ChainCatcher news, according to The Block, multiple blockchain security experts have pointed out that a North Korean hacker group may be behind the theft incident of the Singapore cryptocurrency exchange Phemex. The attackers stole over $70 million in crypto assets, including approximately $16 million in SOL, $12 million in XRP, and $5 million in Bitcoin.MetaMask Chief Security Researcher Taylor Monahan stated that the attackers simultaneously stole a large amount of assets across multiple chains and quickly exchanged stablecoins with a high risk of freezing for ETH. Phemex CEO Federico Variola confirmed the security of the cold wallet, and the platform is developing a compensation plan for the victims.

ChainCatcher message, Trump announced on his Truth Social account that he will launch a personal meme coin TRUMP. Users need to visit the website with the domain "gettrumpmemes" to obtain the meme. Currently, the possibility of theft cannot be ruled out, and users should be cautious.

ChainCatcher news, a woman in her 40s was arrested by the police for stealing another person's phone and embezzling virtual currency worth approximately 700 million Korean won.The suspect stole the phone of a man she met in a public social networking (SNS) chat room in Jeju City, and then used personal information obtained in advance to transfer the virtual currency into her own account. The police launched an investigation based on the victim's report and successfully arrested the suspect in an emergency in Gimcheon, North Gyeongsang Province. The suspect confessed that she planned this crime to repay her debts.

ChainCatcher news, Hengnan Public Security has cracked a virtual currency theft case. It was found that the victim, Mr. Peng, found a virtual currency trading channel through social media. During a face-to-face cash transaction after purchasing virtual currency, he was secretly filmed by the criminal gang using a pinhole camera to capture his account login verification code. Subsequently, they used technical means to steal Mr. Peng's account and transfer his assets, ultimately leaving him with nothing. Mr. Peng suffered a total loss of 1.2 million yuan. Currently, 6 criminal suspects have been criminally detained by the public security authorities on suspicion of theft.

ChainCatcher news, the Thai police have shut down a Bitcoin mining operation that is estimated to have stolen approximately $3 million worth of electricity. The mining site is located in the Phanat Nikhom district of Chonburi province in eastern Thailand, and the operation involved more than 1,000 machines. Although authorities could not provide an exact figure for the theft, its value could reach "hundreds of millions of baht."Miners tampered with the electricity meters of the Provincial Electricity Authority (PEA) to redirect power to their machines. An unidentified worker at the site told police that the electricity theft only occurred at night, while the meters were used correctly during the day to avoid detection.

ChainCatcher news, Slow Mist founder Yu Xian posted on the X platform stating that Slow Mist has intervened in the incident of the official X account of 0xScope being compromised, and has connected with relevant solutions, waiting for smooth progress.ChainCatcher previously reported that lmk.fun (formerly Scopescan) issued a reminder on the X platform stating that the X account of the Web3 knowledge graph protocol 0xScope (@ScopeProtocol) has been compromised. Please do not click on any links or trust the content they publish. An investigation and recovery are underway.

ChainCatcher news, according to Xiamen Evening News, a man stole virtual currency from others and cashed out over 1.6 million yuan after incurring losses while helping a friend invest in futures. Recently, the Huli District Procuratorate in Xiamen, China, reviewed and prosecuted this theft case.In September 2021, the defendant Chen met the victim Hong through a friend's introduction. Hong entrusted Chen to help operate virtual currency investments and provided his account and login password.At the end of September 2022, Chen fabricated a story about the account being offline to trick Hong into providing various verification codes. He then successfully changed the account's login password and replaced the linked email with his own. At this point, Hong's account was under Chen's control.After that, Chen repeatedly used the excuse of the account being offline to deceive Hong into giving real-time verification codes, continuously transferring the virtual currency from Hong's account to his own. He then quickly sold these virtual currencies for a profit of over 1.6 million yuan, using all of it to repay personal debts.In May 2024, Chen voluntarily went to the police station to confess and truthfully admitted to his crimes.The Huli District Procuratorate filed a public prosecution against Chen for theft. According to Article 264 of the Criminal Law, theft of public and private property, with particularly large amounts or other particularly serious circumstances, is punishable by more than ten years of fixed-term imprisonment or life imprisonment, and may also involve fines or confiscation of property.

ChainCatcher message, according to Scam Sniffer monitoring, the X account of Superchain Eco (@SuperchainEco) has been hacked and posted phishing links.The image shows that the recent tweets from this account involve a fake link named "Optimism x Base Airdrop" (optimism-base.com), which has been added to ScamSniffer's domain warning list. Users should remain vigilant, avoid clicking on related links, and verify the source of information to prevent being scammed.

ChainCatcher news, according to The Block, the South Korean government has imposed sanctions on 15 North Korean individuals and one entity for their involvement in illegal cyber activities, including cryptocurrency theft. According to Chainalysis data, North Korean hackers stole $1.34 billion worth of cryptocurrency in 2024, accounting for 61% of the total stolen that year.The sanctioned individuals are all members of the 313 Bureau under the Ministry of Machine Industry of the Workers' Party of Korea, which has been under United Nations Security Council sanctions since 2016 and is responsible for North Korea's weapons production, including ballistic missile programs. The South Korean Ministry of Foreign Affairs stated that North Korean IT personnel often disguise their identities and travel to countries such as China, Russia, Southeast Asia, and Africa to obtain work orders from global IT companies while also engaging in information theft and cyberattacks.

ChainCatcher news, according to CoinDesk Japan, regarding the theft of 4,502.9 BTC from the cryptocurrency exchange DMM Bitcoin that occurred in May, the National Police Agency of Japan reported on December 24 that the incident was carried out by the Trader Traitor group, which is part of the North Korean hacker organization Lazarus Group.The National Police Agency of Japan stated that it will continue to work with the FBI, other U.S. government agencies, and international partners to investigate the illegal activities of North Korean hackers, including cybercrime and cryptocurrency theft incidents.Meanwhile, the National Police Agency of Japan, the Cabinet Cybersecurity Center, and the Financial Services Agency have released documents regarding the tactics and countermeasures of the attacking groups, urging cryptocurrency-related businesses to exercise caution. In response to this attack, DMM Bitcoin has decided to close its exchange. Assets and customer accounts will be transferred to SBIVC Trade, with the transition expected to be completed by March 2025.

ChainCatcher news, a report released by Chainalysis shows that in 2024, the amount of cryptocurrency thefts exceeded $2.2 billion, with an increase in hacking incidents. This marks the fifth consecutive year that the stolen amount has surpassed $1 billion.

ChainCatcher news, according to CoinDesk, the hacker involved in the Bitfinex theft case has made a public statement for the first time since being arrested. Ilya Lichtenstein reiterated that he alone stole 120,000 bitcoins, denying the speculation in the Netflix documentary that "his father was complicit and may belong to a Russian spy agency." This is his first public statement since his arrest in 2022.In the video statement, Lichtenstein said, "My father is not a hacker; he doesn't even know how to use Instagram. I sincerely apologize to Bitfinex for all the pressure I have caused them. I know what I did was wrong, but I did it anyway. Looking back at who I was then, I hate myself. I hate myself. For the past three years, I have been working hard to trace all assets and return them down to the last satoshi as required by my plea agreement, and I will continue to do so."

ChainCatcher News: A judge in Hartford, Connecticut, Michael P. Shea, recently sentenced 31-year-old West Hartford resident Dylan Meissner to 48 months in prison for stealing over $4.4 million from his former employer. Meissner worked as the Vice President of Finance at a cryptocurrency research company and had access to the company's cryptocurrency wallets and bank accounts.In early 2022, Meissner obtained a loan of 50 Ethereum (approximately $170,000) from the company, claiming he would use the funds to avoid personal cryptocurrency investment losses. However, between February and November 2022, Meissner began misappropriating company funds to cover personal trading losses and concealed his actions with false records. Ultimately, he stole approximately $4,461,828 through this scheme.Judge Shea also ordered Meissner to pay restitution of $4.63 million, which includes the stolen funds and the unpaid loan. Meissner was released on a $100,000 bond and is scheduled to report to prison on February 21.According to Cointelegraph, the U.S. Department of Justice did not mention Meissner's previous employer by name in the case, referring to it in court as "Company A" and "a cryptocurrency research company," but Meissner was employed by Delphi Digital at the time of the crime. Meissner's attorney also referenced "Delphi" multiple times in a sentencing memorandum submitted earlier this month, indicating that it is the name of the company.

ChainCatcher news, according to Forbes, security company ESET has just released its latest threat report, which examines the threat landscape trends from June to November 2024. The number of password theft attacks targeting cryptocurrency wallets has increased, with the most significant rise occurring among macOS users.The report states: "According to ESET's telemetry data for the second half of 2024, the number of password-stealing software across multiple platforms (especially Windows, macOS, and Android) has increased," but compared to the first half of the year, the detection of password-stealing software targeting cryptocurrency wallets on macOS has more than doubled. Meanwhile, the number of password-stealing software on the Windows platform grew by 56%, while financial threats on the Android platform, including password-stealing malware, increased by 20%.ESET's analysis shows that the number of password-stealing software targeting the macOS platform (especially those related to cryptocurrency wallet credentials) surged by 127%. Security researchers noted: "Although these threats cannot be simply classified as password-stealing software just because they have broader functionalities, they do reveal a significant upward trend in password theft activities on the macOS platform." From a geographical perspective, ESET's analysis indicates that attacks on Bitcoin and other cryptocurrencies targeting macOS are mostly aimed at the United States, followed by Italy, China, Spain, and Japan.

ChainCatcher message, Slow Mist's Chief Information Security Officer 23pds posted a reminder that recently, the well-known cryptocurrency theft Trojan MacOS Stealer has been suddenly open-sourced.Previously, its attack source code was sold for 1 BTC, and now the open-sourcing means that more malicious attackers can easily access this tool. This not only potentially allows attackers to have "one tool per person" for attacks but may also give rise to more covert and complex attack methods, posing greater challenges to the security of cryptocurrency assets.

ChainCatcher news, Radiant Capital's official report on the October theft has been released today.Radiant Capital stated that although the investigation is still ongoing, the security company Mandiant is highly confident that the attack was carried out by malicious actors linked to North Korea.ChainCatcher previously reported that according to information disclosed by the security company Ancilia, the cross-chain lending protocol Radiant Capital suffered a cyber attack on the early morning of October 17, resulting in losses exceeding $50 million. Radiant is controlled by a multi-signature wallet (referred to as "multisig"), and it is claimed that the attackers gained control of the private keys of multiple signers, subsequently taking control of several smart contracts.

ChainCatcher news, the Civil Court Daily published an article titled "Criminal Qualification of Illegal Theft of Virtual Currency," which points out that the act of stealing virtual currency constitutes theft. As an economic property, it must have value, including utility, scarcity, and disposability. Scarcity is reflected in the constant total supply of virtual currency, which is not infinitely available. Disposability is demonstrated by the use of asymmetric encryption technology for virtual currency, which exists in wallets (i.e., addresses), and once the address and private key are obtained, one can control the virtual currency. Utility is reflected in the fact that virtual currency, as a specific data encoding, must be generated through "mining," which condenses social abstract labor.The article also points out that the act of stealing virtual currency constitutes the crime of illegally obtaining data from computer systems, as virtual currency has data characteristics. The illegal theft of virtual currency constitutes the crime of illegally obtaining data from computer systems. Regarding the determination of the amount of stolen virtual currency, it is more reasonable to set the amount of virtual currency involved in the case at the time the defendant committed the crime rather than when the victim purchased the virtual currency.