attack

Slow Fog Cosine: Using wallet whitelist mechanisms and combining hardware wallets for dual verification can resist "transaction record pollution attacks."

ChainCatcher message, Slow Mist's Yu Xian disclosed that the phishing technique of poisoning addresses with similar starting and ending numbers is still widespread, severely impacting the security infrastructure of the blockchain industry.Yu Xian pointed out that this type of poisoning targeting wallet transaction history mainly involves various techniques, including fake token contract codes emitting false event logs to deceive block explorers and wallets, as well as using zero-amount transfer event logs to arbitrarily fill in addresses in the from/to fields. These techniques can mislead users into believing that the transactions are from their own actions. Other common techniques include sending small amounts of funds from source addresses with the same starting and ending characters, combining clipboard hijacking technology, and impersonating well-known decentralized exchanges to output false event logs.Yu Xian recommends that users make good use of wallet whitelisting mechanisms, carefully verify complete addresses, and combine well-known hardware wallets for dual verification as defensive measures.Previously reported, two addresses suffered "transaction history pollution attacks" in the past 14 hours, resulting in a total loss of over $140,000.

The blockchain gaming platform WEMIX suffered a hacker attack at the end of February, resulting in a loss of approximately 6.22 million dollars

ChainCatcher news, the blockchain gaming platform WEMIX under the South Korean listed gaming company Wemade disclosed a hacking incident on March 4, stating: "On February 28, 2025, approximately 8,654,860 WEMIX tokens were anomalously extracted due to a malicious external attack on Play Bridge Vault." WEMIX stated that it has taken immediate action to prevent further damage and is cooperating with law enforcement to track down the attackers. On March 13, the WEMIX Foundation executed 20 million WEMIX tokens to mitigate market impact.In addition, according to a report by Yonhap News Agency today, the loss caused by the hacking incident on February 28 amounted to approximately 9 billion won (about 6.22 million USD). The WEMIX Foundation emphasized in response to external accusations of delayed announcements that it "never had any intention or attempt to conceal the hacking incident." A representative of the WEMIX Foundation stated, "After discovering the hacking incident on February 28, we immediately shut down the affected servers and began a detailed analysis. On the same day, we submitted a complaint against the unidentified attackers to the Cyber Investigation Division of the Seoul Police Agency, and the National Investigation Agency is currently investigating. Since the method of intrusion has not yet been determined, hastily releasing an announcement could expose us to further attack risks, which is why we did not issue an immediate announcement. As most of the stolen assets have already been sold off, the market impact has already occurred, and it is difficult to ensure there are no further risks. If we had announced immediately, it could have triggered market panic."
ChainCatcher Building the Web3 world with innovators