ChainCatcher news, according to a report by Cointelegraph, data from blockchain security company PeckShield shows that the total losses from cryptocurrency hacks in the first quarter of 2025 reached $1.63 billion, a year-on-year increase of 131%. Among these, the attacks on Bybit exchange accounted for 92% of the total losses, making it one of the largest cryptocurrency thefts to date. February saw the most severe losses, reaching up to $1.53 billion, while the losses from attacks in March significantly dropped to $33 million.

ChainCatcher news, according to official information, the RWA lending protocol Zoth has released the latest progress on the security incident investigation.Zoth stated that there have been no significant changes to the involved funds, and the team is closely collaborating with intelligence agencies and ecosystem partners to continuously track and investigate the attackers' related activities.The official said that their current key tasks include:Real-time monitoring of the fund flows of relevant wallets;Collaborating with on-chain analysis teams to trace the attackers' digital footprints;Coordinating with law enforcement agencies and legal teams to formulate the next steps.

ChainCatcher news, according to on-chain analyst @ai_9684xtpa's monitoring, two Maker whales with a net position of up to 84.4 million USD are facing liquidation risks, but as ETH drops to 1786 USD, the Maker whale positions have not been liquidated because MakerDAO uses an oracle security module (OSM). Even if the market price falls below these liquidation points, the actual system price is still updated with a delay.The system collects data from multiple authorized price oracles, calculates the median as a reference price through the Medianizer contract, and applies it with a delay of about 1 hour to prevent short-term fluctuations from being exploited. Currently, MakerDAO's system price is 1831.25 USD, which is still a certain distance from the liquidation prices of the two addresses.ChainCatcher previously reported, according to on-chain analyst @ai_9684xtpa's monitoring, significant fluctuations in ETH have led to two whales with a net position of up to 84.4 million USD facing liquidation:Address 0xab7...e2313 collateralized 64,792 WETH to borrow 68.09 million DAI, health factor 1.02, liquidation price 1,786.65 USD;Address 0x6bb...830b3 collateralized 608,104,792 WETH to borrow 74.73 million DAI, health factor 1.03, liquidation price 1,781.99 USD.

ChainCatcher news, according to Greenberg Glusker, T-Mobile has been involved in a cryptocurrency theft due to "multiple security vulnerabilities" that led to SIM card swapping attacks. The law firm Greenberg Glusker announced on March 20 that it has obtained a $33 million arbitration award against T-Mobile.The arbitration took place in the fall of 2023 and involved 12 days of testimony. According to Greenberg Glusker, the arbitration panel found that T-Mobile was responsible for "its multiple security failures that led to SIM card swapping attacks, resulting in the theft of cryptocurrency."

ChainCatcher news, Ethereum founder Vitalik Buterin published a long article titled "A simple L2 security and finalization roadmap," which outlines three core directions for optimizing Ethereum L2 security and finality:Expand data capacity: Increase the Blob space to 6 through the Pectra upgrade, and expand it to 72 (or gradually increase to 12-24) in the upcoming Fusaka upgrade at the end of the year, to meet the L2 transaction throughput demands;Implement a hybrid proof system for rapid finality: Use a 2/3 multi-signature mechanism (optimistic proof + ZK proof + TEE trusted hardware proof). If ZK and TEE verify simultaneously, finality is immediate; if only one is verified, it requires a 7-day optimistic challenge period. The security committee can urgently upgrade the proof logic but is subject to a 30-day delay, balancing immediate finality with attack resistance;Build a unified ZK proof aggregation layer: Standardize the proof aggregation protocol across the ecosystem, allowing multiple applications to share the cost of a single proof (e.g., 500,000 Gas), significantly reducing ZK verification overhead and promoting the adoption of L2, privacy protocols, and other scenarios. The goal of this roadmap is to achieve L2 cross-chain bridging finality within 1 hour and reduce costs through short-term hybrid verification mechanisms, while gradually eliminating TEE reliance with a long-term goal of full ZK implementation, ultimately establishing an efficient, secure, and trustless L2 ecosystem.

ChainCatcher message, according to the official announcement from SlowMist, the team has detected potential suspicious activities related to the $MIN token (BSC chain) and reminds users to stay vigilant and pay attention to the safety of their funds.

ChainCatcher news, Coinbase's cryptography lead Yehuda Lindell tweeted that Coinbase has released an open-source cryptographic library for the MPC engine, supporting ECDSA and Schnorr/EdDSA protocols for both two-party and multi-party signatures, and providing tools such as DKG and backups. The code includes foundational primitives like commitments, random oracles, and secret sharing, as well as oblivious transfer and a series of ZK proofs, suitable for threshold signature tasks.

ChainCatcher message, Slow Mist posted on social media stating that a serious vulnerability in ReachMe was discovered and promptly notified the team, working together with them to fix the issue.

ChainCatcher news, blockchain security company PeckShield has released the latest data showing that the loss amount from the GMX and MIM Spell security vulnerability incidents has increased to approximately 6260 ETH, equivalent to about 13 million USD at current market prices.

ChainCatcher news, security issues remain the biggest barrier to mainstream adoption of cryptocurrency payments. According to a survey conducted by Bitget Wallet of 4,599 users, over 37% of investors believe that security risks are the main obstacle to using cryptocurrency for payments. Nevertheless, 46% of users stated that they prefer crypto payments over fiat payments because crypto payments are faster and more efficient.

ChainCatcher message, Solana co-founder Anatoly Yakovenko responded to a user's point that "there's no reason to build L1, L2 can be faster, cheaper, and safer" by stating, "there's no reason to build L2, L1 can be faster, cheaper, and safer. They won't slow down due to the slow movement of the L1 data availability stack, nor do they have to compromise security through complex fraud proofs and upgraded multi-signatures."

ChainCatcher message, Slow Mist Cosine posted on platform X stating that a supply chain attack on Coinbase was carried out using the GitHub Actions CI/CD mechanism. Fortunately, it did not continue successfully; otherwise, the next security incident exposed would have been against Coinbase. The supply chain attack path on GitHub: reviewdog/action-setup -> tj-actions/changed-files -> coinbase/agentkit -> stealing GitHub Personal Access Token (PAT), cloud service-related keys, etc. Cosine suggests that if companies use reviewdog or tj-actions, they should conduct a self-check.

ChainCatcher news, according to official information, the RWA project Zoth has released an update regarding the theft, stating that the team is actively investigating the incident and collaborating with professionals to trace the stolen funds and facilitate recovery. Additionally, Zoth has partnered with Crystal Blockchain BV to conduct a comprehensive investigation into the incident.73% of Zoth platform's TVL (Total Value Locked) has been immediately secured with the help of the asset issuer. A detailed report will be shared in a few weeks.Zoth has announced a public bounty of $500,000. Any actionable leads that assist in the recovery of funds will be rewarded from the bounty.Previously, Zoth confirmed that it had encountered a security breach, and the attackers had exchanged the stolen funds for 4,223 ETH.

ChainCatcher message, the RWA lending protocol Zoth has issued a security announcement on social media, confirming that its system has encountered a security vulnerability attack. The announcement states: "Our system has encountered a security vulnerability. We are actively investigating this incident and taking all necessary measures to resolve the issue as quickly as possible."Zoth stated that it is working closely with partners to mitigate the impact and fully resolve the issue. Once the investigation is complete, the team will share a detailed report and clarify the situation.

ChainCatcher message, Slow Mist Yu Xian forwarded a security case about hardware wallet usage on platform X: "A user stored BTC in a hardware wallet thinking it was safe, but after a few years, when they took it out, they found the battery had swollen and it was unusable. They found the same model wallet and went to Huaqiangbei to replace the battery, only to discover that the wallet had been initialized and there was no backup, resulting in a permanent loss. This serves as a reminder that if you use a hardware wallet, you must also ensure proper backups. If you need to repair a hardware wallet, make sure to find a professional hardware team."Yu Xian commented on this: "After a few years, the battery has swollen and the wallet has been initialized? Which hardware wallet is this? We need to avoid it... If there is a mnemonic backup, it can be tolerated... But without a backup, it's really..."

ChainCatcher News, American cryptocurrency and artificial intelligence czar David Sacks met with UAE National Security Advisor Tahnoun bin Zayed Al Nahyan to discuss the transformative impact of artificial intelligence across various fields, the expanding role of digital currencies in reshaping the financial system, and the investment opportunities that arise when they converge.

ChainCatcher message, according to a warning issued by the SlowMist security team, the EOS blockchain is currently experiencing an address poisoning attack. Malicious accounts are sending users 0.001 EOS tokens to implement address poisoning, and multiple counterfeit trading platform accounts have been discovered.These attackers create fake accounts that are very similar to those of well-known trading platforms, such as the impersonation of OKX's "oktothemoon," with the real account being "okbtothemoon"; the impersonation of Binance's "binanecleos," with the real account being "binancecleos."