SlowMist founder Yu Xian posted on X platform that another user's CEX account was maliciously hacked, resulting in the theft of millions of dollars in assets. The team is currently analyzing and following up on the incident.
According to Yu Xian, there are many attack methods targeting the CEX web platform, such as the previous malicious extension that took away cookies, as well as clipboard attacks, form tampering, and request tampering. In addition to malicious extensions, reverse proxy phishing, Trojan viruses, and other methods are also feasible. The web platform has many vulnerabilities, so risk control strategies must be higher than those of the app platform.
All Comments