SlowMist Yuxian: CEX users’ assets worth millions of dollars were stolen by malicious counter-trading again

SlowMist founder Yu Xian posted on X platform that another user's CEX account was maliciously hacked, resulting in the theft of millions of dollars in assets. The team is currently analyzing and following up on the incident.

According to Yu Xian, there are many attack methods targeting the CEX web platform, such as the previous malicious extension that took away cookies, as well as clipboard attacks, form tampering, and request tampering. In addition to malicious extensions, reverse proxy phishing, Trojan viruses, and other methods are also feasible. The web platform has many vulnerabilities, so risk control strategies must be higher than those of the app platform.

CEX

Comments

All Comments

Recommended for you

Putin: Russia "supports" Harris, calls her smile "contagious"

According to foreign media such as TASS and Russia's Sputnik News, Jinse Finance reported that on the afternoon of September 5th local time, Russian President Putin said at the plenary session of the Eastern Economic Forum 2024 that Russia will "support" the US Democratic Party presidential candidate and vice president Harris as recommended by the US President Biden in the upcoming US presidential election. When asked how he viewed the 2024 US election, Putin said it was the choice of the American people. The new US president will be elected by the American people, and Russia will respect the choice of the American people. Putin also said that just as Biden suggested his supporters to support Harris, "we will do the same, we will support her." The report said that Putin also joked that Harris' laughter is "expressive and infectious," which shows that "she is doing everything well." He added that this may mean that she will avoid further sanctions against Russia.
Federal Reserve Beige Book: Respondents generally expect economic activity to remain stable or improve

The Federal Reserve's Beige Book pointed out that economic activity in three regions has slightly increased, while the number of regions reporting flat or declining economic activity has increased from five in the previous quarter to nine in this quarter. Overall employment levels remain stable, although some reports indicate that companies are only filling necessary positions, reducing working hours and shifts, or reducing overall employment levels through natural attrition. However, reports of layoffs are still rare. Generally speaking, wage growth is moderate, and the growth rate of labor input costs and sales prices ranges from slight to moderate. Consumer spending has declined in most regions, while in the previous reporting period, consumer spending remained stable overall.
Nvidia: No subpoena received from the US Department of Justice

Nvidia (NVDA.O) stated that it has not received a subpoena from the US Department of Justice.
Techub News ·

Pudgy Penguins CEO：何为消费级加密货币应用

加密货币行业中的一些 builder 努力地重复造轮。如今，一些突破性的消费级产品，若是能基于区块链打造并利用好加密货币的激励机制，其规模可能是现在的 10 倍。与其试图重新创建一种模式，不如利用现有的模式进行加密化改造。我认为，许多尚未面世的消费级加密货币应用在 Web2 中都有对应的产品，它们正等待着通过加密货币释放巨大的增长潜力。
Footprint_Data ·

Why We Created Growthly: Revolutionizing Web3 Growth

Why We Created Growthly: Revolutionizing Web3 Growth
Xangle ·

Cypherpunk 2024 Part.1

In today’s world, the internet has woven itself into nearly every aspect of our lives, influencing how we work, socialize, and think. The sheer amount of personal information stored on a single device could easily reconstruct someone’s entire life. B
Mint Blockchain ·

Forest Expedition Launch: Today, A Forest Goes Fully On-Chain! 🌳

Today marks an unprecedented achievement: a forest fully on-chain. This milestone represents a revolutionary step forward in the Mint Blockchain and Web3 ecosystem.
Xangle ·

NEAR 2Q24 Review

NEAR Protocol (NEAR) is a layer 1 blockchain that employs the threshold Proof of Stake (TPoS) consensus mechanism. Designed for performance, security, and scalability, NEAR is both user-friendly and carbon-neutral. Recently, NEAR has gained traction
Xangle ·

Not Just a Made Up Story

On August 19, 2024, authors Andrea Bartz, Charles Graeber, and Kirk Wallace Johnson filed a class-action lawsuit against AI company Anthropic, accusing the company of illegally downloading copyrighted books to train its AI model, Claude. Just a month
Ripple CEO: Stablecoin RLUSD will be launched in the coming weeks

Ripple CEO Brad Garlinghouse said during a fireside chat at the Korea Blockchain Week that the company will launch its new stablecoin in "weeks, not months". Garlinghouse also criticized the attitude of Gary Gensler, chairman of the US Securities and Exchange Commission, towards cryptocurrencies, calling OpenSea's experience "regrettable". The CEO of Ripple said he is more "optimistic" about the future of cryptocurrencies in the next five years than ever before.