ChainCatcher message, the on-chain token trading platform DEXX is suspected to have been hacked, with multiple users in the community reporting that funds within the platform have been transferred out, possibly due to private key leakage. Currently, DEXX officials have not responded to this matter.According to community feedback, users are advised to transfer all tokens to a new on-chain wallet as soon as possible, and it is recommended not to exchange for SOL, as it will be instantly transferred out.

ChainCatcher message, according to on-chain detective ZachXBT monitoring, the cryptocurrency gambling platform Metawin was allegedly attacked earlier today, with over $4 million stolen on the Ethereum and Solana chains, linked to more than 115 theft addresses associated with the attacker. So far, the stolen funds have been transferred to Kucoin and HitBTC nested service.

According to ChainCatcher, a report from the security firm stated that in October 2024, there were a total of 20 hacker attacks in the cryptocurrency sector, resulting in losses of approximately $88.47 million. The top 5 hacker attacks include:RadiantCapital: $53 million (bridged to Ethereum);U.S. government seized funds: $20 million (returned);Eigenlayer: $5.7 million (money laundering transferred to HitBTC, Bybit);TapiocaFoundation: $4.7 million (BNBChain);SUNRAYFINANCE: $2.86 million (BNBChain).

ChainCatcher news, according to market news, a certain Genshin Impact related X account is suspected to have been attacked, and hackers used this X account to post tweets containing MEME coin contract addresses.

ChainCatcher news, according to the analysis by SlowMist's MistTrack, there is a suspected connection between the Indodax hacker and the BingX hacker, as they used the same address (0x0c74c11443e60e011f884f547729127380ca1992) for money laundering.The Indodax hacker operates on Polygon, while the BingX hacker operates on BSC.SlowMist founder Yu Xian stated: "We have found evidence of connections between the hacking incidents of BingX, Indodax, CoinEx, Alphapo, Stake, etc., all pointing to the North Korean hacker Lazarus Group."Previously, on September 11, the wallet of the Indonesian crypto exchange Indodax conducted over 150 suspicious transactions across different networks, with a total loss of approximately $18.2 million. The suspicious address is exchanging various tokens for Ethereum.Subsequently, on September 20, BingX was attacked, with the estimated total stolen assets exceeding $43 million.

ChainCatcher news, Chiliz Chain CEO Alexandre Dreyfus posted on the X platform that the official X account of Juventus Football Club is suspected to have been hacked. Please do not click on any suspicious links, including those related to fan single transactions and Socios. It is reported that they are working to recover the account, and once successful, they will contact the community.

ChainCatcher news, ZachXBT posted on his personal channel that the TapiocaDAO hack may have been caused by a team member downloading malware. This theft is also linked to other recent hacks, including Nexera, Concentric, Masa, SpaceCatch, Reach, Serenity Shield, and MurAll, triggered by a fake job scam.It is reported that approximately $4 million worth of stolen funds has been transferred from Arbitrum to BSC.

ChainCatcher message, according to monitoring by ZachXBT, the Eigenlayer X account is suspected to have been hacked. Please do not click on any links.

ChainCatcher news, the U.S. Department of Justice (DOJ) stated that the Federal Bureau of Investigation (FBI) arrested a man from Alabama for his involvement in the January 2024 hacking of the U.S. Securities and Exchange Commission (SEC) X account, an incident that caused a surge in Bitcoin prices.In January 2024, hackers posted false news claiming that the SEC was expected to release an announcement regarding Bitcoin, which led to a spike in cryptocurrency prices. An SEC spokesperson confirmed in a statement to The Guardian that the unauthorized posts on the @SECGov account "were not drafted or created by the SEC."

ChainCatcher news, Slow Mist releases an analysis of the Radiant Capital security incident (Arbitrum chain):Radiant Capital uses a multi-signature wallet (0x111ceeee040739fd91d29c34c33e6b3e112f2177) to manage key operations such as contract upgrades and fund transfers. However, the attacker illegally gained control of the owner permissions of 3 out of the 11 owners of the multi-signature wallet.Since Radiant Capital's multi-signature wallet employs a 3/11 signature verification model, the attacker first used the private keys of these 3 owners to perform off-chain signatures, and then initiated an on-chain transaction from the multi-signature wallet to transfer the ownership of the LendingPoolAddressesProvider contract to a malicious contract controlled by the attacker.Subsequently, the malicious contract called the setLendingPoolImpl function of the LendingPoolAddressesProvider contract, upgrading the underlying logic contract of the Radiant lending pool to a malicious backdoor contract (0xf0c0a1a19886791c2dd6af71307496b1e16aa232).Finally, the attacker executed the backdoor function, transferring funds from various lending markets into the attack contract.Previous news, Radiant Capital suffered a cyber attack, resulting in losses exceeding $50 million.

ChainCatcher news, according to official messages from EigenLayer, the unauthorized $5.7 million token sale incident was caused by a hacker attack, but the incident is isolated and will not affect its ecosystem. The team stated that this leak is unrelated to any on-chain functionality.In addition, EigenLayer also stated that there are no known vulnerabilities in the protocol or token contracts. EigenLayer further mentioned in the community update that they will continue to investigate and will release updates once more information is available.

ChainCatcher message, regarding the security incident where an email revealing that an investor transferred tokens to a custody address was hijacked by malicious attackers on EigenLayer, SlowMist's Yu Xian analyzed on platform X: "The attacker seems to have premeditated for quite some time. The attacker's address first received 1 EIGEN, and about 26 hours later received 1,673,644 EIGEN, all from a 3/5 multi-signature address.Then, a little over an hour later, various coin washing activities began. The gas came from ChangeNow, and the illegally obtained EIGEN was mainly exchanged for USDC/USDT, primarily washed through platforms like HitBTC.According to official statements, the reason the attacker succeeded is that 'the email was compromised.' It is estimated that in the email content, the expected receiving wallet address for EIGEN was replaced with the attacker's address, causing the project party to send EIGEN to the attacker's address. Even if they initially sent 1 EIGEN, it is possible that after the attacker received 1 EIGEN, they also sent 1 EIGEN to the expected receiving address, leading the expected recipient to believe the entire process was correct. Of course, this is just speculation, and the specifics should be based on official disclosures."

ChainCatcher news, according to IT Chosun, an executive from a subsidiary of South Korean internet giant Kakao is suing Kakao's blockchain division GroundX, claiming approximately 10 billion won (7.6 million USD).This legal action stems from a cryptocurrency hacking incident involving the integrated crypto wallet Klip in the Kakao Talk messaging app. The hacking incident occurred in March 2022, when the executive's Kakao Talk account was compromised. After the account was breached, the stolen cryptocurrency was transferred to overseas exchanges. During the lawsuit, a spokesperson for Kakao stated that the company is currently optimizing the integration of GroundX and lacks sufficient personnel to handle the situation.

ChainCatcher news, according to Beosin Alert monitoring and early warning, as of September 25, the total loss in the Web3 sector due to hacker attacks, phishing scams, and project Rug Pulls in Q3 2024 has reached $730 million. Among them, there were 23 major attack incidents, with a total loss of approximately $430 million; 3 project Rug Pull incidents, with a total loss of about $4.24 million; and total losses from phishing scams amounting to approximately $295 million.In terms of the types of attacked projects, the highest losses were incurred by CEX, with 3 attacks on CEX causing approximately $297 million in losses, accounting for about 40.6% of all attack losses.In terms of losses by chain, Ethereum remains the chain with the highest loss amount and the most attack incidents. 21 attacks and phishing incidents on Ethereum caused losses of $348 million, accounting for about 47.6% of the total losses.Regarding attack methods, there were 5 private key leakage incidents in Q3, resulting in losses of $305 million, accounting for about 41.7% of the total attack losses, making it the most prevalent type of attack.In terms of the flow of funds, only about $16.9 million of the stolen funds have been frozen or recovered. The vast majority (approximately 78.9%) of the stolen funds are still stored in the attackers' on-chain addresses.Compared to the same period in 2023, the total losses due to hacker attacks, phishing scams, and project Rug Pulls in Q3 2024 have slightly decreased to $730 million (the figure for Q3 2023 was $889 million). Factors such as the decline in cryptocurrency prices in Q3 2024 have had some impact on the reduction of the total amount, but overall, the situation in the Web3 security sector remains grim. Among the more than twenty attack incidents in Q3, 18 were still due to contract vulnerabilities, suggesting that project parties should seek professional security companies for audits before going live.

ChainCatcher news, according to The Block, based on data from the Web3 bug bounty platform Immunefi, the crypto industry lost $413 million in the third quarter due to hacks and fraud, with the largest losses being from cryptocurrency exchanges WazirX and BingX, which were stolen $235 million and $52 million, respectively.

ChainCatcher news, according to The Block, ZachXBT stated that the crypto project Truflation, supported by Coinbase Ventures, suffered a hack, resulting in a loss of approximately $5 million, with funds stolen from the treasury's multi-signature and personal wallets.Truflation posted on X platform that it has detected unusual activity and confirmed that it has been attacked by malware. The project stated that it is monitoring the situation and taking measures to protect funds while cooperating with law enforcement for an investigation. Truflation also announced that staking operations are currently unavailable, and liquidity on decentralized exchanges is limited.

ChainCatcher news, according to monitoring by Shield, the WazirX attackers have transferred 4,250 ETH to a new address, worth approximately 11 million dollars.

ChainCatcher message, the yield hedging protocol Tranching Protocol states that the official Twitter account @TranchingPro has recently been hacked, and unauthorized individuals have posted a series of false content, misleading community members to participate in fraudulent token issuance activities. A serious reminder to all users: there are currently no new token issuance plans on the platform, and all recent information related to tokens is false.Please recognize the official new Twitter of Tranching Protocol: @GoTranching. In addition, Tranching Protocol is actively taking measures to regain account control and advises community members to avoid clicking, participating in, or forwarding any links or content recently posted by that account. If you have already participated, please take protective measures immediately and report the relevant content.Tranching Protocol will update on the progress of handling the situation as soon as possible, and once again reminds users to stay vigilant and pay attention to asset protection.