ChainCatcher news, according to Finance Feeds, the North Korean hacker group Lazarus Group has recently shifted its attack targets to individual investors, stealing over $5.2 million from a merchant through malware on May 24. The stolen funds involve multiple wallet types, including exchange wallets, multi-signature wallets, and external accounts.Blockchain analyst ZackXBT tracked that the hackers have transferred about 1,000 ETH through the mixer Tornado Cash.Security experts recommend that individual investors take protective measures: use hardware wallets to store large assets, enable two-factor authentication, regularly update software patches, be wary of suspicious links, and regularly check transaction records. This attack marks a strategic shift for the organization from targeting institutions to individual investors.

ChainCatcher message, SlowMist's Chief Information Security Officer 23pds tweeted that the Cork Protocol was attacked resulting in a loss of 12 million dollars. The SlowMist security team conducted a preliminary analysis of the attack reasons: it is suspected that the exchange rate can be externally controlled, leading to a price manipulation vulnerability.

ChainCatcher news, Slow Mist's Chief Information Security Officer @im23pds posted on the X platform stating that the Ethereum address of the Cork Protocol attacker holds 4,530.59 ETH, currently worth $12,125,718.18.

ChainCatcher message, Cyvers Alerts posted on platform X stating that the system detected a suspected attack on the Cork Protocol, resulting in a loss of approximately 12 million USD.The attacker deployed a malicious contract on May 28, 2025, at 11:23:19 UTC, funded by the address 0x4771...762B (possibly a service provider).Just 16 minutes and 45 seconds later, the attacker launched the attack, successfully acquiring 3,761.87 wstETH, and quickly exchanged it for ETH. Currently, the funds have not been transferred to other addresses.

ChainCatcher news, blockchain security company BlockSec posted on social media that its system detected a hacker attack targeting the decentralized stablecoin protocol Usual (USUAL), which has currently been suspended.

ChainCatcher news, on-chain detective ZachXBT stated that a victim was allegedly attacked by North Korean hackers due to malware on May 24, resulting in a loss of over $5.2 million.Previously, the victim's wallet showed outflows from various multisig, EOA, and exchange accounts, with assets being sold on the market. 1,000 ETH was deposited into Tornado Cash yesterday.

ChainCatcher message, according to on-chain analyst Scam Sniffer monitoring, a victim has mistakenly transferred approximately $1.7 million in funds to the wrong address again.

ChainCatcher news, according to Beincrypto, the blockchain security platform Scam Sniffer has disclosed that the notorious phishing organization Inferno Drainer has recently launched a new type of attack utilizing the upcoming EIP-7702 feature in Ethereum, resulting in individual user losses of up to $150,000.EIP-7702 is a proposal in the Ethereum Pectra upgrade that allows external accounts (EOA) to temporarily act as smart contract wallets during transactions. Attackers exploit this by using authorized MetaMask wallets to batch transfer user assets, rather than directly controlling wallet permissions.Yuxian, the founder of Slow Mist Technology, stated that such attacks have evolved from traditional private key theft to utilizing the "execute" command to perform malicious authorizations in the background. Security experts recommend that users regularly check their token authorization status and use tools like Etherscan to identify abnormal delegation behaviors to mitigate potential risks.

ChainCatcher news, according to monitoring by the on-chain security platform ScamSniffer, a transaction history pollution attack has resulted in a loss of $843,166 for a user. The attacker sent fake transactions with similar addresses, causing their address to appear in the victim's transaction history.

ChainCatcher news, according to Cointelegraph, U.S. District Judge Arun Subramanian has dismissed the charges of commodity fraud and market manipulation against Eisenberg.The judge ruled that the evidence presented at trial was insufficient to support the jury's conclusion that Avraham Eisenberg made significant false statements to Mango Markets. Eisenberg was convicted of wire fraud, commodity fraud, and commodity manipulation in April 2024 for profiting $110 million by exploiting a vulnerability in the decentralized exchange Mango Markets in 2022.

ChainCatcher news, according to PeckShieldAlert monitoring, the Cetus attacker transferred 24 million SUI to a new address, approximately 96 million USD.

ChainCatcher news, the liquidity protocol Cetus Protocol on the Sui chain is suspected to have been attacked, with a significant decrease in liquidity pool depth, and multiple token trading pairs on Cetus have experienced a decline.

ChainCatcher news, blockchain security company SlowMist has issued a security alert stating that potential suspicious activities related to the cryptocurrency platform Nexo have been detected. Specific details have not yet been disclosed, but users are reminded to stay vigilant and pay attention to the safety of their funds.

ChainCatcher news, Slow Mist founder Yu Xian stated that the "fake Ledger" scam has reemerged recently, with attackers mailing counterfeit Ledger devices to users, accompanied by fake manuals, guiding them to input the mnemonic phrases from their real Ledger into a fake application, resulting in asset theft. This attack method had cases as early as 2021, and there are also variants that commit fraud by pre-setting mnemonic phrases or tampering with random number generators.Experts remind that although such physical-layer phishing attacks may seem rare, their success rate is not low, and the targets are often high-net-worth users.

ChainCatcher news, according to Cointelegraph, Ethereum researcher Justin Drake stated that the cost of launching a 51% attack on Bitcoin is lower than that on Ethereum, approximately $10 billion. He pointed out that to control the Ethereum chain, one would need to control over 50% of the staked ETH, which is currently valued at nearly $44.8 billion, and the actual cost may be even higher.Drake emphasized that Ethereum's PoS mechanism has social layer defenses that can identify and socially punish attackers, while Bitcoin's PoW lacks this mechanism. Experts believe that although there are theoretical risks, the practical threshold for launching a 51% attack is extremely high for both BTC and ETH.

ChainCatcher news, according to Bloomberg, Binance and Kraken faced social engineering attacks similar to those experienced by Coinbase, but both exchanges successfully defended against them, and no customer data was leaked. Sources say that hackers attempted to bribe Binance customer service personnel and directed them to contact a designated Telegram account, while Binance detected and blocked potential bribery conversations through its AI system.

ChainCatcher news, according to Jin10, Benchmark senior equity research analyst Palmer stated in a research report that Coinbase disclosed a significant cybersecurity breach on Thursday and confirmed that the U.S. Securities and Exchange Commission (SEC) is investigating its past user metrics. This contrasts sharply with the news earlier this week that the company would be joining the S&P 500 index.Palmer believes that this cyber attack is more of a one-time event, and the SEC's investigation "is just noise and is unlikely to have any substantial impact on the bullish thesis for the company's stock."

ChainCatcher message, Zhao Changpeng released several security tips to prevent phishing attacks:Never disclose your password to anyone claiming to be "customer service." Real customer service representatives will never ask users for their passwords.Do not click on links received in emails; always log into your accounts by manually entering the website URL or using bookmarks. Before entering any password, make sure to triple-check that the website is not a phishing site.Do not use the same password across multiple sites. Use a password manager to set a unique and strong password for each site, and the password manager will not match your passwords on phishing site domains.Use hardware two-factor authentication (2FA) devices like Yubikey, which can prevent most phishing attacks.

ChainCatcher news, Coinbase stated on social media that hackers obtained some personal information of less than 1% of active users by bribing overseas customer service personnel, but passwords, private keys, or funds were not involved.Coinbase refused to pay the $20 million ransom and instead set up a $20 million reward fund to track down the attackers. Affected customers who are scammed and lose money will be compensated. Prime accounts were not affected, and the case is currently under investigation in cooperation with law enforcement.Coinbase officials estimate the losses from this ransomware incident to be between $180 million and $400 million.