ChainCatcher news, decentralized exchange (DEX) Clipper clarifies that there was a vulnerability in its withdrawal function, which led to a recent hack of its protocol, resulting in a loss of $450,000, rather than the "third party" claim of a private key leak.Clipper stated: "On December 1, the attacker exploited two liquidity pools, locking approximately 6% of the total value. A third party claimed there was a private key leak issue. We can confirm that this is not the case and is inconsistent with Clipper's design and security architecture. The withdrawal function in the form of a token (bundled exchange + deposit/withdrawal transactions) has been disabled."Previously, the co-founder of security company Fuzzland posted on X that Clipper was "hacked due to an API vulnerability (such as private key leakage)," adding that the API might have vulnerabilities that allowed attackers to sign deposit and withdrawal requests, stealing more funds than they deposited.

ChainCatcher news, DeBox officially announced that due to the leakage of the private key of the EOA wallet of the DeBox operational account, 31.03 ETH and 4.879 million BOX were stolen. The official emphasized that this incident is unrelated to the asset security of platform users, and the community can rest assured.The response plan includes:Stabilization Fund Buyback: The stabilization fund will be used to buy back the stolen tokens from exchanges, expected to be completed within a week.Token Distribution: All repurchased tokens will be injected into the BOX DAO asset pool, with specific uses to be decided by community voting.Account Security Upgrade: Once the DeBox App supports multi-signature login, the operational account will be migrated to a multi-signature wallet.Tracking and Accountability: A professional security company has been commissioned to conduct investigations and asset tracking, with progress updates to be provided regularly. Any recovered assets will be managed through BOX DAO voting.The DeBox team stated that they will continue to track the theft address and reserve the right to take legal action, while also committing to continue building an open, transparent, and sustainable ecosystem.Previous news, the DeBox project has dropped over 30% in the past 24 hours, with Uniswap V2 pool liquidity remaining at only $2,900, and total on-chain liquidity around $10,000.

ChainCatcher message, the DeSci project Pump Science announced this morning that its test wallet (address starting with T5j2UB) has suffered a private key leak due to negligence in the GitHub code repository. This wallet has been marked as the off-chain creator of URO and RIF tokens on the pump.fun platform, and attackers may exploit this private key to issue more tokens.The project team stated that this private key was initially used for testing purposes only, and the development team mistakenly believed it was unimportant. Pump Science reminds users that any new tokens issued by this compromised wallet, aside from URO and RIF, should be considered scams.As a result, URO is currently priced at 0.034 USDT, with a 24-hour decline of 30.55%; RIF is priced at 0.0846 USDT, with a 24-hour decline of 36%.

ChainCatcher news, according to CertiK monitoring, the largest hacker losses so far in October are due to private key leaks. In the third quarter, most losses were caused by PKC and phishing. Since the beginning of this month, CertiK has recorded 3 major PKC incidents, with total losses of approximately 60 million dollars: of which Radiant Capital is about 55 million dollars, Tapioca DAO about 4.5 million dollars, and Burve Protocol about 500 thousand dollars.

ChainCatcher news, OKLink released the July 2024 security report, stating that the cumulative losses from on-chain security incidents across the network amount to approximately $290 million. Losses due to private key leaks account for 88.31% of the total losses, phishing incidents account for 3.03%, REKT incidents account for 7.33%, and RugPull incidents account for 1.31%.On July 18, the private key of the WazirX exchange's multi-signature wallet was leaked, resulting in a loss of approximately $235 million, making it the largest security incident in July. On July 16, the LiFi Protocol cross-chain bridge aggregation protocol was attacked, leading to a loss of about $10 million. The attacker exploited a vulnerability that allowed arbitrary calls to steal assets authorized by users of this contract.In addition, there were a total of 14 incidents of scams and phishing on official social media, resulting in losses of approximately $3.89 million, a decrease of 81.34% compared to June. OKLink reminds users not to disclose your private keys or mnemonic phrases to anyone, not to click on unverified links, and to learn how to use Web3 on-chain tools to mitigate risks. This is an important line of defense in protecting yourself in the Web3 world.

ChainCatcher news, Wintermute research director Lgor Lamberdiev stated that pump.fun was likely attacked due to a private key leak, resulting in the theft of 2000 SOL and a large amount of MEME coins.Lamberdiev also mentioned that the service account address 5PXxuZ somehow signed the txs, transferring funds to the attacker and random addresses, instead of deploying the Raydium pool, which strongly suggests that the attack was likely caused by the leak from pump.fun.

ChainCatcher news, according to the Beosin KYT anti-money laundering analysis platform, the address 0x121ad060686848b196df8ca5c5e24722efe57115 on the Ronin chain, jihoz.ron (0xa09a9b6f90ab23fcdcd6c3d087c1dfb65dddfb05), is suspected of private key leakage. Multiple tokens were transferred to the address 0x39f817976c51a91b60145febad81067e69713105, exchanged for ETH, and then cross-chain to Ethereum, subsequently flowing directly into Tornado.cash.

ChainCatcher message, Bit Jungle analyzed the reasons behind the theft of a certain cryptocurrency wallet related to Binance deployers yesterday. It is reported that a certain cryptocurrency wallet related to Binance deployers was stolen yesterday, with hackers stealing 27.07 million USDT and 11 ETH from the wallet. Subsequently, the hackers cross-chained most of the funds and further transferred assets through ChangeNow, FixedFloat, SideShift, and others. However, a small portion of the funds has been converted to ETH and has not yet been transferred.

ChainCatcher news, the on-chain analysis agency X-explore posted on social media stating that it believes the reason for the attack on Poloniex is the leakage of private keys, and the attackers are the Lazarus Group.It is reported that this attack is similar to the attack on Stake.com on September 4, 2023, where hackers stored different tokens in different addresses, with each address handling only one type of token.

ChainCatcher message, Slow Mist founder Yu Xian posted on social media that through the analysis of Slow Mist's on-chain behavior (across multiple networks including Base/ETH/BSC), it was determined that the account private key of friend.tech user Pangchy is at risk of being leaked. As for the leakage channel, it can be referenced in the owner's investigation, but it cannot be confirmed at this time.Yu Xian stated that users are using third-party bots that run on Telegram, which are all centralized. Once the private key is given away, the risk is hard to assess.

ChainCatcher news, TokenPocket CBO Michael tweeted, "Discovered a new type of coin theft method. In KTVs abroad, scam gangs quietly modified the shared power banks and implanted malicious programs. Guests sing and drink in the KTV for half a day, and their phones easily run out of battery, so they borrow a power bank. As a result, you think the power bank is charging your phone, but it's actually reading data from your phone and stealing the private keys from your wallet." (Source link)

ChainCatcher news, according to SlowMist Intelligence, today MetaMask security team member @tayvano_ reminded on Twitter that a large number of wallet user private keys may have been leaked between 2014 and 2022, potentially leading to over 5000 ETH being stolen. The SlowMist security team has tracked this and found no signs or evidence proving it belongs to any specific wallet or platform, and there is no so-called "massive leak of MetaMask wallets" issue.At the same time, today the SlowMist security team reminded on Twitter that the iOS and macOS security updates are unrelated to the above incident and are part of routine security alerts.

ChainCatcher news, Kuan Sun, the founder of the encrypted derivatives trading company Eureka Trading, stated: "Last June, I lost 15 million USD due to a private key leak and was hacked. Currently, I have some preliminary IP and other information, but I have not yet been able to identify the hacker. I hope that individuals or organizations capable of providing valuable clues can assist in recovering the funds, and I can offer a reward."He added, "Hacker address: 0xa1ac23be458e14ac0a0003dc1343d2ac575ea3b6. At least 20% of the funds will be used as a reward, with the specific proportion depending on the level of contribution. So at least 3 million USD in rewards is available for those who are capable." (source link)

ChainCatcher news, blockchain auditing company CertiK stated that approximately $3.7 billion was lost in 2022 due to fraud and hacking attacks, making it the year with the most severe malicious activities in market history. In December, the losses from crypto attack incidents were about $62.6 million, a decrease of approximately 88% compared to November, making it the month with the least amount of funds lost due to malicious activities in 2022.It is reported that private key leakage incidents remained frequent in December, with some private keys suspected to have been leaked due to Trojan attacks or supply chain attacks. (CoinDesk)

ChainCatcher news, Bitcoin core developer Luke Dashjr tweeted that almost all of his Bitcoin was stolen due to the leak of his PGP (Pretty Good Privacy) private key. According to on-chain data, Luke Dashjr's wallet address conducted four transactions on December 31, transferring 216.93 BTC, worth approximately 3.5 million dollars at current prices.It is reported that PGP is the first widely used encryption software to implement public key cryptography, utilizing a hybrid cryptosystem architecture that employs both symmetric and asymmetric encryption to achieve a high level of security. Binance founder Changpeng Zhao commented that he would cooperate with the investigation and has notified the Binance security team to monitor the situation, while reminding users that "self-custody comes with various risks." (source link)

ChainCatcher news, Raydium officials stated regarding the attack that occurred yesterday, the vulnerability seems to stem from a trojan attack and the leakage of the pool owner's account private key. The attacker accessed the mining pool owner's account and was able to call the withdrawalPNL function, which is used to collect transaction/protocol fees earned from swap trades in the pool. The affected pools include SOL-USDC, SOL-USDT, RAY-USDC, RAY-USDT, etc., with a total loss of approximately $4.395 million.Additionally, as an immediate solution, the permissions of the previous mining pool owner have been revoked, and all accounts have been updated to new hardware wallet accounts, so the attacker no longer has access and cannot exploit these pools for further attacks. If the attacker returns the funds, a 10% reward will be offered to the hacker for the stolen funds, treated as a white hat bounty. (source link)

ChainCatcher news, according to security experts from OKLink of OK Group, the situation of Shen Bo's personal wallet assets being stolen involved the stolen address directly initiating a transfer transaction, transferring assets such as ETH and USDC to other addresses, rather than using transferFrom. Therefore, the reason for the theft is not the usual authorization phishing, but likely a private key leak. Additionally, the stolen address has already swapped 38 million USDC for DAI, making it impossible to freeze through centralized entities.According to data from OKLink's multi-chain browser, Shen Bo's personal address (ending in 5e894) was hacked and lost 38 million USDC and 1,606 ETH at 13:48 Beijing time on November 10. Currently, Shen Bo's personal address has only 1.05 ETH left, and the value of ERC20 tokens is approximately 33 USD. (Source link)