ChainCatcher news, Slow Mist posted on platform X stating that the devices of Safe developers were compromised, leading to the injection of malicious code into the frontend, which intercepted and modified transaction parameters. After a quick verification, it was found that there was indeed malicious code behind the js files of the Safe frontend, and the related address (0xbdd077f651ebe7f7b3ce16fe5f2b025be2969516) is involved in the malicious execution contract that siphoned off 1.5 billion assets from ByBit.

ChainCatcher news, Safe responded on platform X to Bybit's hacking forensic report, stating that the forensic review of the targeted attack by the Lazarus Group on Bybit concluded that the attack on Bybit Safe was executed through compromised Safe{Wallet} developer machines, leading to disguised malicious transactions.Lazarus is a government-backed North Korean hacking organization known for its complex social engineering attacks on developer credentials, sometimes combined with zero-day vulnerabilities. The forensic review by external security researchers did not indicate any vulnerabilities in the Safe smart contracts or the source code of the front end and services.Following the recent incident, the Safe{Wallet} team conducted a thorough investigation and has now phased the restoration of Safe{Wallet} on the Ethereum mainnet. The Safe{Wallet} team has completely rebuilt and reconfigured all infrastructure and rotated all credentials to ensure the complete elimination of the attack vector.After the final results of the investigation are released, the Safe{Wallet} team will publish a complete post-mortem analysis. The Safe{Wallet} front end is still operational and has implemented additional security measures. However, users need to be extra cautious and vigilant when signing transactions.

ChainCatcher message, according to official news, the Safe security team is working closely with Bybit to conduct an ongoing investigation.Currently, no evidence has been found that the official Safe frontend has been compromised. However, out of caution, Safe{Wallet} has temporarily suspended certain features. User safety is our top priority, and more updates will be provided as soon as possible.

ChainCatcher news, the cross-chain liquidity protocol Stargate tweeted that the TON mainnet has launched Stargate, allowing users to cross-chain to TON from the Stargate frontend. Yesterday, LayerZero was deployed to TON.

ChainCatcher message, the DEX protocol Ambient Finance on the Scroll chain stated on platform X that the domain has been hijacked and is currently working with the ban team and the domain registrar to resolve the issue as soon as possible. The contract is completely safe, and funds are secure. However, please do not interact with the Ambient Finance frontend until further notice.

ChainCatcher news, the encrypted front-end hosting solution EarthFast announced the completion of a $1.4 million Pre-Seed funding round, led by TheGP and Nascent, with participation from Bodhi Ventures, Infinex founder Kain Warwick, and Audius co-founder Roneil Rumburg.According to reports, EarthFast was initially launched in 2022 as a community project called Armada Network. EarthFast's first product is a front-end hosting solution that allows projects to transfer the responsibility of updating and deploying websites to a DAO, governance contract, or any other on-chain entity.

ChainCatcher news, Ethena Labs posted on X that its team has closely collaborated with the registrar and has regained control of the domain name, and the protocol has not been affected. Currently, the Ethena frontend has been restored, and the system has not been compromised.Previous news, according to the official announcement from Ethena Labs, the domain registration account of Ethena was recently compromised, and the team has taken measures to temporarily disable the website to protect user safety. The official statement emphasizes that the protocol has not been affected, and funds are safe.

ChainCatcher news, according to the official announcement from Ethena Labs, the domain registration account of Ethena was recently compromised, and the team has taken measures to temporarily disable the website to protect user safety. The official emphasized that the protocol was not affected and funds are safe.Ethena Labs has now regained control of the domain and has collaborated with multiple parties to block phishing sites. The only valid official domain is ethena[.]fi, and the team will relaunch the frontend website after completing further investigations. Ethena reminds users not to interact with any counterfeit Ethena applications or websites.

ChainCatcher news, Zypher Network announced on social media that it now supports developers using the Cocos Creator engine for frontend development, with backend integration of ZK components to quickly develop Telegram games based on the TON chain. Zypher Network mentioned that this innovation allows for the rapid expansion of Web2 games on Telegram into dApps, effectively assisting existing Web2 games based on Telegram to transition to a more decentralized model, which will significantly lower the barrier for developers to create games on the TON network.It is reported that Zypher Network is a game asset protocol driven by Zk and AI, with a ZK-Proof mining incentive layer ensuring the security and verifiability of game data. It supports both the EVM ecosystem and the TON ecosystem, and is the first project to support zk verification on TON (The Open Network), having already achieved zk game development on the TON chain. Zypher Network has established strategic partnerships with several zk projects, including: Risc Zero, Gevulot, Ingonyama, Polyhedra, etc., and will launch the ZK-Proof mining network within the next two months.

ChainCatcher message, according to Scam Sniffer monitoring, KlapAI has been hacked, and malicious code has been injected into the front end. Users are advised to use it with caution to avoid phishing risks.

ChainCatcher news, according to Bitcoin.com, MakerDAO co-founder Rune Christensen warned that the EU's interpretation of the Markets in Crypto-Assets Regulation (MiCA) could disrupt the decentralized finance (DeFi) ecosystem in Europe.Christensen stated that he heard European financial regulators might require every DeFi front end in the region to register and obtain a license to operate. This would prevent DeFi front ends on regular internet domains from continuing to provide services. Only decentralized, locally downloaded front ends, as well as those implementing KYC measures, would be able to continue operating.It is reported that the absence of front ends, which are an important channel for ordinary users to interact with DeFi protocols, would not render DeFi completely unusable, but it would significantly hinder access for European users, especially new users lacking technical backgrounds. Christensen believes this would lead the EU to regress to the "Stone Age" in terms of accessing DeFi services, while users in other regions would remain unaffected, with front ends operating as usual.However, Mikko Ohtamaa, co-founder of Tradingstrategy, pointed out that this regulation stems from the 2023 Financial Action Task Force (FATF) guidance. Ohtamaa stated that national regulators could choose not to blindly follow these rules and could even ignore them.

ChainCatcher news, Slow Mist founder Yu Xian posted on X that the Tornado Cash IPFS version frontend has backdoor code that can hijack deposit receipts. Additionally, due to governance attacks, malicious proposals have been quietly passed. The malicious code has been present for nearly two months, during which some attackers' mixed funds may have been blackmailed by this backdoor.

ChainCatcher news, the Uniswap Foundation has released an RFP proposal for "Uniswap V4 Frontend for Pool Launchers and LPs," seeking an engineering team focused on user experience to develop a frontend interface for the new liquidity pool launchers and LPs on Uniswap V4, aimed at simplifying the process of establishing initial liquidity pools for new tokens and implementing liquidity incentives.It is reported that the team is required to deliver the Uniswap V4 interface, comprehensive user documentation and educational materials, provide initial hosting and maintenance for the frontend interface for a period of 2 years, and continuously improve and optimize the interface. The Uniswap Foundation has allocated $300,000 for this 2-year plan and is willing to consider proposals that exceed the budget by 25%.The Uniswap Foundation stated that the public submission date for related RFP proposals is from January 15, 2024, to February 1, 2024, with grant allocation scheduled for February 15, and project launch on February 16, with both individuals and teams eligible to apply.

ChainCatcher message, Balancer has released an update on platform X: The Ledger Connect issue announced yesterday has now been reported as fixed. Balancer was not affected, and the frontend can be used safely. All users are advised to remain vigilant and trade cautiously.

ChainCatcher message, the decentralized trading protocol Velodrome in the Optimism ecosystem and its fork DEX Aerodrome deployed on Base both tweeted that their service provider is suspected of being attacked again. Please do not interact with their frontend.

ChainCatcher message, the decentralized exchange Trader Joe has issued an important security alert on social media, stating that it has received warnings about potential vulnerabilities in the front-end interface. The team is conducting a thorough investigation immediately and strongly advises all users not to trade or execute any transactions on the Trader Joe DEX.

ChainCatcher message, Frax Finance stated on platform X that, until further notice, do not use the frax.finance and frax.com domain names. Meanwhile, its founder Sam Kazemian tweeted that do not use frax.finance until the domain name is reclaimed.