IMM-2026-0055

ACTIVE
Keccak 0x3c57e20d9b3588e26f6f2ada3eccde30886d103ed5792ca2ee24c642d9b106eb
Type
SEMANTIC
Verdict
MALICIOUS
Confidence
85.0%
Severity
90
Value at risk
$65,893.00
Published by 0xd467b826..874ef4 View on explorer
Created April 30, 2026 3:45 AM
Envelope v1
Signed payload
Primary matcher semantic
MANIPULATION "sign this permit so we can refund you faster"
Scope
galileo-testnet home sepolia
Evidence redacted public excerpt
Reasoning excerpt
The email exhibits classic phishing + permit-signature exploit mechanics: false urgency (24h deadline), impersonated refund authority, and a request to sign a permit without revealing the actual transaction data. The proposed tx encodes an ERC20 transfer to an unfamiliar address (0x39D4...), strongly indicating token theft disguised as a refund. The social engineering combines authority (refund framing) and time pressure to bypass user scrutiny.

Full evidence (TEE-sealed) is fetchable by holders of the unsealing key. Public mirror carries hash only.

TEE attestation
Curated by human
Heuristically published from a known threat catalog, not derived from a TEE-verified verdict.
Evidence CID
0x50f6e0e0b9c0fce7643b4c970326dfd4e5daf03256fabe81af0bd0edb9558082
Network impact Live
Since publish
Cache hits
56
SDK check() matches
Agents synced
19
distinct callers
Attacks blocked
28
tx-level intercepts
Pool reverts
0
Uniswap v4 hook
USD protected
$65,893.00
sum of tx value at intercept
Hits over time each bar is one of 30 equal slices since publish
publish now
Recent intercepts
Agent Method Chain When
0x073c021f41ab5d6ec03212cc65fcf4766c723272 SDK check() evm:16602 (galileo-testnet) 11 hours ago
0x269164bd3a44a6a585b2b721c6f67754785f5727 SDK check() evm:16602 (galileo-testnet) 11 hours ago
0xb514c1f844dd603e385841caad10b61dfe7adc0f SDK check() evm:16602 (galileo-testnet) 2 days ago
0x52b1a7cbbf63e301126c437be676daf701fd4169 SDK check() evm:16602 (galileo-testnet) 2 days ago
0x9f99555f0aa3444a5ca3b205c26bda4749cedc30 SDK check() evm:16602 (galileo-testnet) 2 days ago
0x35fea628b18cf5015049e50c6ff64bc79276dc8b SDK check() evm:16602 (galileo-testnet) 2 days ago
0xfb2b8f80e0f99329d2ddc909cca3e82660b53e12 SDK check() evm:16602 (galileo-testnet) 2 days ago
0xc7d0ce7463628fbb93576ec034ecf508a6199521 SDK check() evm:16602 (galileo-testnet) 2 days ago
0x52b1a7cbbf63e301126c437be676daf701fd4169 SDK check() evm:16602 (galileo-testnet) 2 days ago
0xb514c1f844dd603e385841caad10b61dfe7adc0f SDK check() evm:16602 (galileo-testnet) 2 days ago
Mirror status All chains synced
Chain Tx State
sepolia
0x8ae7fe07..79af active
1 of 1 chains mirrored
v2 feature

Challenge game coming soon

Challenges let anyone counter-stake on a published antibody they believe is wrong. The publisher loses their stake if a challenge succeeds; the challenger does if it fails. The on-chain mechanics are designed; the UI lands in v2.