Cointime

Download App
iOS & Android

security

ALL From security

Scam Sniffer: One user lost $327,000 worth of crypto assets due to phishing

Scam Sniffer has monitored that about an hour ago, a user lost WBTC, PRIME, LINK, and SUDO worth $327,000 due to cryptocurrency phishing scams.

Velodrome: The Relay contract is temporarily disabled due to Thirdweb-related vulnerabilities, but the core contract is not affected.

On December 8th, decentralized exchange Velodrome on X platform stated that today the OpenZeppelin team disclosed detailed information about Thirdweb related vulnerabilities to their team. Velodrome has identified that certain functions in the Relay contract may be compromised, so Relay will be temporarily disabled until necessary adjustments are made. It should be noted that these issues will not put any user funds or veNFT at risk, and the core contracts have not been affected by the identified vulnerabilities.

Shanghai Yangpu Public Security Bureau successfully eliminated a criminal gang that used digital currency to conceal criminal proceeds for overseas telecommunications network fraud.

Recently, the Shanghai Yangpu Public Security Bureau successfully dismantled a criminal gang that used digital currency to disguise and conceal criminal proceeds for overseas telecommunications network fraud, gambling, and other crimes, and arrested 11 criminal suspects, involving an amount of more than 10 million yuan.

Velodrome: The Relay contract is affected by the Thirdweb vulnerability and has potential security risks, and Relay will be suspended

The decentralized exchange Velodrome has received specific information from the OpenZeppelin team regarding the Thirdweb vulnerability and has confirmed potential security risks in the Relay contract.<br>To protect user funds and veNFT, Velodrome has decided to temporarily suspend the use of Relay and make necessary adjustments.<br>It should be noted that these issues will not put any user funds or veNFT at risk because the core contract has not been affected by the identified vulnerabilities.

Security agency: 515 tokens are suspected to be affected by Thirdweb-related vulnerabilities, 3 of which have been attacked

On December 8th, Web3 anti-fraud platform Scam Sniffer stated that there appear to be 515 tokens on the mainnet affected by the Thirdweb related vulnerability, with 3 of them being attacked. The attacker made a profit of approximately $218,000.

The Procuratorate of Xichuan County, Henan Province handled a virtual currency pyramid scheme case involving a total amount of 120 million yuan.

The Xiachuan County Procuratorate in Henan Province recently handled a virtual currency pyramid scheme involving an amount of 120 million yuan. The suspect Wang commissioned a high-tech company to customize software, set up the "Red Bull Decentralized Exchange" website, publicly issue "NB Coins (Bull Coins)" online, develop a corresponding Red Bull Coin Trading App, and conduct pyramid schemes in the name of "virtual currency" and "blockchain", and established the "Red Bull Business School Lecturer Team" to promote offline. In just one year, the gang involved developed 2,128 members and cheated more than 120 million yuan.<br>According to the appraisal of the judicial appraisal agency, the user hierarchical relationship information of "Red Bull Decentralized Exchange" totaled 1,322,474, and users recharged with virtual currencies such as USDT and BTC, of which the amount of USDT was 201,819,88.4840085 (valued at approximately 120 million yuan). On July 14th of this year, the Intermediate People's Court of Nanyang City revoked the first-instance judgment against Wang and sentenced him to five years and nine months in prison for organizing and leading pyramid schemes, and fined him 500,000 yuan.

Cyvers Alerts: The crypto trading platform Nobitex hot wallet was suspected of being attacked, involving $12.5 million in digital assets.

On November 30th, Cyvers Alerts AI system detected that two hot wallets of the Iranian cryptocurrency exchange Nobitex may have been attacked. The system detected multiple suspicious transactions involving about $12.5 million in digital assets. It is currently unclear whether these transactions were authorized or involved asset migration.

Ministry of Public Security: Hackers and criminals are using loopholes in blockchain smart contracts to issue a large amount of "virtual currency" to rob other people's property

The Ministry of Public Security announced the measures and overall effectiveness of the nationwide public security organs' crackdown on hacker-related illegal crimes today, and released ten typical cases. The report shows that the modus operandi of hacker criminals is constantly upgrading, and new situations such as using blockchain smart contract vulnerabilities to issue "virtual currency" to defraud others' property are emerging one after another. The Sichuan police cracked a case of issuing virtual currency under the guise of disaster relief and implemented fraud, and found that the hacker group used the name of earthquake relief to release the so-called "Sichuan Refueling Coin" to lure netizens to buy it, and then used the preset backdoor to increase and cash out in large quantities. The amount involved reached 12 million yuan. Shi You, deputy director of the Network Security Protection Bureau of the Ministry of Public Security, said that the average age of hacker criminals is decreasing year by year, and even elementary school students have been found to be proficient in using hacker tools.

Bounce Finance: DDoS attack during public token sale

Decentralized auction platform Bounce Finance stated that it suffered a distributed denial-of-service (DDoS) attack during the public token sale earlier today and is currently working on system improvements.

Velodrome and Aerodrome frontends are under attack, please do not interact in any way

On November 29th, Velodrome and its forked protocol Aerodrome's frontend were attacked. Please do not interact with it.