IMM-2026-0041
ACTIVE
Keccak
0x691c416660a419dda8345539de0c5a049b9b72ed53fbfa83b5132108824388e4
Type
BYTECODE
Verdict
MALICIOUS
Confidence
86.0%
Severity
83
Value at risk
$0.00
Created
April 29, 2026 5:59 PM
Envelope
v1
Signed payload
Primary matcher
bytecode
0x1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1234
Scope
galileo-testnet
home
sepolia
Evidence
redacted public excerpt
Reasoning excerpt
Deployed-runtime hash of the Pink Drainer kit. Operators rotate deploy addresses on a daily-to-weekly cadence, but they reuse a single compiled artifact, so the bytecode hash anchors detection across the entire affiliate fleet. Attribution comes from ScamSniffer's warnlist correlation between kit deployments and stolen-approval receipts. Treating bytecode matches as MALICIOUS short-circuits the affiliate-rotation game.
Full evidence (TEE-sealed) is fetchable by holders of the unsealing key. Public mirror carries hash only.
TEE attestation
Curated by human
Heuristically published from a known threat catalog, not derived from a TEE-verified verdict.
Evidence CID
0x86a0676cf66f76779efc844c8948ee45c72468a4177d18378e5bb4a08a1602b8
Network impact
Live
Since publish
Cache hits
0
SDK check() matches
Agents synced
0
distinct callers
Attacks blocked
0
tx-level intercepts
Pool reverts
0
Uniswap v4 hook
USD protected
$0.00
no blocks recorded yet
Hits over time
each bar is one of 30 equal slices since publish
publish
now
Recent intercepts
| Agent | Method | Chain | When |
|---|---|---|---|
|
No agent has had to block this antibody yet.
Intercepts appear here in real time as agents match this pattern in the wild.
|
|||
| Chain | Tx | State |
|---|---|---|
|
sepolia
|
0x72ebe2da..0285 | active |