ChainCatcher message, SlowMist detected that the address starting with 0x452E2 lost 27.3 ETH due to the lack of access control in its uniswapV3SwapCallback function.

ChainCatcher message, Loopring has released an update on the X platform regarding the previous security incident: "We are working with SlowMist and several other security experts and relevant institutions to continue investigating the attack on the smart wallets. Loopring will soon provide more information to the community. Security and user protection remain Loopring's top priority."Yesterday's news reported that some Loopring smart wallets were attacked due to a security vulnerability. This attack exploited a wallet with only one guardian, specifically the official Loopring guardian. The hacker initiated the recovery process, impersonating the wallet owner to reset ownership and extract assets.The attack successfully compromised Loopring's 2FA service, allowing the hacker to impersonate the wallet owner and obtain recovery approval from the official guardian. Subsequently, the attacker transferred assets out of the affected wallet.Loopring stated that it is currently actively collaborating with Mist security experts to determine how its 2FA service was compromised. To protect users, operations related to Guardian and 2FA have been suspended.Loopring is working with law enforcement and professional security teams to track down the perpetrators.

ChainCatcher news, ICC Camp has reached a strategic cooperation with SlowMist, GSR, dtcpay, and Alchemy Pay, which will provide ecological support for ICC Camp. By integrating the resource advantages of both parties, they will jointly build a powerful global Web3 gaming ecosystem, helping outstanding startup teams in the Web3 gaming field thrive in the future.ICC Camp will officially launch the first phase of student enrollment and mentor lineup announcement on January 3, 2024. ICC Camp sincerely invites institutions, media, and communities interested in the Web3 gaming ecosystem to join the first phase of the startup camp program and share in the prosperous development of the Web3 gaming ecosystem.

ChainCatcher news, OKX has officially reached a strategic partnership with the blockchain security company SlowMist. The two parties will collaborate on security business in areas such as digital asset ecosystem security, digital asset anti-money laundering, and cutting-edge security technology research. In addition, both sides will jointly explore in-depth integration solutions for blockchain ecosystem security, continuously leading industry security standards and contributing to the progress and safe development of the entire industry.

ChainCatcher news, recently, SlowMist and HashKey Group officially established a strategic partnership. The two parties will conduct in-depth cooperation in areas such as digital asset ecosystem security, anti-money laundering for digital assets, and cutting-edge security technology research, jointly exploring more comprehensive security standards and solutions to safeguard HashKey Group's various businesses.It is reported that SlowMist has been deeply engaged in the blockchain security field for many years, and both the comprehensiveness and cutting-edge nature of its technology are at the leading position in the industry. HashKey Group, as a leader in digital asset management and blockchain technology solutions, has always maintained a leading position in the continuously innovating fintech field. It is believed that this strategic cooperation will provide higher security standards for HashKey Group and contribute to the progress and safe development of the entire industry. (Source link)

ChainCatcher news, Slow Mist has officially completed the security audit of Bitizen. As a leading next-generation decentralized self-custody Web3 wallet built on MPC technology, Bitizen's security has always attracted industry attention. In this security audit, the Slow Mist audit team utilized professional methods such as black-box, gray-box, and white-box testing to audit the Bitizen wallet application and security solutions from various aspects, including the application of MPC technology in the creation of keyless wallets, keyless signing processes, as well as sharded backup and recovery. It has been verified that Bitizen meets the requirements for asset security and usability of wallets, and no critical or severe risk vulnerabilities were found during the audit.As an internationally leading blockchain security audit company, the Slow Mist audit team praised Bitizen's security mechanisms, design solutions, and the team's security awareness and attitude. Bitizen has also demonstrated to the public through third-party security audits that a wallet that is simple and easy to operate can also possess extreme security. It is reported that after this audit, both parties will further engage in more comprehensive security cooperation.

ChainCatcher news, the cross-chain aggregation flash exchange platform Transit Swap has officially restarted. The new contract is fully open source, with a security audit completed by Slow Mist Technology, and a maximum security vulnerability bounty of 1 million USD has been launched. This maintenance upgrade includes the following aspects:Transit Swap has optimized user authorization at the contract level, eliminating the separate module for managing user authorization.Optimized Transit Swap cross-chain bridge interaction to prevent malicious transfer of funds within the cross-chain bridge. A whitelist mechanism is adopted to reduce external call permissions.A comprehensive upgrade of the Transit Swap contract, abolishing the permissions of the old version contract. The new contract is fully open source and has undergone a security audit by Slow Mist Technology.The Transit Swap web version officially supports the display of trading content such as candlestick charts and liquidity pools, optimizing the user trading experience and helping users analyze trading data more comprehensively, enriching trading information.Transit Swap has launched a vulnerability and security bounty program, offering a reward of up to 1 million USD for users or developers who discover security vulnerabilities in Transit Swap. At the same time, Transit Swap has introduced the Transit Security Fund, injecting 10% of Transit Swap's monthly revenue into the security fund to effectively prevent security incidents.According to previous reports by ChainCatcher, Transit Swap was hacked on October 2, 2022, resulting in a theft of approximately 28.9 million USD. Subsequently, Transit Swap, in collaboration with global security teams, recovered 24 million USD for users, with an actual loss of about 4.9 million USD, which has been fully compensated to users by Transit Swap. It is reported that before the hack, Transit Swap had once become one of the top four aggregation trading platforms in the world, with over 70,000 monthly active users.