushiSwap RouteProcessor2 Attack](https://twitter.com/MetaSleuth/status/1644940303466647553) | [🔗](https://metasleuth.io/result/eth/0xb8f57cf82b7057d9d03f1500e3f0ce46980388c3b13ff317f1c617d932313386?source=14596d51-2cd0-4688-987f-36e34f36bd5a) |\n| 2023.03.13 | [Euler Finance Attack](https://twitter.com/MetaSleuth/status/1635210320636682242) | [🔗](https://metasleuth.io/result/eth/0xebc29199c817dc47ba12e3f86102564d640cbf99?source=dd621df4-27bc-4c06-8488-faf79a2e69c7) |\n| 2023.02.27 | [DND Token Exploit](https://twitter.com/MetaSleuth/status/1630210958084952065) | [🔗](https://metasleuth.io/result/bsc/0xBACa2500B0F3009B420A7592BB1485E7bA419D76?source=7c53fc54-e594-4c93-8d63-74503f1abfb6) |\n| 2023.02.21 | [Hope Finance Rug Pull](https://twitter.com/MetaSleuth/status/1627907105394130944) | [🔗](https://metasleuth.io/result/eth/0x957D354d853a1FF03dDa608F3577d24eA18fCecE?source=249b94d6-bd23-473c-aeb7-e02d02ca50ee) |\n| 2023.02.17 | [Platypus Attack](https://twitter.com/MetaSleuth/status/1626427932314054656) | [🔗](https://metasleuth.io/result/avalanche/0xeff003d64046a6f521ba31f39405cb720e953958?source=dfd4d20e-b9a2-4d11-a255-6800c0a5c2b7) |\n| 2023.02.17 | [Dexible Attack](https://twitter.com/MetaSleuth/status/1626496855520739328) | [🔗](https://metasleuth.io/result/eth/0x684083f312ac50f538cc4b634d85a2feafaab77a?source=5f071a34-d87e-4c66-b9eb-d048e524be6b) |\n| 2023.02.12 | [Solfire Finance Rug Pull](https://twitter.com/MetaSleuth/status/1624799652158795776) | [🔗](https://metasleuth.io/result/eth/0x47f238e6cfc42213c163039e55cc856306b53cb3?source=8734284e-91df-48ad-bfc1-8a12f66fcc9e) |\n| 2023.02.10 | [dForcenet Attack](https://twitter.com/MetaSleuth/status/1623911374551412738) | [🔗](https://metasleuth.io/result/eth/0xe0d551017c0111ac11108641771897aa33b2817c?source=7c293039-fe13-4faf-93a9-756a3c27d9cc) |\n| 2023.02.02 | [BonqDAO Attack](https://twitter.com/MetaSleuth/status/1621006016065474560) | [🔗](https://metasleuth.io/result/polygon/0xcacf2d28b2a5309e099f0c6e8c60ec3ddf656642?source=366a8ae3-b0c6-42f9-9932-d05fe599dd12) |\n| 2023.02.02 | [Orion Rug Pull](https://twitter.com/MetaSleuth/status/1621133145092542464) | [🔗](https://metasleuth.io/result/eth/0xe12b7d714256343ef9387b4a0f22b33616b1a4ff?source=74bcf7cb-6420-430d-94ac-3970606609a7) |\n\n\n### Phishing\n| Date | Event | MetaSleuth Link |\n| :--- | :---: | ---------------:|\n| 2023.06.13 | [Demystifying Profit Sharing in Inferno Drainer](https://blocksecteam.medium.com/demystifying-profit-sharing-in-inferno-drainer-2e8a9afb974b) || \n| 2023.04.28 | [Dust Phishing Scam](https://twitter.com/MetaSleuth/status/1651867346582003713) | |\n| 2023.04.17 | [Profit-sharing in phishing scams](https://twitter.com/MetaSleuth/status/1647810647152005120) | [🔗](https://metasleuth.io/report?report_id=8e22db2d295557bd23b45a9a0f0d1ada) |\n| 2023.03.31 | [Fake_Phishing66321 lured more than $10M in a short week](https://twitter.com/MetaSleuth/status/1641741859876900865) (follow-up [1](https://twitter.com/MetaSleuth/status/1643901208116224000), [2](https://twitter.com/MetaSleuth/status/1644261722059051008)) | [🔗](https://metasleuth.io/result/eth/0xb475fd8c0c08164b677cd48cd685adaafcfa68386764909e1601bb8b8df70306?source=aa850b99-7dde-44ec-8293-de0624ec1786), [🔗](https://metasleuth.io/result/eth/0xc818d42bcff714343df350d29087638f58ad2f15a0ff93c91b12e5313333a017?source=42aadd58-2c1e-4a36-b248-9ac5d44861f5) | \n| 2023.03.23 | [A new scam method that combines the features of fake token and zero transfer](https://twitter.com/MetaSleuth/status/1638765390355628033) | |\n| 2023.03.15 | [Zero-transfer scam upgrade: Small-value transfer fraud](https://twitter.com/MetaSleuth/status/1635856097067294722) | |\n| 2023.03.08 | [Zero-dollar purchase scam moves to Blur](https://twitter.com/MetaSleuth/status/1633714741834301440) | [🔗](https://metasleuth.io/result/eth/0x1661F1B207629e4F385DA89cFF535C8E5Eb23Ee3?source=715732d3-47fc-4d2a-9f0a-56f163dd9c82) | \n| 2023.02.15 | [Scams taking advantage of the Blur airdrop event](https://twitter.com/MetaSleuth/status/1625836399353282562) | |\n| 2023.02.09 | [The simple approval phishing campaign made a profit of 500K in two months](https://twitter.com/MetaSleuth/status/1623652965583298560) | [🔗](https://metasleuth.io/result/eth/0xf6728c9c78d3a794770960c37b4708e395fae079?source=bc348ce6-3091-43ba-bad2-3d3ef40c8322) |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblocksecteam%2Fmetasleuth_resources","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fblocksecteam%2Fmetasleuth_resources","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblocksecteam%2Fmetasleuth_resources/lists"}