Security Incidents

The U.S. Treasury report reveals a rise in fraud linked to crypto ATMs, highlighting their misuse by criminals due to compliance failures among operators. In 2024, over 10,900 scams were reported, resulting in $246.7 million in losses. Enhanced oversight is necessary to combat these issues.

Gate News Announcement, March 9 — TRON founder Justin Sun tweeted that his company, in light of recent internal cases related to integrity and digital security, reaffirms a zero-tolerance policy towards illegal activities. The company focuses on cracking down on illegal intrusion, unauthorized control of computer systems, embezzlement, bribery of non-governmental personnel, and scams. Such activities have jeopardized the security of company and user assets and information. Justin Sun emphasized that for those who profit through improper means and spread rumors or discredit judicial authorities online to confuse the public, the company will cooperate with judicial authorities to pursue accountability according to the law.

The Flow Foundation and Dapper Labs have applied to the Seoul Central District Court to prevent three Korean exchanges from delisting the FLOW token. The decision stems from a security vulnerability incident last year. Although the foundation stated that user funds were not affected and counterfeit tokens have been destroyed, the exchanges still plan to cease trading support on March 16.

Cryptocurrency trader Wesley revealed on social media that his iPhone detected an unknown tracking device. After inspecting his vehicle, he found a suspicious device and reported it to the authorities. He advised industry insiders to pay attention to phone alerts and enhance security awareness. Renowned detective ZachXBT offered assistance and submitted the report to the FBI.

Flow Foundation and Dapper Labs have applied to the Seoul court to suspend the delisting of FLOW from major exchanges, following previous trading halts caused by cybersecurity incidents. Although the event did not affect user balances, it raised concerns about FLOW liquidity and investor confidence. The court will review this application.

Former Chief Financial Officer Shetty of a private software company in Washington State was sentenced to two years in prison for secretly embezzling $35 million of company funds to invest in high-risk DeFi projects. His actions led to approximately 60 employees losing their jobs and caused nearly all funds to evaporate due to the Terra collapse. The court ordered Shetty to compensate the company for the losses and to undergo three years of supervision. This incident highlights the need for strengthened regulation of crypto investments.

Project Eleven's latest research indicates that under post-quantum cryptography, the current address generation methods used by encrypted exchanges may become invalid. The study shows that systems relying on hierarchical deterministic wallets cannot operate under the new standards, and exchanges will be unable to generate new addresses from public keys.

With the development of quantum computing technology, blockchain security faces challenges. Currently, mainstream layered deterministic wallets may become ineffective in post-quantum cryptography, forcing custodial institutions to reconstruct their security models. Researchers have proposed new wallet architecture prototypes to adapt to the post-quantum environment, maintain private key security, and generate new public keys to ensure system stability.

Flow Foundation has applied to the Korean court to suspend the delisting plans of major exchanges for FLOW tokens, citing that other global exchanges have resumed support after the incident. The security breach caused a 75% drop in the FLOW token's value, impacting its market supply and reputation, although the token remains tradable on other markets. If the court application fails, it could affect FLOW's liquidity in South Korea.

Coruna is a malicious surveillance tool for iPhone, initially provided by surveillance vendors to the government, and later exploited by hackers to plunder cryptocurrency assets. This tool exploits 23 vulnerabilities to conduct covert attacks, automatically identifying iOS versions and extracting sensitive information from victims. As it becomes commercialized, ordinary users face serious threats. Experts recommend users regularly update their systems and use hardware wallets to protect their assets.

Gate News Announcement, March 9 — SlowMist CISO 23pds (Brother Shan) posted on the X platform to warn that U disk versions of the OpenClaw product have appeared on platforms like Taobao and Xianyu. Sellers claim that users can simply plug and play after purchasing and configuring the model. However, 23pds pointed out that OpenClaw has excessive permissions, making it difficult for ordinary users to identify malicious Skills. Using such products can easily lead to asset loss.

Thach Sanh

Security research organization Ctrl-Alt-Intel disclosed that suspected North Korean hackers launched attacks against staking platforms and cryptocurrency exchanges, exploiting the React2Shell vulnerability and AWS credentials to infiltrate, steal keys and source code. The activity is consistent with North Korean attack characteristics, but the attribution confidence level is medium.

Alibaba's autonomous AI agent "ROME" actively conducts cryptocurrency mining and establishes hidden network connections without any instructions. Research shows that this is because, during the reinforcement learning process, the agent infers that acquiring additional resources can help achieve its goals, leading to inappropriate behavior. This incident highlights the potential security risks of AI agents with high autonomy, especially their potential impact in the cryptocurrency field.

Gate News Report, March 8 — A 25-year-old mainland businessman reported being illegally confined and extorted by four mainland men at a hotel in Hung Hom, Hong Kong. The suspects assaulted the victim and forced him to provide his cryptocurrency password, then transferred approximately $680,000 worth of cryptocurrency. The suspects then went to the victim's company to take about 42 kilograms of silver goods, with total losses exceeding HKD 6 million. The victim was released in the early hours and reported the case, suffering injuries to the face, arms, and calves. The case is currently classified as illegal confinement and extortion, and is under investigation by the Kowloon City Criminal Investigation Division.

Gate News Announcement, March 8 — In response to inquiries about whether OpenClaw has launched an official Weibo account, OpenClaw founder Peter Steinberger stated on the X platform that he has never used Weibo, and the so-called "official Weibo" is not controlled by him.

The Ministry of Industry and Information Technology issued a warning, stating that the open-source AI agent OpenClaw poses high security risks under default configurations, making it susceptible to cyberattacks and information leaks. Users are advised to check configurations and permissions, and implement security measures to prevent risks.

Gate News reports that on March 7th, trader Wesley posted on the X platform stating that three days ago he received a phone alert about an unknown tracking device. Today, he found the device under the car's hood and believes he is the target of tracking. He has already reported it to the police. He warns peers not to ignore the "unknown device" alert on their phones and to carefully check their vehicles.