Security Incidents

Address poisoning attacks on Ethereum users are increasingly automated, deceiving victims into sending money to fake wallets. Recent data reveals significant losses and highlights the economic incentives driving these attacks, emphasizing the need for caution among users.

Data from China's National Internet and Information Security Notification Center shows that there are over 200,000 active OpenClaw internet assets worldwide, with about 23,000 located within China, primarily concentrated in areas with dense network resources. These assets are exposed to security risks, and the behavior of agents is difficult to control, which could result in serious consequences such as data deletion and information theft.

As Ethereum transaction costs decline, address poisoning attacks are becoming increasingly frequent. Attackers create counterfeit similar addresses and conduct small-value transfers to trick users into sending funds to the wrong address. After the Fusaka upgrade, small-value transactions surged, causing massive losses. Although the success rate of attacks is low, attackers continue to carry out these schemes due to low costs. Users need to carefully verify addresses and remain vigilant against such risks.

OpenClaw has recently gained rapid popularity in China, attracting numerous developers and investors to experiment with AI-automated trading. Its impact has spread across various demographics, but it also faces security vulnerabilities and reliability concerns. While it has lowered the technical barriers to trading, investment decisions still require human oversight, and market sentiment gradually shifts amid volatility.

Slow Mist Technology warns that ClawHub poses security risks due to its reliance on GitHub one-click login, which makes it susceptible to credential theft for supply chain attacks. GoPlus scanned the top 100 Skills and discovered that 21% contain critical risks. Additionally, Tencent's SkillHub has sparked copyright controversy, with founders criticizing it for failing to provide support to open-source projects. Users are advised to carefully select Skills and adopt security measures to prevent potential attacks.

A Singapore court sentenced a man to two years imprisonment after he was convicted of involvement in a cryptocurrency theft case that resulted in approximately $6.9 million in losses. The case stemmed from hackers illegally accessing crypto wallets and transferring assets. Police successfully identified and arrested gang members by tracing the flow of funds. Law enforcement stated that cybercrime remains active in the digital asset sector, and countries are strengthening cooperation to enhance security measures.

Solana ecosystem platform Bonk.fun was hacked with malicious code injected, resulting in theft of funds from some users. The team stated losses are limited and advised users not to interact until the vulnerability is patched. Global cryptocurrency fraud losses have reached $17 billion in 2025, with scam tactics evolving rapidly.

Etherscan warns that after the Fusaka upgrade, Ethereum address poisoning attacks surged 612%, with 17 million attempts, affecting 1.3 million users, resulting in losses of $79.3 million. The platform recommends users manually verify addresses, use ENS domains, and other security measures.

On March 13, Project 0 founder MacBrennan announced that a team member's GitHub key was compromised, and the attacker redirected users to other websites. The team detected and prevented the vulnerability in time, avoiding any loss of funds, but one user lost $1,000, and the platform will issue a full refund.

The Global Initiative Against Transnational Organized Crime (GI-TOC) report indicates that Venezuela has become a major destination for illegal Amazon gold and conducts transactions through USDT (Tether), functioning as a money laundering hub. The article also discusses U.S. Congressional legislation targeting illegal gold mining, emphasizing the need to incorporate digital asset provisions to enhance effectiveness.

Slowmist's Chief Information Security Officer issued a security warning, reminding ClawHub developers to be vigilant against phishing and credential exposure risks. The attack pathway involves credential theft leading to malicious code injection, which could result in system compromise.

Ethereum co-founder Vitalik Buterin has proposed a new personal security solution that enhances the safety of cryptocurrency holders through a "duress code alert mechanism." Users can set a duress code in smart devices that, when triggered, automatically calls emergency services and transmits location information, thereby increasing rescue probability and reducing risks of kidnapping and robbery. This solution emphasizes passive triggering to protect civil liberties and reduce the potential for government surveillance, potentially offering new security protection ideas for crypto asset users.

The U.S. Department of the Treasury has imposed sanctions on six individuals and two entities for allegedly assisting North Korean IT workers in conducting fraud and providing financial support to North Korean weapons programs. The sanctioned entities include a North Korean company and a Vietnamese company, involving approximately $2.5 million in transfers. Investigations reveal that such fraud schemes target multiple industries and pose serious security threats to the cryptocurrency sector.

A new report from ARK Invest warns that approximately 6.9 million Bitcoin — equivalent to an estimated value of 483 billion USD at an average price of 70,000 USD — are at risk of being attacked by quantum computers in the future. Risk from elliptic curve cryptography This threat centers on the elliptic curve cryptographic system

Etherscan recently issued a security warning alerting users to beware of address poisoning attacks. Attackers create fake addresses similar to addresses users have previously interacted with to trick users into sending funds to the wrong destination. It is recommended that users confirm the complete address when transferring funds and use address highlighting features to avoid risks.

_Ledger Donjon exposed a MediaTek vulnerability that extracts Android wallet seed phrases in under 45 seconds, affecting millions of devices. CVE-2025-20435._ Ledger Donjon has uncovered a serious MediaTek vulnerability. It lets attackers pull wallet seed phrases from Android phones in seconds.

In brief Europol and partners announced the disruption of the “SocksEscort” malicious proxy service and the freezing of $3.5 million in cryptocurrency linked to the operation. The network allegedly compromised more than 369,000 routers and IoT devices and offered customers more than 35,000 p

CertiK released a report showing that cryptocurrency ATM fraud losses in the United States reached $330 million in 2025, with a 33% increase. Fraud tactics are gradually escalating, with elderly people becoming the primary targets. AI-driven fraud has 4.5 times the profitability of traditional methods, and the threat from transnational criminal organizations continues to rise.

Gate News reports that on March 12, the China Artificial Intelligence Industry Development Alliance is continuously tracking the security risk dynamics of OpenClaw and compiling an enterprise-level OpenClaw deployment risk management guide.