ChainCatcher news, GoPlus Security posted on platform X: "First, GoPlus has established a special investigation team to conduct a comprehensive investigation into the abnormal price fluctuations. Binance has also provided additional support to assist in investigating the cause of the incident. Firstly, in response to community feedback claiming that a leaker disclosed the listing information in advance and suspecting that this person is a member of the GoPlus team or a community administrator, GoPlus immediately initiated an internal investigation. The investigation results show that this situation is not true. The GoPlus team did not have prior knowledge of the March 4th GPS listing plan. Everything happened very suddenly; our team only learned about the listing news after the announcement was made and immediately collaborated with Binance to meet any additional requests from our side. Furthermore, it has been confirmed that the individuals spreading various rumors are unrelated to the parties involved and they had no way to obtain internal information about the listing through official internal channels.On the day of the listing, GoPlus transferred a total of 500 million GPS tokens to Binance. Of these, 300 million GPS tokens have been distributed as rewards for the BNB HODLer program, and the remaining 200 million tokens will be used for future marketing activities. For transparency, Binance has transferred the remaining 200 million GPS tokens to a public wallet address. Regarding the situation where the GPS price plummeted by 50% within 24 hours, GoPlus is conducting internal investigations with multiple partners and will provide users with a comprehensive explanation of our investigation results."

ChainCatcher news, according to the Singapore United Morning Post, Mastercard is planning to eliminate traditional credit card numbers and adopt "authentication technology" (Tokenization) to combat online fraud. This technology replaces sensitive data such as credit card numbers with randomly generated numerical sequences (tokens) to reduce the risk of data breaches. Mastercard CEO Michael Miebach stated that the company will expand the use of this technology and replace traditional passwords with biometric identification (such as fingerprints or facial scans). This measure is in response to the increasingly serious problem of online payment fraud, which is expected to exceed $91 billion by 2028.Miebach pointed out that the conventional thinking in the past was to protect data and transactions with passwords to ensure security; however, this approach has gradually become a security vulnerability. But "authentication technology" replaces sensitive information with "tokens," making it impossible to decipher real information even if the data is illegally accessed by hackers. Furthermore, "authentication technology" also helps businesses comply with data protection regulations, such as the EU General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS). Mastercard stated that by the end of this century, all e-commerce transactions in Europe are expected to be replaced by "tokens."

ChainCatcher news, according to Cointelegraph, the Federal Bureau of Investigation (FBI) has issued a warning regarding scammers impersonating employees of cryptocurrency exchanges to steal funds. These scammers contact users, claiming there is an urgent issue with their accounts, in order to trick users into revealing personal information or clicking on malicious links.The FBI states that if cryptocurrency users receive calls or messages about account issues, the first step must be to "not respond." The agency advises users to do this even if the call or message appears to be official. The FBI wrote: "Hang up. Call the official phone number of the cryptocurrency exchange to verify if there is an issue. Do not use any phone numbers provided by the caller."Additionally, the FBI urges users not to visit any websites or click on any links sent by the caller. The agency recommends navigating to the official exchange website independently. If the caller asks for login details, the FBI encourages users not to provide that information and to avoid downloading any files or attachments in the message. Finally, the FBI asks victims to report any scam-related activities to official channels. The agency also requests victims to provide transaction information related to the scam.

ChainCatcher news, Tether CEO Paolo Ardoino tweeted that Bitfinex has tested some of the emails/passwords disclosed by hackers and found that this information is valid at least on two other exchanges.Some users use the same email/password across multiple exchanges, and many of the passwords disclosed by the hackers do not even meet Bitfinex's minimum password strength requirements.Previously, Tether CEO Paolo Ardoino stated that the Bitfinex data leak might be false news. From the information we have gathered, the hackers collected emails/passwords that may come from different cryptocurrency leak databases. While we believe this is purely FUD, we will continue to review the information to ensure nothing is overlooked.

ChainCatcher news, Spartan Group Managing Partner Kelvin Koh revealed that while trading on a major centralized cryptocurrency exchange, they discovered that the exchange leaked their short position information to certain contacts within the industry.He stated that this is a serious violation of client confidentiality, and therefore they will terminate trading activities on this exchange.Kelvin Koh expressed that what is even more shocking about this incident is that this information was easily shared. If any random employee of the exchange can access client trading positions and share them with random parties, it indicates that the exchange has not implemented appropriate controls. Furthermore, as one of the largest centralized exchanges, he called for stricter regulation of centralized exchanges.

ChainCatcher message, Slow Mist Yu Xian posted on platform X, stating that there have been several recent incidents of friend.tech accounts being hacked, as ft is centralized and has always posed a risk of information leakage. ft accounts may be registered through a phone number, or with a Gmail account or Apple ID, and lack 2FA, making them a primary target for attackers.

ChainCatcher message, Spot on Chain replied to the "Data Leak Response" tweet posted by friend.tech, stating that although the wallet addresses in the API are generated by friend.tech, it is easy to trace the wallets that fund these addresses, which many people are not aware of. Therefore, friend.tech should mention this in their privacy policy.When the API is used in a manipulative or abusive manner, API violations occur. The current access control level design is inadequate, allowing many bots to easily manipulate stock prices. With major KOLs joining, bots directly purchase multiple shares. Adjusting API access control (for example, restricting tweet information visibility to only stock purchasers) could reduce and mitigate the impact of bots to some extent (but we do not believe this will completely prevent bots). It is recommended that friend.tech update their contracts to avoid bots, thereby providing a better experience.

ChainCatcher message, Gemini released a statement saying that due to a cyber attack on a third-party vendor, some customers' phone numbers and email addresses were leaked, but currently all funds and customer accounts at Gemini remain secure.According to previous reports, a third-party vendor associated with Gemini allegedly experienced a data breach on December 13, affecting 5.7 million email addresses and some phone numbers. Gemini strongly recommends that customers use two-factor authentication (2FA) and/or hardware security keys to protect account security. (source link)