ChainCatcher 消息,据 GoPlus 监测,帐户抽象解决方案 Holdstation 遭遇供应链攻击,攻击者窃取开发者会话令牌,绕过双重认证,在应用更新中注入恶意代码,导致用户资金被盗。
此次攻击共造成 462,000 USDT 损失,攻击者地址为 0xcbfA60B39cfAeaE475f649fB6705bD477219bF8d。Holdstation 团队已暂停服务,承诺 100% 赔偿受影响用户,并正与安全团队合作调查事件,同时在链上发布消息,希望通过漏洞赏金计划促使攻击者归还资金。
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Articoli correlati
Wallet Draining Scam Targets Openclaw Community With Fake Airdrop
A phishing campaign on Github is targeting Openclaw developers, tricking them into connecting crypto wallets through fake token offers. Users are warned to avoid such sites to protect their funds.
Coinpedia3h fa
IPhone 爆高危漏洞「DarkSword」:駭客可竊加密錢包與私鑰,幣圈用戶成新獵物
Google 最新揭露的 DarkSword iOS 攻擊鏈利用多個零日漏洞,威脅到加密貨幣用戶的資產安全。此攻擊工具已被商業間諜軟體及國家級駭客廣泛使用,能完全控制 iPhone,存取加密錢包及敏感資料。研究顯示受影響的 iPhone 裝置高達 2.7 億台,風險對習慣使用 Web3 的用戶尤為嚴重。儘管 Apple 已修補漏洞,但攻擊技術仍具可複製性,潛在威脅仍存。
ChainNewsAbmedia8h fa
Ripple Clarifies: No Official Telegram as Scam Accounts Rise - U.Today
RippleX warns of increasing impersonation accounts on Telegram posing as Ripple representatives, emphasizing that Ripple does not have an official channel and urging XRP users to verify communications. The XRP Ledger is seeing record growth, with over 7.7 million holders, supported by favorable SEC regulations.
UToday9h fa
BONK.fun khởi động lại sau khi bị chiếm đoạt tên miền, xác nhận thiệt hại 30.000 đô la
BONK.fun has resumed operations after a recent domain takeover incident that caused $30,000 in user losses. The attack, attributed to a third-party vendor's vulnerability, involved phishing tactics. Despite recovering the domain, risks remain as some antivirus software still flags it, and the BONK token price continues to decline.
TapChiBitcoin11h fa
丈夫控妻子竊取 2 千多枚比特幣!法官:原告勝訴機率非常高
英國高等法院近期審理一起比特幣失竊案,原告 Ping Fai Yuen 指控分居妻子 Fun Yung Li 透過偷拍竊取其硬體錢包中的比特幣,價值約1.76億美元。錄音及搜查證據支持原告主張,法院判決維持資產凍結令,但駁回部分訴請。法官認為原告勝訴機率極高,建議盡快開庭。
区块客12h fa
FBI:出現假 TRC20 FBI 代幣詐騙,用戶個資與資安再拉警報
美國FBI紐約辦公室警告區塊鏈用戶,若收到聲稱與FBI相關的TRC-20代幣,應提高警覺,避免洩露個資。該詐騙手法利用假冒FBI名義,施壓受害者提交資料,並引導至釣魚網站,以進行資產詐騙。
区块客17h fa
