IMM-2026-0023
ACTIVE
Keccak
0xa4701be19afe34b26b15ae80c18302eb7eccfb08ef94aece334f70d8c0160d43
Type
BYTECODE
Verdict
MALICIOUS
Confidence
84.0%
Severity
80
Value at risk
$0.00
Created
April 29, 2026 5:22 PM
Envelope
v1
Signed payload
Primary matcher
bytecode
0x3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f12345abc
Scope
galileo-testnet
home
sepolia
Evidence
redacted public excerpt
Reasoning excerpt
Runtime hash of the contract used in the June 2023 Atomic Wallet drain. Elliptic's 2023 incident report attributes the operation to the DPRK-aligned Lazarus Group based on chain-hopping signatures and prior-incident overlap. The bytecode hash is the most durable primitive for this incident because the operators frequently reuse runtime artifacts across redeployments. MALICIOUS verdict mirrors both the incident attribution and the sanctioned-actor designation.
Full evidence (TEE-sealed) is fetchable by holders of the unsealing key. Public mirror carries hash only.
TEE attestation
Curated by human
Heuristically published from a known threat catalog, not derived from a TEE-verified verdict.
Evidence CID
0x53d0259feb59430ebf93fae3f7898f89c73ca83dc8489d99ab36d25d887fe621
Network impact
Live
Since publish
Cache hits
0
SDK check() matches
Agents synced
0
distinct callers
Attacks blocked
0
tx-level intercepts
Pool reverts
0
Uniswap v4 hook
USD protected
$0.00
no blocks recorded yet
Hits over time
each bar is one of 30 equal slices since publish
publish
now
Recent intercepts
| Agent | Method | Chain | When |
|---|---|---|---|
|
No agent has had to block this antibody yet.
Intercepts appear here in real time as agents match this pattern in the wild.
|
|||
| Chain | Tx | State |
|---|---|---|
|
sepolia
|
0xb7141f07..cd91 | active |