ChainBleedv0.1 · open intel
← back to feed·ETHPHISHING2023-08-03 · 2y ago
Incident · SLOWMIST

Tim Beiko

Account Compromise
Estimated loss
VERDICT —OUT OF SCOPE
Root cause is phishing — victims signed malicious transactions or approvals off-protocol. Contract logic was not the failure surface; user-side wallet hygiene was. Pre-deployment audit cannot catch this class.
▰ METHOD
PHISHING
PHISHING
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

The Twitter account of Tim Beiko, the core developer of Ethereum, was suspected of being stolen. He posted two tweets about "ETH airdrop" within half an hour with a phishing link(ether.fo). Users are asked not to click on suspicious links to prevent funds from being stolen. According to the analysis of SlowMist, the mastermind behind the scenes is PinkDrainer. Attack method (per SlowMist): Account Compromise. Reported loss: -.

Primary source
https://www.panewslab.com/zh/sqarticledetails/cfppi2h7.html
Sourced from
slowmist
Technical record
chain
ethereum
protocol
Tim Beiko
bug_class
phishing
date_occurred
2023-08-03
loss_usd
source_id
sm:tim-beiko::2023-08-03
Related — same bug class· phishing
2026-04-29
1mo ago
Sweat Foundation
Contract Vulnerability
phishing
$3.50M
OUT OF SCOPE
2026-04-28
1mo ago
ETH
Multicall yvETH Approval Abuse (victim 0x9828)
Approval-drainer via multicall aggregator (phishing pattern)
phishing
$980.1K
OUT OF SCOPE
2026-04-27
1mo ago
ETH
Unverified Contract 0x2990A16D
Stale approval drain on unverified contract
phishing
$229.0K
OUT OF SCOPE
2026-04-03
2mo ago
Adobe
Supply Chain Attack
phishing
OUT OF SCOPE
2026-04-02
2mo ago
Trust Wallet
Infrastructure Hijacking
phishing
OUT OF SCOPE
2025-12-04
6mo ago
USPD
"CPIMP" (Clandestine Proxy In the Middle of Proxy) attack
phishing
$1.00M
OUT OF SCOPE
ChainBleed — live web3 threat intelligence