ChainCatcher news, Aptos ecosystem DeFi project Thala has released the latest announcement stating: due to a security vulnerability attack on the latest V1 liquidity pool contract, assets worth 25 million USD have been stolen.Currently, Thala has suspended all related contracts and frozen Thala token assets (9 million USD MOD and 2.5 million USD THL). With the assistance of other institutions, an agreement has been reached with the attacker to recover all user assets through a 300,000 USD bounty.Affected users do not need to take further action; positions will be restored to 100% completeness. However, all related contracts and the Thala frontend will remain in a suspended state until deemed completely secure.

ChainCatcher message, Slow Mist founder Yu Xian posted an update on the DEXX incident on social media, stating that Slow Mist has received nearly 500 requests for information regarding the DEXX theft. The incident analysis is still ongoing, and the preliminary assessment indicates a loss in the tens of millions of dollars (due to significant price fluctuations of some meme coins). Almost every victim corresponds to a different attacker address, indicating that the attackers had been planning this incident for a long time. The source of the gas was exchanged through XMR three days ago.

ChainCatcher message, the gmgn website has just suffered a malicious attack, with attack methods including high-frequency crawling and flood attacks among others. The development team is urgently conducting repairs, and the token details page's holding collection function and transaction activity record function have been restored. Other services are gradually being restored.

ChainCatcher news, according to monitoring by Pie Shield, the Bunny Finance attacker marked address has transferred approximately 1,411.2 ETH (about 4.7 million USD) to Tornado Cash in the past 9 hours.

ChainCatcher news, according to the monitoring by Shield, there has been a large amount of fund movement on the ARB chain DeFi project DeltaPrime, suspected to be under attack again.Previous report, on September 16, according to Cyvers Alerts monitoring, the ARB chain DeFi project DeltaPrime was suspected to have been attacked, and the administrator seems to have lost the private key, resulting in a loss of about 4.5 million dollars.

ChainCatcher news, according to CertiK monitoring, the CoinStats attackers have just resumed their money laundering activities after several months of inactivity. On November 9, approximately 2.6 million Dai were transferred to four new addresses, and a day later, another approximately 2.6 million Dai were deposited into the MakersDai contract.Nevertheless, half of the 3,027 ETH (about 10 million USD) transferred to 0x7397 has not moved, as there are 2.6 million Dai on 0x7b00 and 762 ETH on 0x7d38.

ChainCatcher news, CryptoQuant founder and CEO Ki Young Ju posted on the X platform that two years ago he disclosed the FTX "run" data, helping investors avoid the impact, and FTX stopped user withdrawals two days after the data was disclosed.However, many crypto influencers fiercely attacked him at that time, but later everyone deleted their comments.

ChainCatcher news, according to Cointelegraph, based on a report from SentinelLabs, North Korean hackers known as BlueNoroff are using new malware to attack cryptocurrency companies. The malware operation, codenamed "Hidden Risk," spreads through multiple stages via PDF files, using fake news headlines and cryptocurrency market research to lure users into downloading it.The malware package contains multiple features designed to provide hackers with a backdoor for remote access to victims' computers, stealing sensitive information, including private keys for digital asset wallets and platforms. According to cybersecurity company Recorded Future, North Korean hacker groups have stolen approximately $3 billion since 2017.

ChainCatcher news, according to Decrypt, French multinational company Schneider Electric has suffered a ransomware attack, with the hacker group "Hellcat" demanding $125,000 worth of baguettes or the cryptocurrency Monero as ransom, or they will publicly release 40GB of sensitive data stolen from the company.It is reported that the group published the ransom note through anonymous social media accounts, claiming to have obtained key information about the company's customers and operations. This attack marks the third cyber attack on Schneider Electric in two years.The company has confirmed that it is investigating the incident, stating that the attacked platform is in a quarantined environment and that the company's products and services have not been affected. Analysts point out that the hackers' choice of baguettes as a demand is for "marketing" purposes, to increase their visibility in the ransomware market.

ChainCatcher news, according to CertiK Alert monitoring, the attackers of the crypto entertainment platform METAWIN have transferred 331 ETH (approximately $800,000) to different wallets. These ETH were sent in batches of 13, 19, and 21 ETH.Previous news, METAWIN was hacked, resulting in a loss of approximately $4 million in assets. The hackers stole funds from hot wallets on Ethereum, Base, and Solana, and have transferred some of the stolen money to KuCoin, HitBTC, Binance, and ChangeNow.

ChainCatcher news, Zhao Changpeng responded to Sun Yuchen on X, stating: "Thank you for your support, this is recognition from someone who operates two competing exchanges. We should strive to reduce such 'quote attacks' in the industry. Bitcoin has never paid any listing fees. Focus on the project, not the exchange."Previous news, Sun Yuchen had stated that Binance never asked him for listing fees, but Coinbase demanded 500 million TRX and required a deposit of 250 million USD in BTC custody.

According to ChainCatcher, a report from the security firm stated that in October 2024, there were a total of 20 hacker attacks in the cryptocurrency sector, resulting in losses of approximately $88.47 million. The top 5 hacker attacks include:RadiantCapital: $53 million (bridged to Ethereum);U.S. government seized funds: $20 million (returned);Eigenlayer: $5.7 million (money laundering transferred to HitBTC, Bybit);TapiocaFoundation: $4.7 million (BNBChain);SUNRAYFINANCE: $2.86 million (BNBChain).

ChainCatcher message, according to CertiK Alert monitoring, the private key of SUNRAY·FINANCE has been leaked, and the attacker has gained ownership of SUN and ARC tokens, minted a large number of tokens, and then sold them off to drain its DEX trading pair.Currently, the attacker has stolen $2.855 million in funds.

ChainCatcher news, Slow Mist founder Cosine stated that Lottie Player was attacked by supply chain poisoning, with Ace Drainer related to phishing gangs poisoning the front-end script module Lottie Player relied on by well-known Web3 projects. Fortunately, it was discovered in time, and the impact should be minimal.If your project uses the Lottie Player module, please check whether there is any malicious code introduced (currently known versions 2.0.4 and the latest 2.0.8 do not contain malicious code).

ChainCatcher message, according to Scam Sniffer monitoring, Lottie Player suffered a supply chain attack earlier today, which may have affected projects such as 1inch and Movement.

ChainCatcher news, the DEX Ambient on the Scroll chain announced on platform X that it has fully compensated all victims who recently suffered phishing attacks due to domain hijacking, with payments made in ETH, as there is no secure way to send tokens to these addresses. Users are advised to transfer their assets to a new wallet.ChainCatcher previously reported that the DEX protocol Ambient Finance on the Scroll chain stated on platform X that the domain has been hijacked and is currently working with the banning team and the domain registrar to resolve the issue as soon as possible. The contract is completely secure, and funds are safe. However, please do not interact with the Ambient Finance frontend until further notice.

ChainCatcher news, Ethereum co-founder Vitalik posted on the X platform that the amount of ETH he holds has increased. Now Ethereum does not lose 5 million ETH annually on proof of work, and the network fees are very low, with transactions completed in 30 seconds instead of 1-30 minutes (achieved through EIP-1550).Since 2016, Ethereum has never gone down due to DoS attacks or consensus failures. Various security efforts (internal development and grants) have prevented many fund losses, and the related libraries also provide various codes for users, including wallets, DeFi applications, etc.

ChainCatcher news, according to Jinshi reports, the Israel Defense Forces issued a statement on the morning of the 26th local time, stating that the Israeli military completed its attack on Iran that day and achieved its set goals.The statement indicated that Israeli Air Force fighter jets attacked Iran's missile production facilities, surface-to-air missile arrays, and other installations, with all Israeli aircraft safely returning to Israel.Meanwhile, the Iranian air defense forces stated that Israel attacked several military centers in Tehran, Khuzestan, and Ilam provinces. The air defense system successfully tracked and retaliated against Israel's "aggression," although certain locations suffered limited damage.

ChainCatcher news, according to Onchain Lens monitoring, the hackers who previously attacked the U.S. government wallet are suspected to have started returning funds. Data shows that the U.S. government wallet has received 13.19 million aUSDC and 2,408 ETH, worth approximately 6.1 million dollars, all of which came from hacker addresses.

ChainCatcher message, according to @ai_9684xtpa monitoring, after the stolen funds from the U.S. government were transferred to an address starting with 0x348, some stablecoins have been exchanged for 2709 ETH (approximately 6.08 million USD).The exchanged ETH has been distributed to Binance and two new addresses, and the hacker's wallet currently still holds AUSDC worth 13.2 million USD.