ChainCatcher news, BTCFi project Solv Protocol co-founder Ryan Chow stated, "After experiencing a whole day of baseless public opinion attacks regarding '1,800 RUG' and 'private agreements' yesterday, today Solv has faced even more absurd accusations. These accusations invariably target the core asset security issues, but their basis is erroneous and contradictory, attempting to mislead the public through confusion. In response, we have decided to address these claims head-on and shatter these false statements with facts."Regarding the accusation from Nubit co-founder Hans about the misappropriation of the underlying BTC of SolvBTC.BBN, Chow pointed out that the mempool transactions cited by the other party are actually routine operations of SolvBTC.CORE. According to the project mechanism, SolvBTC.CORE needs to re-stake BTC to a new script address every half month, with the last staking occurring on December 19, and the extraction and re-staking taking place on January 2, which is also the reason for updating the address to DeFiLlama.Additionally, in response to the doubts about the decline in TVL of SolvBTC.BBN during Babylon Cap3, Chow stated that this is due to the project initiating a normal redemption mechanism, which precisely reflects the product's liquidity and flexibility. At the same time, he also refuted market speculation regarding the "BTC three flowers," which suggests that the same BTC is counted three times in the TVL.Chow emphasized that as a project that has been deeply engaged for four years, Solv is facing such a meticulously planned attack during the sensitive period leading up to the TGE (Token Generation Event), and has provided ample on-chain evidence and technical documentation to support its position, inviting the market and users to make their own judgments.

ChainCatcher news, FEG officials posted on X: "If you purchased tokens after the attack event, you must return them, or you will lose your funds. We will buy back the amount you paid for FEG and additionally reward you with 25% to honor your loyalty.The deadline for sending tokens is January 2, 2025, at 9:00 AM, after which there will be no more buybacks."Previous news, FEG suffered losses of approximately $1 million.

ChainCatcher news, according to monitoring by Shield, in December 2024, there were over 25 hacking incidents in the cryptocurrency sector, resulting in approximately $24.7 million in losses, a 71% decrease compared to the previous month, making it the month with the least losses this year.The top 5 attack incidents are as follows:LastPass: $12.38 million;Yeifinance: $2.2 million;GemPad: $2.2 million;MEMECoin Drainer: $2.2 million;FEGToken: $1.3 million.

ChainCatcher news, Tether CEO Paolo Ardoino posted on the X platform that the paid trolls who have been attacking Tether for years are the same group of people attacking Bitcoin and promoting some useless technologies. Tether loves Bitcoin, and together with the community, we will be unstoppable.

ChainCatcher message, Slow Mist tweeted to remind users to be vigilant against phishing attacks disguised as Zoom meeting links, where attackers use the domain "app[.]us4zoom[.]us" to impersonate legitimate Zoom meeting links. The webpage closely mimics the real Zoom meeting interface, and when users click the "Start Meeting" button, it triggers the download of a malicious installation package instead of launching the local Zoom client. Hackers collect user data and decrypt it to steal sensitive information such as mnemonic phrases and private keys. These attacks often combine social engineering and trojan techniques.

ChainCatcher message, Scam Sniffer has issued a security alert, with users reporting that accessing a certain Singapore news portal redirects them to a fake website for Pudgy Penguins. Investigations show that this is part of a larger malicious advertising campaign. The attack works as follows:Malicious ads are served through the Google ad network.Ads load suspicious code from Adloox.The code checks if you have a web3 wallet.If detected, it redirects to a fake website named pudqypenguin.Currently, the attack is only targeting Pudgy Penguins users, but this method can easily be applied to other projects. Users are reminded to carefully check the URL.How to protect yourself: Enable ad blockers; use a separate browser for crypto activities; carefully check the URL before connecting your wallet; install browser security extensions.

ChainCatcher news, according to Cyvers Alerts monitoring, the USDC lending contract of Moonwell on the Optimism network has suffered a flash loan attack. The attacker used a malicious contract address as mToken to obtain unauthorized token approvals from Moonhackers, thereby stealing funds. The attacker received funding support through Tornado Cash on the Ethereum network, and the stolen USDC has been exchanged for DAI, which is currently stored in the attacker's wallet.

ChainCatcher message, according to Scam Sniffer monitoring, a victim lost 1 million dollars due to counterfeit Zoom malware, related to the us04-zoom[.]us threat actor. Currently, cases of private key theft malware are on the rise, and it is essential to strictly verify sources and conduct security scans before installation.

ChainCatcher message, according to CertiK Alert monitoring, the Moonhacker contract has suffered a flash loan attack, with current losses of approximately $320,000. The vulnerability is located in the Moonwell lending pool on Optimism. The attacker input the contract address as "mToken" to gain additional token authorization from Moonhackers and deplete it.

ChainCatcher news, according to the official announcement, Hyperliquid Labs has stated that it is aware of reports regarding the activities of so-called North Korean hacker addresses. In fact, Hyperliquid has not suffered any attacks from North Korean hackers—nor has any form of attack occurred. All user funds are being managed properly.Hyperliquid Labs takes operational security very seriously. No party has disclosed any vulnerabilities. As always, Hyperliquid Labs offers a generous reward program for vulnerability reports and adheres to industry best standards for blockchain analysis.Previously, someone claimed to be from the security side and attempted to contact Hyperliquid Labs. To clarify, Hyperliquid Labs has never received any allegations regarding attacks on its platform. This party added a fraudulent account to the group chat and subsequently communicated with us using insults and profanity. Given the level of professionalism displayed, Hyperliquid Labs confirmed with trusted parties to ensure that it is following best practices.

ChainCatcher message, the rise of Bitcoin faces a risk that most cryptocurrency investors do not pay attention to: quantum computing, a breakthrough that threatens not only Bitcoin but also traditional finance, as many online banking systems use variants of public key encryption technology. However, security experts warn that Bitcoin may be a particularly tempting target for quantum thieves. Skip Sanzeri, co-founder of the startup QuSecure, which specializes in quantum-safe cybersecurity, said, "Bitcoin will become a target for crazy attacks. Banks have certain regulations, defense mechanisms, and the ability to protect customers, while Bitcoin is the 'wild west.' If your Bitcoin is stolen, your wallet will not compensate you."

ChainCatcher news, according to DL News, Cozy Finance's latest research shows that less than 50% of DeFi projects that have been hacked survive. Cozy surveyed 64 projects that had at least $1 million in user deposits at the time of the hack, and found that 39% of the projects (i.e., 25 projects) successfully survived.The report points out that many DeFi founders are pessimistic about hacking attacks. Although they strive to implement the best security measures to prevent attacks, they often believe that once hacked, the project may come to an end. However, the research indicates that the likelihood of project survival is greater than expected.

ChainCatcher news, Codatta and DPath.ai have teamed up to release an optimized version of the TCGA PRAD dataset. Through the Codatta platform, global pathology experts are invited to participate, elevating traditional slice-level labeling to ROI region-level spatial annotation, significantly improving the accuracy, detail, and transparency of diagnoses.This collaborative project processed 435 whole slide images, optimized 245 cases, and confirmed the accuracy of 190 annotations, providing critical resources for AI model training and pathology research. Codatta's Royalty Model allows contributors to retain data ownership and gain ongoing revenue through data value growth, while also offering broader data access opportunities for small and medium-sized AI startups.This project demonstrates the potential of decentralized and community-driven solutions in advancing medical AI innovation, highlighting Codatta and DPath.ai's leadership in the field of high-quality data creation.

ChainCatcher news, on-chain detective ZachXBT updates that the assets stolen by the LastPass attacker have risen to $12.38 million, coming from over 100 victim addresses.Previous news, on-chain analyst ZachXBT disclosed that the LastPass attacker targeted over 40 victim addresses, stealing approximately $5.36 million in crypto assets. The attacker then exchanged the stolen funds for ETH and attempted to cover the flow of funds by transferring assets across chains from the Ethereum network to the Bitcoin network through multiple instant exchanges.

ChainCatcher news, the Solana ecosystem algorithmic stablecoin protocol Nirvana Finance has announced that it has opened the claims for compensation and will launch Nirvana V2 on December 18 at 2:00. Original ANA holders can experience the application in advance.Previously, in July 2022, hacker Shakeeb Ahmed stole approximately $3.5 million in stablecoins by manipulating the protocol's pricing mechanism. After collaborating with the U.S. Department of Justice, Department of Homeland Security, and IRS, Nirvana successfully recovered the stolen funds, and Ahmed was sentenced to three years in prison, during which he was ordered to return the cryptocurrency and pay $3.4 million in restitution. (Jin Shi)

ChainCatcher news, on-chain analyst ZachXBT revealed that the LastPass attackers targeted over 40 victim addresses, stealing approximately $5.36 million in crypto assets. The attackers then exchanged the stolen funds for ETH and attempted to obscure the flow of funds by transferring assets across chains from the Ethereum network to the Bitcoin network through multiple instant exchanges.

ChainCatcher news, according to Forbes, security company ESET has just released its latest threat report, which examines the threat landscape trends from June to November 2024. The number of password theft attacks targeting cryptocurrency wallets has increased, with the most significant rise occurring among macOS users.The report states: "According to ESET's telemetry data for the second half of 2024, the number of password-stealing software across multiple platforms (especially Windows, macOS, and Android) has increased," but compared to the first half of the year, the detection of password-stealing software targeting cryptocurrency wallets on macOS has more than doubled. Meanwhile, the number of password-stealing software on the Windows platform grew by 56%, while financial threats on the Android platform, including password-stealing malware, increased by 20%.ESET's analysis shows that the number of password-stealing software targeting the macOS platform (especially those related to cryptocurrency wallet credentials) surged by 127%. Security researchers noted: "Although these threats cannot be simply classified as password-stealing software just because they have broader functionalities, they do reveal a significant upward trend in password theft activities on the macOS platform." From a geographical perspective, ESET's analysis indicates that attacks on Bitcoin and other cryptocurrencies targeting macOS are mostly aimed at the United States, followed by Italy, China, Spain, and Japan.

ChainCatcher news, NFT project Pudgy Penguins' security officer Beau posted that a phishing email attack regarding fake PENGU tokens has been discovered, reminding community users to remain cautious. Token release information will only be published on Pudgy Penguins' official X account and Discord channel. The community should verify all content through official channels to ensure its authenticity. As of now, Pudgy Penguins has not provided any token listing or claiming website.

ChainCatcher message, Scam Sniffer disclosed on the X platform that two victims recently lost 272 SOL due to a Solana address poisoning attack. The same fraudster has caused over 3.1 million dollars in losses through Solana address poisoning attacks in the past month.