ChainCatcher news, the on-chain trading terminal DEXX has released an update regarding the recent security incident: "DEXX has officially filed a lawsuit, and the SlowMist team is actively assisting law enforcement with the follow-up investigation. At the same time, DEXX is actively discussing a compensation plan. Regarding compensation, the platform makes the following solemn statement:If all assets can be recovered, DEXX will immediately provide full compensation to ensure that users' interests are not affected.If only part of the assets can be recovered, the platform will still fulfill its compensation responsibilities; the specific compensation plan will be determined based on the amount recovered. DEXX is currently mobilizing all resources and efforts to recover the stolen assets and resolve the issue as soon as possible."Previous news, according to SlowMist statistics, the DEXX incident has confirmed over 900 victims, with total losses estimated at 21 million USD.

ChainCatcher news, the cryptocurrency exchange M2 issued a statement regarding a security incident, stating that on October 31, M2 experienced a cybersecurity event involving $13.7 million. M2 takes full responsibility for the potential losses, all services have now been restored, and M2 has implemented additional control measures.Previous news, according to ZachXBT, the cryptocurrency exchange M2 was hacked yesterday, with approximately $13 million stolen from hot wallets across multiple chains.

ChainCatcher message, Radiant Capital has issued a reminder on X regarding the security incident, stating that all users need to take immediate action to protect their wallets.If you have ever interacted with Radiant (or believe you may have), you must immediately revoke authorization for the affected contracts, or you risk having your funds stolen. Please use revoke.cash to protect your assets by removing any permissions to prevent further losses. Radiant will continue to fully track and freeze the stolen funds and work closely with security experts and law enforcement.It is reported that Radiant Capital was previously hacked, resulting in a loss of $53 million.

ChainCatcher message, the Safe team reviewed the security incident mentioned in the post-mortem report of Radiant Capital, noting that the Safe {Wallet} front-end functioned normally, but external devices were compromised during the signing process, allowing hackers to replace transaction data and trick signers into signing malicious transactions.The Safe team believes this incident highlights the risks of blind signing, where users approve transactions without fully viewing the transaction details, especially when using hardware wallets. To address this issue, Safe recommends using multiple signing devices from different vendors (for example, a combination of Ledger and Trezor) and connecting these devices through trusted interfaces to enhance transaction visibility and security.Additionally, Safe is exploring technologies like conditional signing to provide more contextual information without sacrificing security. The Safe team is considering directly calculating the Ledger hash in its interface so that users can verify the hash displayed on the hardware wallet and the interface. The Safe team emphasizes that all parties in the ecosystem need to collaborate to address the blind signing issue and is committed to working with hardware wallet providers and the community to improve transaction and message signing processes.

ChainCatcher news, Slow Mist releases an analysis of the Radiant Capital security incident (Arbitrum chain):Radiant Capital uses a multi-signature wallet (0x111ceeee040739fd91d29c34c33e6b3e112f2177) to manage key operations such as contract upgrades and fund transfers. However, the attacker illegally gained control of the owner permissions of 3 out of the 11 owners of the multi-signature wallet.Since Radiant Capital's multi-signature wallet employs a 3/11 signature verification model, the attacker first used the private keys of these 3 owners to perform off-chain signatures, and then initiated an on-chain transaction from the multi-signature wallet to transfer the ownership of the LendingPoolAddressesProvider contract to a malicious contract controlled by the attacker.Subsequently, the malicious contract called the setLendingPoolImpl function of the LendingPoolAddressesProvider contract, upgrading the underlying logic contract of the Radiant lending pool to a malicious backdoor contract (0xf0c0a1a19886791c2dd6af71307496b1e16aa232).Finally, the attacker executed the backdoor function, transferring funds from various lending markets into the attack contract.Previous news, Radiant Capital suffered a cyber attack, resulting in losses exceeding $50 million.

ChainCatcher news, Symbiotic posted on X to review the recent social media account security incident.Symbiotic stated that, in addition to breaching the X account, the hackers also purchased a counterfeit domain on September 19, 2024, which appeared to be identical to the domain posted by the official Symbiotic account. Furthermore, the hackers created a Google Workspace account on that domain, intending to impersonate the email associated with the corporate X account.Symbiotic mentioned that although access to the X account has been restored, the investigation into this incident is ongoing. No potential avenues for recourse are being ruled out, and all feasible options for holding the hackers accountable are being explored. Symbiotic will notify and cooperate with the appropriate legal authorities to assist in their investigation and will continue to provide new updates to ensure this issue is resolved.Following the hacking incident, Symbiotic has established a Telegram announcement channel to provide additional verification for all official announcements. The link to this channel can be found on the official domain.

ChainCatcher message, Onyx released a post-analysis of the protocol's currency market on platform X, which pointed out that the Onyx protocol encountered a security incident where a malicious actor exploited a vulnerability to withdraw VUSD, with the vulnerability involving the NFT liquidation contract.It is reported that the main issue of this attack was not the empty market, but rather the NFTLiquidation Contract, and XCN Staking and XCN Farming were not affected.

ChainCatcher message, ether.fi posted on X that on September 24, a security incident occurred at its domain registrar Gandi.net. All funds of ether.fi are safe, no related DApp has been attacked, and users can interact with ether.fi securely.

ChainCatcher message, on-chain detective ZachXBT stated on platform X that he will release one of his best investigations ever in the next 24 hours, involving an incident worth over 100 million dollars.

ChainCatcher News: The White House issued a statement saying that the President and Vice President have been briefed on the security incident at Trump's golf course, where former President Trump was playing golf at the time. They both breathed a sigh of relief upon learning that he was unharmed.The U.S. held a press conference regarding the shooting incident at Trump's golf course at 4:30 PM local time (4:30 AM Beijing time today).

ChainCatcher news, according to CertiK Alert monitoring, since the beginning of September, there have been 33 security incidents (including phishing), with losses of approximately 55 million dollars.In addition, during the same period in 2023, there were 18 incidents with losses of about 144 million dollars.

ChainCatcher message, WazirX has released a security incident update on X:The recovery of balances for transactions that occurred between July 18 and 21 is nearing completion. This will reverse all transactions made on the WazirX platform after withdrawals were halted on July 18, 2024, at 1 PM (IST);Working with legal experts to help the team develop an effective approach to facilitate withdrawals;Received 344 applications in the bounty program, including from security professionals and ethical hackers who are actively tracing the stolen funds;In contact with multiple partners to explore all possible solutions to mitigate the financial impact of the cyber attack. Currently, WazirX is in discussions with 7 partners and making steady progress.

ChainCatcher message, Nexera has released an update on the security incident on platform X: "We have identified the vulnerability in the past few hours. We acted quickly and successfully prevented further damage. We have also taken the following measures: we are working with our partner Hypernative Labs to trace the source of the vulnerability and have begun discussions with law enforcement. KuCoin has suspended deposits and withdrawals, and trading will stop in the coming hours. MEXC has suspended deposits and withdrawals and halted trading. Trading on the DEX has stopped. We have suspended bridging on the Nexera Bridge. As mentioned earlier, we advise everyone to stop trading. We will continue to investigate and provide updates."Previous news, Nexera was attacked, and the crypto security company Cyvers estimates that Nexera has lost 1.5 million dollars in this security incident. Nexera has currently suspended its token contracts.

ChainCatcher message, Astroport released a security incident update on X:The ASTRO held by the attacker on Neutron has been seized in the Astroport Treasury;The attacker's Terra address has been blacklisted and cannot conduct any transactions;The IBC Hook vulnerability has been fixed;The attacker stole a total of approximately 58 million ASTRO, with about 33 million ASTRO bridged to Neutron;The attacker exchanged approximately 13 million ASTRO for 124,000 axlUSDC and sent it to an Ethereum address;About 20 million ASTRO remaining on the Terra chain have been blacklisted and cannot be moved;The officials will continue to work closely with the Terra team to seek solutions.Contributors of Astroport will provide further updates as soon as possible, with a comprehensive incident report expected to be released later this week.

ChainCatcher message, Casper posted on X that the chain has restored consensus and network transactions are being validated.On July 31, 2024, at 15:18 (UTC), 64 validators (representing 85% of staked CSPR on the Casper network) unanimously agreed to resume validation. Thanks to the efforts of validators, engineers, and other parties, the Casper network is fully operational, and the security incident has been resolved.