ChainCatcher news, according to Forbes, security company ESET has just released its latest threat report, which examines the threat landscape trends from June to November 2024. The number of password theft attacks targeting cryptocurrency wallets has increased, with the most significant rise occurring among macOS users.The report states: "According to ESET's telemetry data for the second half of 2024, the number of password-stealing software across multiple platforms (especially Windows, macOS, and Android) has increased," but compared to the first half of the year, the detection of password-stealing software targeting cryptocurrency wallets on macOS has more than doubled. Meanwhile, the number of password-stealing software on the Windows platform grew by 56%, while financial threats on the Android platform, including password-stealing malware, increased by 20%.ESET's analysis shows that the number of password-stealing software targeting the macOS platform (especially those related to cryptocurrency wallet credentials) surged by 127%. Security researchers noted: "Although these threats cannot be simply classified as password-stealing software just because they have broader functionalities, they do reveal a significant upward trend in password theft activities on the macOS platform." From a geographical perspective, ESET's analysis indicates that attacks on Bitcoin and other cryptocurrencies targeting macOS are mostly aimed at the United States, followed by Italy, China, Spain, and Japan.

ChainCatcher message, Slow Mist's Chief Information Security Officer 23pds posted a reminder that recently, the well-known cryptocurrency theft Trojan MacOS Stealer has been suddenly open-sourced.Previously, its attack source code was sold for 1 BTC, and now the open-sourcing means that more malicious attackers can easily access this tool. This not only potentially allows attackers to have "one tool per person" for attacks but may also give rise to more covert and complex attack methods, posing greater challenges to the security of cryptocurrency assets.

ChainCatcher news, DEXX platform founder Roy stated in an exclusive interview with Odaily Planet Daily that the suspects in this case have been identified domestically, but the investigation process is very complex, involving a significant amount of time and resource costs. Law enforcement agencies began to intervene early on, and to ensure the smooth progress of the investigation, the authorities did not disclose details to the public in the early stages of the case, only releasing some information on December 6. Early disclosure could affect law enforcement progress or alert the suspects, so information disclosure needs to be cautious.Roy stated that for the team, handling the incident requires not only cooperation with law enforcement agencies but also incurs high technical and management costs. Additionally, due to the complex technical details involved in the case and the interests of investment institutions, further confirmation is needed on which information can be made public.Previously, the trading platform DEXX experienced a major security incident on November 16. Hackers exploited technical vulnerabilities in the platform to steal over $21 million in user funds, affecting nearly 1,000 victims.

ChainCatcher news, Radiant Capital's official report on the October theft has been released today.Radiant Capital stated that although the investigation is still ongoing, the security company Mandiant is highly confident that the attack was carried out by malicious actors linked to North Korea.ChainCatcher previously reported that according to information disclosed by the security company Ancilia, the cross-chain lending protocol Radiant Capital suffered a cyber attack on the early morning of October 17, resulting in losses exceeding $50 million. Radiant is controlled by a multi-signature wallet (referred to as "multisig"), and it is claimed that the attackers gained control of the private keys of multiple signers, subsequently taking control of several smart contracts.

ChainCatcher news, the Civil Court Daily published an article titled "Criminal Qualification of Illegal Theft of Virtual Currency," which points out that the act of stealing virtual currency constitutes theft. As an economic property, it must have value, including utility, scarcity, and disposability. Scarcity is reflected in the constant total supply of virtual currency, which is not infinitely available. Disposability is demonstrated by the use of asymmetric encryption technology for virtual currency, which exists in wallets (i.e., addresses), and once the address and private key are obtained, one can control the virtual currency. Utility is reflected in the fact that virtual currency, as a specific data encoding, must be generated through "mining," which condenses social abstract labor.The article also points out that the act of stealing virtual currency constitutes the crime of illegally obtaining data from computer systems, as virtual currency has data characteristics. The illegal theft of virtual currency constitutes the crime of illegally obtaining data from computer systems. Regarding the determination of the amount of stolen virtual currency, it is more reasonable to set the amount of virtual currency involved in the case at the time the defendant committed the crime rather than when the victim purchased the virtual currency.

ChainCatcher message, according to official news, the OKX Web3 security team conducted a sampling analysis of recent cases of private key theft on the Solana network and provided the following security recommendations:Upgrade devices and wallets to the latest version in a timely manner;It is recommended to regularly create new keys and promptly transfer assets to new addresses;Regularly use professional antivirus software to scan mobile devices and PCs;When downloading applications, be sure to verify whether they are official versions;When using Bot-type products, it is advisable to use a new wallet for risk isolation.It is reported that the OKX Web3 wallet team, while strengthening product technical protection, continues to promote user security education, covering security guidelines, security TVC, security dynamics, etc. Users who need more security advice can always pay attention to OKX's official security announcements and educational resources.

ChainCatcher message, a community user posted on platform X stating: "I believe that the DEXX victims need to go through 4 key steps to receive compensation: SlowMist's statistical results; providing a compensation plan (different plans based on financing results); developing a compensation entry; executing the compensation plan."In response, SlowMist founder Yu Xian stated: "To clarify, the 'SlowMist statistics' matter is not in a serial relationship with several others, because the overall losses were basically disclosed within two or three days after the incident (at that time, the stolen market value was over 21 million USD). The subsequent increases are almost all small amount losses; if there were still large amounts, we should have known by now. Since we disclose the attacker's address, handling false reports and omissions will continue to consume a lot of time. The entire process needs to be rigorously compared and judged back and forth. If we rely solely on our so-called final statistics, it is hard to say how long that will take. Therefore, we believe this is not a serial relationship; many tasks are essentially parallel."

ChainCatcher news, according to 8world, the Singapore Police Force and the Cyber Security Agency issued a joint statement indicating that recently, criminals have been observed using various methods to steal cryptocurrency from victims' wallets. Their common tactics include:Impersonating legitimate entities on social media, using giveaways or promotional activities as bait, and asking victims to "verify" their wallets by sharing login credentials and other personal information.Criminals may also impersonate the owners of cryptocurrency companies, sending malicious links under the pretext of assessing the victims' capabilities in the blockchain field. Once clicked, these links automatically transfer cryptocurrency from the victims' wallets.Additionally, criminals may exploit phishing websites, software vulnerabilities, smart contracts, etc., to invade victims' wallets and steal cryptocurrency.Singapore government agencies urge the public to take preventive measures to protect their wallets, such as: using hardware wallets and other secure offline storage devices; employing strong passwords and two-factor authentication; and regularly checking accounts.If you suspect that you have become a victim, you should immediately contact the cryptocurrency exchange to stop trading or freeze your account if possible; check and revoke any suspicious token authorizations; promptly transfer any remaining cryptocurrency from the affected wallet to another wallet; and report to the relevant authorities.

ChainCatcher news, XT.COM officially released a related announcement regarding the previous theft news.Today, it was discovered that the platform wallet with the on-chain address: 0xdb3ded7731c781224ec292e2163d9554c094fd7c has abnormal asset transfers out, and the technical department is currently conducting an active investigation. Upon verification, the amount involved is around 1 million U (12 cryptocurrencies), and this asset belongs to the platform's own assets, which will not harm the interests of any customers or users.In addition, XT.COM stated that since its establishment, the platform's asset reserves have always been managed at 1.5 times the user funds, and it plans to launch a Merkle tree asset proof system in mid-December to further enhance the transparency and security of the exchange.

ChainCatcher message, Slow Mist founder Yu Xian stated on social media: "Directly submitting the DEXX theft form information to our victims exceeds 1,000, and there are many more victims contacted through various channels along with our security team. The losses vary in size, and the general statistics have been disclosed before. However, there are still many that have not been submitted. We are continuously conducting various complex cross-analyses with DEXX officials and partners to avoid false reports while hoping to collect as comprehensively as possible. This is a complex task.We know everyone is anxious. In addition to the DEXX officials filing a police report, several victims have also reported to the police. As a security company, Slow Mist has an obligation to cooperate with law enforcement, and the content of law enforcement actions will not be disclosed without authorization."

ChainCatcher message, according to Scam Sniffer monitoring, the malware "EdtiProAI" is attempting to exploit X ads to target potential victims. If users mistakenly install this software, their wallet private keys will be at risk.

ChainCatcher news, according to ZachXBT, the cryptocurrency exchange M2 was hacked yesterday, with approximately $13 million stolen from hot wallets across multiple chains.