CertiK stated on social media that the system detected fund transfers from a fraudulent wallet, which can be traced back to a phishing incident on May 3rd where an address lost 1155 WBTC due to malicious address transactions. Starting from 8 hours ago, the scammer continuously split and dispersed the exchanged ETH from the initial address. Previously, the address that stole 1155 WBTC had exchanged the coins for 22960 ETH.

According to community feedback, the AILayer (formerly known as AINNLayer2) Bitcoin L2 network compatible with EVM has had its official X account avatar, introduction, and posts cleared, and the project is suspected of rug pulling. Prior to this, it announced the completion of a new round of financing, with MHVentures participating, but the specific amount was not disclosed.

Kronos Research attacker's address has transferred 200 ETH to Tornado Cash and approximately 1,314 ETH (worth about $4 million) to a new address 0x164A...D5c4, and has started money laundering through Tornado Cash. Kronos Research was attacked by hackers in mid-November last year, resulting in a loss of $26 million.

23pds, the Chief Information Security Officer (CISO) of SlowMist, posted on the X platform that Mac users should be wary of a new malicious software called Cuckoo. This malware targets Macs with Intel and ARM-based chips, stealing data from encrypted wallets and messaging apps and spreading it through music streaming channels.

According to PeckShield monitoring, the attacker of Hundre Finance withdrew 784,000 3Crv from Curve and exchanged it for 273 ETH. In addition, they also exchanged 305.6 WOO, 39 PAXG, 200,000 FRAX, and 100,000 DAI, totaling 162.2 ETH. The attacker then bridged 1,034 ETH (2.17 million USD), 842.8K DAI, 1.11 million USDT, 1.27 million USDC, and 457.3 FRAX from Optimism to Ethereum. They also exchanged a total of 480,000 USDC for 142.6 WETH, 306 WOO, and 39 PAXG. They also exchanged 1.11 million USDT for 500.3 thousand USD worth of DAI and 613.8 thousand USD worth of FRAX. Additionally, on April 15, 2023, approximately 786,000 USD worth of USDC was added to Curve3Pool.

According to Beosin's monitoring, GNUS on Fantom was attacked, resulting in a loss of approximately $1.27 million. GNUS stated on the X platform that due to recent vulnerabilities, hackers were able to mint fake GNUS tokens on Fantom, transfer them to Ethereum and Polygon through the Axelar Bridge, and sell them to existing liquidity pools. We will take a snapshot of the blocks before the exploit. To ensure fairness, please do not purchase GNUS tokens after the exploit, as we will issue new tokens.

According to the weekly security report (April 28 - May 4, 2024) released by SlowMist, the total loss this week exceeded $71,399,000. An incident this week resulted in losses rising from the nine-digit range to the astonishing ten-digit range. Surprisingly, this was not due to complex technical flaws or sophisticated phishing scams, but a simple error that could have been easily avoided by implementing a whitelist. Multiple security incidents include:

1. Bitfinex data leak controversy: On May 4, it was reported that Bitfinex had suffered a data leak, allegedly containing information from 400,000 customers. However, Bitfinex CTO Paolo Ardoino refuted this claim, stating that the leaked data did not match Bitfinex's database and that no leaks were found after thorough analysis.

2. Whale address poisoned attack: On May 3, a whale suffered a poisoned address attack, resulting in a huge loss of 1155 WBTC, worth about $70 million.

3. Suspected "carpet bombing" attack on NOVAMIND_(NMD): On May 2, NOVAMIND_(NMD) on the Ethereum network was accused of a "carpet bombing" attack, with about 41 ETH (about $123,000) transferred to a multi-signature, and the token price plummeted by about 97%.

4. Pike Finance vulnerability continues: On April 30, Pike Finance suffered another security vulnerability, losing 99,970.48 ARB, 64,126 OP, and 479.39 ETH. Weak security measures in the Pike contract led to the vulnerability being exploited.

5. Dune's Twitter account was hacked: Blockchain data analysis platform Dune experienced a security incident on April 30, with its Twitter account hacked. A false post about a Dune airdrop circulated for about 15 minutes before the team regained control of the account.

6. Yield Protocol's Arbitrum contract was exploited: A hacker exploited a vulnerability in Yield Protocol's strategic contract on the Arbitrum blockchain, resulting in the theft of approximately $181,000 worth of encrypted assets. The vulnerability involved the difference between pool token balances and total supply, resulting in the extraction of additional pool tokens.

7. Ember Sword NFT auction exploited again: The vulnerability in the unverified Ember Sword NFT auction surfaced again, allowing 60 WETH, equivalent to about $195,000, to be extracted from 159 victims who approved the contract.

On May 5th, according to security firm Scam Sniffer, attackers are using legitimate contracts such as Uniswap V3's Multicall to bypass wallet security alerts and carry out phishing attacks. Five days ago, a victim lost 85 Lido ETH due to this strategy.

Federal Bureau of Investigation (FBI) and the New York court recently arrested and charged Idin Dalpour with fraudulent activities, including providing fraudulent investment opportunities in the following areas: a Las Vegas hotel enterprise and a cryptocurrency trading enterprise. It is said that Dalpour attracted unsuspecting investors with promises of huge returns, which was just a cover-up for a large-scale Ponzi scheme. As part of the cryptocurrency trading plan, he claimed to have purchased large quantities of cryptocurrency and sold them to retail investors for profit.

A residential unit in King Albert Park, Singapore was robbed by at least four men. The victims, suspected to be involved in a Chinese cryptocurrency gambling den, were between 25 and 45 years old. They had various valuables stolen, including Singapore and foreign currency, cryptocurrencies, and luxury watches, with a total value of approximately 4.34 million yuan. It is reported that with the cooperation of the Royal Malaysian Police, two men aged 28 and 32 involved in the case were arrested in Malaysia on April 27 and 28. The two suspects were extradited back to Singapore on April 30.