Cyvers' artificial intelligence system has detected a suspicious transfer involving a non-active stakingProxy contract on Polygon. The value of the transfer is $613,000 and has been bridged to ETH and deposited into Tornado Cash.
Welcome Back
Click “Sign in” to agree to Cointime’s Terms of Service and acknowledge that Cointime’s Privacy Policy applies to you.
Join CoinTime
Already have an account?
Click “page.Sign up” to agree to Cointime’s <a class="underline" href="#term-of-service">Terms of Service</a> and acknowledge that Cointime’s a class="underline" href="#privacy-policy">Privacy Policy</a> applies to you.
Sign in with email
Sign up with email
Your email
Check your inbox
Click the link we sent to to sign in.
Click the link we sent to to sign up.
Cyvers: A suspicious transfer involving a stakingProxy contract on Polygon was discovered, and $613,000 was deposited into Tornado Cash
-
Wechat scan to share
Recommended for you
-
SlowMist: The hacker who stole 1,155 WBTC may be from Hong Kong
According to SlowMist analysis , the IP address associated with the theft of 1155 WBTC has been traced to Hong Kong (VPN use cannot be ruled out). Earlier reports indicated that a certain address was suspected to be a victim of phishing attacks and lost 1155 WBTC, worth 71 million USD. Subsequently, the fraudsters sold all 1155 WBTC and exchanged them for 22960 ETH, and used a large number of wallet addresses to send and launder the funds. -
CertiK: The group that stole 1,155 WBTC dispersed the exchanged ETH 8 hours ago
CertiK stated on social media that the system detected fund transfers from a fraudulent wallet, which can be traced back to a phishing incident on May 3rd where an address lost 1155 WBTC due to malicious address transactions. Starting from 8 hours ago, the scammer continuously split and dispersed the exchanged ETH from the initial address. Previously, the address that stole 1155 WBTC had exchanged the coins for 22960 ETH. -
Hundre Finance attackers have withdrawn 162.2 ETH worth of crypto assets from Curve
According to PeckShield monitoring, the attacker of Hundre Finance withdrew 784,000 3Crv from Curve and exchanged it for 273 ETH. In addition, they also exchanged 305.6 WOO, 39 PAXG, 200,000 FRAX, and 100,000 DAI, totaling 162.2 ETH. The attacker then bridged 1,034 ETH (2.17 million USD), 842.8K DAI, 1.11 million USDT, 1.27 million USDC, and 457.3 FRAX from Optimism to Ethereum. They also exchanged a total of 480,000 USDC for 142.6 WETH, 306 WOO, and 39 PAXG. They also exchanged 1.11 million USDT for 500.3 thousand USD worth of DAI and 613.8 thousand USD worth of FRAX. Additionally, on April 15, 2023, approximately 786,000 USD worth of USDC was added to Curve3Pool. -
GNUS on Fantom was attacked, with a loss of about $1.27 million
According to Beosin's monitoring, GNUS on Fantom was attacked, resulting in a loss of approximately $1.27 million. GNUS stated on the X platform that due to recent vulnerabilities, hackers were able to mint fake GNUS tokens on Fantom, transfer them to Ethereum and Polygon through the Axelar Bridge, and sell them to existing liquidity pools. We will take a snapshot of the blocks before the exploit. To ensure fairness, please do not purchase GNUS tokens after the exploit, as we will issue new tokens. -
SlowMist: The total loss from security incidents last week (April 28-May 4, 2024) exceeded US$71.4 million
According to the weekly security report (April 28 - May 4, 2024) released by SlowMist, the total loss this week exceeded $71,399,000. An incident this week resulted in losses rising from the nine-digit range to the astonishing ten-digit range. Surprisingly, this was not due to complex technical flaws or sophisticated phishing scams, but a simple error that could have been easily avoided by implementing a whitelist. Multiple security incidents include: -
In April, Polygon’s on-chain NFT sales exceeded US$50 million, setting the second highest record of the year
According to Cryptoslam data, the NFT sales on Polygon chain in April exceeded 50 million US dollars, reaching 51,539,690.69 US dollars, setting the second highest monthly sales record in 2024, second only to January's sales of 112 million US dollars this year. In addition, the NFT trading volume on Polygon chain in April increased significantly to 1.5 million transactions, with nearly 90,000 independent sellers and over 33,000 independent buyers. -
BONKKILLER is a Pixiu scam, and has withdrawn more than 3,000 SOL liquidity
SolanaFloor disclosed on X platform that Meme coin BONKKILLER on Solana chain is a honeypot scam, and after freezing the token sales of users, the project party has withdrawn liquidity of over 3000 SOL. -
SlowMist: The total loss from security incidents last week (April 22-April 28) exceeded US$2.15 million
According to the weekly security report (April 22-28, 2024) released by SlowMist, there were multiple security incidents this week. Although the overall losses were not severe, the total loss this week exceeded $2,155,127. The multiple security incidents include: -
Shenyu: Up to one billion users' cloud input methods may have leaked input content. Please take immediate measures to reduce the risk.
On April 29th, Cobo co-founder and CEO Shen Yu wrote on X platform that the cloud input method used by up to one billion users may have leaked input content. If you have entered mnemonic words or other sensitive information through any of the following cloud input methods, please take immediate measures to reduce the risk. -
SlowMist: Beware of watering hole attacks launched by malicious attackers using WordPress plugin vulnerabilities
SlowMist Security has issued a warning that attackers have recently been exploiting vulnerabilities in WordPress plugins to inject malicious JS code into normal websites and launch watering hole attacks. These attacks involve popping up malicious windows when users visit the site, deceiving them into executing malicious code or performing Web3 wallet signatures, thereby stealing their assets. It is recommended that sites using WordPress plugins check for vulnerabilities, update plugins in a timely manner, and avoid being attacked. When visiting any website, users should carefully identify the downloaded programs and Web3 signature content to avoid downloading malicious programs or having their assets stolen due to malicious signatures.
Daily Must-Read
-
What are tokenized commodities?
-
Bitcoin opens $63K futures gap as thin liquidity threatens BTC price
-
More than half of the Fortune 100 uses Apple’s Vision Pro headset
-
US Court to hear proposed remedies from Terraform Labs, Do Kwon in May
-
Bitcoin’s ‘euphoria phase’ cools, but a BTC bottom could be near — Glassnode
-
BlackRock's BUIDL becomes the world’s largest tokenized treasury fund
All Comments