IMM-2026-0027
ACTIVE
Keccak
0xbc1d2b129086025f8f2c5935ca1a5d55c5eb1bfd688195f40840b8ebf27f2a78
Type
GRAPH
Verdict
MALICIOUS
Confidence
87.0%
Severity
84
Value at risk
$0.00
Created
April 29, 2026 5:24 PM
Envelope
v1
Signed payload
Primary matcher
graph
0xba9c8de44faef70be1400ca66762177b21f25916ab0ed8ffffd42fb3c376f67a size=1
Scope
galileo-testnet
home
sepolia
Evidence
redacted public excerpt
Reasoning excerpt
Downstream cluster rooted at the Atomic Wallet drainer consolidation address from the June 2023 incident. Elliptic's chain-hopping analysis traces the proceeds through cross-chain bridges into known mixer cohorts, expanding the taint set beyond the single root address. Verdict MALICIOUS: the cluster inherits the Lazarus-attributed status of the root and the practical impossibility of distinguishing victim refunds from operator movements within the cluster.
Full evidence (TEE-sealed) is fetchable by holders of the unsealing key. Public mirror carries hash only.
TEE attestation
Curated by human
Heuristically published from a known threat catalog, not derived from a TEE-verified verdict.
Evidence CID
0x3e1f77157e7d46ba9fb7a7824e58235aca4904e867f3b4208c6b6d44b3556ded
Network impact
Live
Since publish
Cache hits
0
SDK check() matches
Agents synced
0
distinct callers
Attacks blocked
0
tx-level intercepts
Pool reverts
0
Uniswap v4 hook
USD protected
$0.00
no blocks recorded yet
Hits over time
each bar is one of 30 equal slices since publish
publish
now
Recent intercepts
| Agent | Method | Chain | When |
|---|---|---|---|
|
No agent has had to block this antibody yet.
Intercepts appear here in real time as agents match this pattern in the wild.
|
|||
| Chain | Tx | State |
|---|---|---|
|
sepolia
|
0x7143b243..0fd9 | active |