ChainCatcher news, Alliance DAO founder and core contributor Qiao Wang posted on platform X, stating, "A few years ago, I suggested that, contrary to intuition, the value of dApps lies in their front end (web apps, browser extensions, mobile applications, etc.), rather than the underlying smart contracts.The launch of pump's AMM leading to a 30% drop in Raydium is a clear example."

ChainCatcher news, according to market news, Pump.fun's front end has removed the Meme coin related to Lazarus.ChainCatcher previously reported that on-chain detective ZachXBT disclosed in a personal channel that he found that a certain entity was laundering money for the Bybit theft incident hacker by issuing and trading meme coins on pump.fun.

ChainCatcher message, Slow Mist stated on platform X that the Safe contract is fine, but the issue lies in the non-contract part, where the front end has been tampered with and forged to achieve a deceptive effect. This is not an isolated case. North Korean hackers managed to compromise several companies last year, such as:WazirX 230M USDT Safe multi-signatureRadiant Capital 50M USDT Safe multi-signatureDMM 305M USDT Gonco multi-signatureThis type of attack method has matured in engineering. Other companies also need to pay more attention, as multi-signatures may have similar attack points beyond just Safe.

ChainCatcher message, Paradigm researcher samczsun mentioned on X regarding the promotion scams of Meme coins on social media: "It's a very simple idea: the next time a large account is hacked and promotes an obvious scam, maybe the front end should manually remove that scam? Of course, no one would oppose this, unless the goal is to allow people to gamble in a casino?"

ChainCatcher message, according to Blockaid monitoring, the front end of the DEX protocol Ambient Finance on the Scroll chain is suspected to have been hacked. Users are advised not to sign transactions and to avoid interacting with the dApp.

ChainCatcher news, according to Chainwire, the decentralized derivatives infrastructure EthosX announced a partnership with kanalabs.io to launch a new perpetual options product OPerps on its front end, aimed at helping users generate income based on their market predictions.It is reported that OPerps allows users to trade tokenized (ERC-20) options that never expire but settle every few minutes/hours. Investors can participate in long call options and long put options OPerps trading.According to Web3 asset data platform RootData, the decentralized derivatives infrastructure EthosX completed a new round of financing of $1.8 million in December 2023. EthosX was founded in 2022 by Deepanshu, former Vice President of Global Derivatives Clearing at JPMorgan, and is a selected team in Binance Labs' sixth season MVB accelerator program, primarily providing automated and non-custodial clearing and settlement services for financial derivatives.

ChainCatcher news, according to official sources, the Optimism ecosystem decentralized trading protocol Velodrome and its fork DEX Aerodrome deployed on Base have stated that their domain name has been restored and locked at the TLD level, and they are currently waiting to be transferred to a new provider.Users can now continue to use Velodrome, and the decentralized frontend is also functioning normally and unaffected.

ChainCatcher message, the Optimism ecosystem decentralized trading protocol Velodrome stated, "The frontend is currently under threat, please refrain from interacting with Velodrome for the time being, the team is investigating."

ChainCatcher news, the decentralized exchange SpookySwap on Fantom Opera announced that the Spooky Fi V2 frontend is back online.SpookySwap stated that since the self-fix of the vulnerability, there have been no further issues with the frontend, but it cannot be 100% certain that the vulnerability has been eliminated. Users who use this frontend need to verify the contract addresses in their wallets. If they do not want to take the risk or verify the addresses, they should wait for the launch of SpookySwap V3.

ChainCatcher news, Trader Joe announced on social media that the front end has now been restored after investigating and removing vulnerable third-party analytics code, and it has been marked as safe for all activities, such as trading, liquidity, staking, lending, etc.ChainCatcher previously reported that the decentralized exchange Trader Joe issued an important security alert on social media, stating that it received alerts about potential vulnerabilities in the front-end interface. The team is conducting a thorough investigation immediately and strongly advises all users not to trade or execute any transactions on the Trader Joe DEX.

ChainCatcher message, the decentralized exchange Trader Joe has issued an important security alert on social media, stating that it has received warnings about potential vulnerabilities in the front-end interface. The team is conducting a thorough investigation immediately and strongly advises all users not to trade or execute any transactions on the Trader Joe DEX.

ChainCatcher news, Layer2 cross Rollup bridge Orbiter Finance announced its positioning upgrade to a ZK technology-based Ethereum acceleration engine, aimed at improving L2 performance and reducing Gas consumption.In addition, Orbiter Finance will introduce a decentralized front end and Dealer role, facilitating DApp empowerment through the decentralized front end.Orbiter Finance stated that the decentralized incentive front end marks a milestone in Orbiter Finance's path towards complete decentralization and trustlessness, making it possible to establish direct collaboration arrangements between Makers and Dealers by leveraging open protocols. The upcoming roadmap includes a decentralized Maker reliant on SPV circuits, which will contribute liquidity and generate revenue within the Orbiter Finance ecosystem. In the future, Orbiter Finance's focus will be on adopting ZK recursive proof technology to reduce Gas consumption while integrating ZKP on compatible ZK Rollups.

ChainCatcher message, DefiLlama founder 0xngmi tweeted, "Currently, friend.tech and all forked versions store users' keys on the frontend, so it is possible to steal users' keys or all funds through frontend updates. Some people may not store the complete key on the frontend, but they have the key in the frontend's memory, so they are vulnerable to supply attacks regardless."

ChainCatcher message, the P2P digital asset trading protocol NFT Trader officially announced that the website has been attacked. Users are advised to monitor their accounts and beware of phishing attacks. The NFT Trader website will be closed until further notice. Currently, the team is still investigating, and the platform has been taken offline to avoid any further issues.NFT Trader stated that this is not an issue with the protocol, but rather that someone outside the team has inserted malicious code on the front end. The team will continue the investigation. (Source link)