BlockBeats 消息,2 月 20 日,慢雾创始人余弦转帖发布安全提醒,目前 OpenClaw 的 ClawHub 市场共发现 1184 个恶意技能,这些技能会窃取 SSH 密钥、加密钱包、浏览器密码并打开反向 shell。仅一名攻击者就上传了 677 个软件包。排名第一的技能存在 9 个漏洞,下载量达数千次。
余弦提醒用户,文本不再是文本,而是指令。建议通过独立环境使用 AI 工具,许多 OpenClaw 技能存在潜在风险。此外,Web3 安全里合约只是一部分,真正事故原因早已不仅仅是合约。前几日 Moonwell 被盗 178 万美元,缺陷代码来自 Co-Authored-By:Claude Opus 4.6。
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Gerelateerde artikelen
Elon Musk's X to Auto-Lock Accounts Posting Crypto for First Time
X is implementing a new feature that auto-locks accounts with their first crypto post to combat phishing attacks. This aims to reduce the misuse of hijacked accounts for scams while enhancing user security.
Coinpedia4u geleden
ZachXBT accuses Circle of $420M in 'compliance failures' since 2022
Onchain detective ZachXBT claims that Circle, the issuer of the USDC (USDC) stablecoin, has failed to freeze or blacklist about $420 million in illicit fund flows since 2022.
Circle can freeze illicit funds and blacklist wallet addresses, but either took “minimal” action to freeze illicit flows or
Cointelegraph4u geleden
Circle 遭控放任 4.2 億美元非法資金流動!ZachXBT 揭 USDC 合規漏洞引爆爭議
美國穩定幣公司 Circle 被指控未能有效凍結超過 4.2 億美元的可疑 USDC 資金。調查員 ZachXBT 指出,自 2022 年以來,Circle 在多起駭客事件中延誤了凍結行動,引發市場對其合規性的質疑。事件中的 Drift Protocol 攻擊更是令 Circle 批評成為焦點。市場呼籲 Circle 提高風險管理標準,隨後其合規執行延誤已對用戶造成嚴重損失。
ChainNewsAbmedia5u geleden
Elon Musk's X to deploy scam kill switch by auto-locking first-time crypto mentioners
Social media platform X will auto-lock accounts that mention cryptocurrency for the first time, requiring additional verification to deter crypto phishing scams. This new measure aims to eliminate incentives for attacks that hijack accounts to promote fraudulent tokens.
CoinDesk6u geleden
four.meme 因技术缺陷暂停税费模式代币创建,将为受影响用户全额退款
four.meme公告因0x9f4开头项目税费收款地址存在缺陷,导致卖出交易失败,已暂停相关代币创建功能并建议用户停止交易。同时,将为4月3日22:50前购买的受影响用户提供全额退款。
GateNews7u geleden
上傳私密影片裸貸虛擬貨幣?「英雄貸」鎖定走投無路的人,違約就上傳 OnlyFans
一個結合加密貨幣、成人內容與高風險借貸機制的產品,近日在幣圈與社群平台引發熱議。名為「Hero Loan(英雄貸)」的專案,打出「無質押貸款」的口號,卻要求用戶上傳私密影片作為條件,並將違約風險與成人平台變現機制綁定,被不少網友形容為「加密版裸貸」。
該專案甚至以「如果你覺得這不會有人用,代表你還沒走到絕境」作為宣傳語,明確鎖定高風險、資金壓力極大的用戶族群。不過在曝光不久後,有網友表示發了影片沒收到錢,KOL 也回應說這個專案疑似跑路了。
不過說真的,私密影片只值 60 塊也太慘了吧。
「英雄貸」鎖定走投無路的人
根據官方網站資訊,該產品運行於 BNB Chain,主打為「走投無路的
ChainNewsAbmedia8u geleden
