ChainCatcher message, former Brazilian president Jair Messias Bolsonaro's X account was attacked and the token CA was posted, the original post has been deleted. The token has dropped 65.4% in the past hour, please users be aware of the risks.

ChainCatcher news, according to official sources, the anime project Animecoin jointly launched by Arbitrum and Azuki has announced the ANIME token contract address.Ethereum Mainnet: 0x4DC26fC5854e7648a064a4ABD590bBE71724C277;Arbitrum: 0x37a645648dF29205C6261289983FB04ECD70b4B3.

ChainCatcher news, the X account of the late tech entrepreneur John McAfee is suspected to have been hacked, with the attacker impersonating McAfee claiming to "return" and posting a token contract address. Users are advised to remain vigilant.Previously, in 2021, it was reported that cryptocurrency advocate and antivirus pioneer John McAfee died by suicide in a Spanish prison.

ChainCatcher news, according to Binance's announcement, Pudgy Penguins has announced the PENGU token contract address as 2zMMhcVQEXDtdE6vsFS7S7D5oUodfJHE8vd1gnBouauv, based on the Solana network, with a total supply of 88,888,888,888 tokens.

ChainCatcher message, Gifto stated early this morning on platform X: "Attention to a serious security incident related to the GFT contract. The GFT token contract has been compromised, and more GFT tokens have been issued. We are investigating, and we do understand the seriousness of this matter and assure you that we are taking the necessary measures. We ask all exchanges listing GFT to halt trading of this token. We are working to resolve this issue."Previous news, after Binance announced it would delist Gifto (GFT) on December 10, the Gifto project team issued an additional 1.2 billion GFT and transferred them to multiple exchanges.

ChainCatcher message, LayerZero CEO Bryan Pellegrino addressed the Across Protocol team on social media, stating, "I want to inform you that there is a critical issue with your token contract. You have incorrectly exposed a function that should have been an internal private function, which was written by Open Zeppelin in its ERC20 token implementation, designed to burn tokens, and granted it to the contract owner—this allows you to withdraw tokens from any wallet at any time and arbitrarily set any account's balance to 0.Additionally, both your Across Protocol and UMA Protocol contracts have the ability to mint unlimited tokens, but I have already notified you of these two issues, and you seem unconcerned. To resolve this issue without needing to reissue tokens:Transfer the contract ownership to a new smart contract to prevent the minting amount from exceeding the total supply and also disallow burning. Since this is a permanent vulnerability, the new contract must be immutable and should not include any functionality to transfer ownership. If you have an active bug bounty program, you can credit this information to the LayerZero team."

ChainCatcher message, the BNB ecosystem meme coin project Baby Doge recently announced on the X platform that it has officially relinquished ownership of the BabyDoge token contracts on Ethereum and BNB chains, ensuring that no single entity can control these contracts, thus making BabyDoge a community-driven project. The ability to burn tokens remains effective.

ChainCatcher news, focusing on the tokenized blockchain infrastructure protocol Nexera, has released an update on a security incident on social media: "We have lifted the suspension of the NXRA token contract. On-chain transactions have now resumed. We will continue to coordinate with CEX to restore operations and are waiting for them to complete their internal process for service recovery. Please stay tuned for their announcements."ChainCatcher previously reported that the Cyvers Alerts system detected suspicious transactions involving Nexera's proxy contract. One address gained ownership of Nexera's proxy contract and upgraded it. Subsequently, that address used the withdrawal function to transfer all NXRA tokens. The address is currently exchanging the tokens for ETH, and some funds have been bridged to the BNB chain. The estimated total loss is approximately $1.5 million.

ChainCatcher news, Nexera announced that the team is investigating a vulnerability involving a smart contract containing the NXRA token. The investigation results have not yet been finalized, but some information can be shared:The NXRA token contract has been paused, trading on the DEX has stopped, and we are working with CEX to halt trading;We advise everyone to stop trading. We are continuing to investigate the vulnerability and will return as soon as possible with follow-up actions. We will prioritize resolving this issue.Previous news, according to the Cyvers Alerts system monitoring, there were suspicious transactions in the on-chain order book protocol Nexera's proxy contract, where a certain address gained ownership of the proxy contract and upgraded it. Shortly after, that address used the withdrawal management function to transfer all NXRA tokens. The address is currently selling all tokens for ETH, and some funds have already been bridged to the BNB chain, with total estimated losses of about $1.5 million.

ChainCatcher message, the decentralized GPU cloud infrastructure Aethir officially states that ATH is minted on the ETH mainnet, and the airdrop claim and staking will be conducted on the Ethereum mainnet. All trading platforms will use its Ethereum mainnet contract. The Ethereum contract address for ATH is 0xbe0Ed4138121EcFC5c0E56B40517da27E6c5226B.Checker node NFT and Checker operations/rewards are located on Arbitrum. Operations and rewards from other computing providers are also on Arbitrum.The cross-chain contract address is 0xc87B37a581ec3257B734886d9d3a581F5A9d056c.

ChainCatcher message, the Meme project Jungle Doge (JUNGLEdoge) posted on platform X stating that due to the planned airdrop and the tokens for the exchange launch being stolen by hackers, the market has significantly declined, and user transactions have been affected. Therefore, the project team has decided to change to a new contract, establish a new liquidity pool (LP pool), and restore the market capitalization pool to its state before the theft. At the same time, the project team will implement an airdrop compensation plan. The new token has been released, and holders and liquidity providers who meet the snapshot criteria will receive a 1:1 mapped airdrop compensation.

ChainCatcher message, the Gala community has initiated a governance proposal regarding the "temporary GALA token contract upgrade and token burn."The proposal states that, in light of recent security incidents that led to the unauthorized minting and sale of approximately 600 million GALA tokens, as well as the permanent locking of about 4.4 billion tokens, this proposal aims to formally burn approximately 4.4 billion GALA tokens, along with about 600 million GALA tokens from the GALA treasury, to ensure the stability and sustainability of the ecosystem.Due to the upgradable nature of the GALA contract, the proposed changes will not require exchanges to conduct swaps or relist, and can be executed without affecting all GALA token users.It is reported that this move will involve upgrading the GALA contract, including the explicit and irreversible destruction of the same amount of unauthorized tokens or tokens deemed illegally obtained by law enforcement, and enhancing the security features of the contract to prevent future unauthorized access or breaches.

ChainCatcher news, the Solana ecosystem DePIN protocol io.net stated on social media that the IO token contract listed on the CoinGecko platform is not the official contract address. The io.net team has contacted CoinGecko and SolScan to correct this link information.The related links show that IO is a token on the Ethereum chain, while the official IO token of io.net is a token on the Solana chain.ChainCatcher previously reported that the Solana ecosystem DePIN protocol io.net announced its token IO contract address as: BZLbGTNCSFfoth2GYDtwr7e4imWzpR5jqcUuGEwr646K, and this token has not yet been launched on-chain.

ChainCatcher news, the Web3 infrastructure and digital credential network Galxe has completed a token symbol and smart contract migration proposal, which includes a comprehensive modification of the existing token smart contract. The token abbreviation will be upgraded from GAL to G, and the GAL tokens will be converted to G tokens at a ratio of 1:60, meaning the total supply of G tokens will be changed to 12 billion tokens, which is 60 times the current total supply of 200 million GAL tokens. The community will subsequently design and implement a roadmap to detail the phased implementation of the token symbol change and smart contract upgrade.

ChainCatcher message, the Galxe community has initiated a proposal vote for changing the token symbol and migrating the token contract, which will end on April 27. The current support rate is 99.59%. The proposal states that the plan includes a series of technical improvements, coordination with strategic members of the ecosystem, and planning to ensure a smooth transition process. Key aspects include modifications to the codebase, adjustments to the branding, and communication strategies targeting different stakeholder groups. To strengthen the brand image and increase community engagement, the original token symbol GAL needs to be changed to G, and the existing GAL token smart contract needs to be upgraded. The GAL tokens will be exchanged for G tokens at a ratio of 1:60.

ChainCatcher news, according to Scopescan monitoring, Starknet has confirmed that the airdrop snapshot has been taken. The STRK token contract was deployed 379 days ago, with a total supply of 10 billion tokens, and the total number of holders is currently 429.

ChainCatcher news, Circle announced in a post on its social media that it has launched a cross-chain USDC standard, which is a new solution to expand the use of USDC and reduce fragmentation. Currently, EVM chains can deploy cross-chain USDC token contracts, and Circle can choose to seamlessly upgrade to native issuance in the future.

ChainCatcher news, according to Lookonchain monitoring, the Poloniex hacker copied and pasted the wrong address, transferring 10.5 million GLM (worth about 2.5 million USD) to the token contract address.

ChainCatcher news, regarding the "potential 'fake recharge' risk of the LDO Token contract," Lido Finance stated that although hackers allegedly exploited known security vulnerabilities in the LDO token contract, both LDO and stETH tokens remain secure. Lido did not confirm any vulnerabilities but acknowledged that security issues are known.According to ChainCatcher's news yesterday, based on on-chain intelligence from the Slow Mist security team, there is a potential "fake recharge" risk in the LDO Token contract, and malicious attackers may attempt to exploit this feature for fraudulent activities.

ChainCatcher news, according to the on-chain intelligence from the Slow Mist security team, the LDO token contract does not trigger a transaction rollback when the transfer amount exceeds the actual amount held by the user. Instead, it directly returns a false as the processing result. This handling method is different from many common ERC20 standard token contracts.Due to the above characteristics, there is a potential risk of "false recharges." Malicious attackers may attempt to exploit this feature for fraudulent activities. Slow Mist recommends the following:When processing the logic of token deposits, do not rely solely on the success or failure of the transaction, but also make judgments based on the actual return value of the token contract.Please note that there are many non-ERC20 standard token contracts in the market. Before integrating a new token, it is essential to have a deep understanding and analysis of its contract code to ensure the correct deposit logic is implemented.It is recommended to conduct regular code audits and security checks to ensure the robustness and security of the system.The implementation and behavior of token contracts may vary by project. To ensure the safety of funds and the accuracy of transactions, it is strongly advised to thoroughly understand the contract logic and conduct sufficient testing before integrating any new token.