January 2025 Web3 Security Incident Summary: Total Loss Approximately $98.19 Million

CN
链捕手
Follow
3 months ago

Author: SlowMist Security Team

Overview

In January 2025, the total loss from Web3 security incidents was approximately $98.19 million. According to the SlowMist Blockchain Hacked Archive (https://hacked.slowmist.io), there were a total of 40 hacking incidents, resulting in losses of about $87.94 million, with $1.47 million recovered. The causes of these incidents included contract vulnerabilities, account hacks, and private key leaks. Additionally, according to the Web3 anti-fraud platform Scam Sniffer, there were 9,220 victims of phishing incidents this month, with losses amounting to $10.25 million.

(https://dune.com/scam-sniffer/january-scam-sniffer-2025-scam-report)

Major Security Incidents

Phemex

On January 23, 2025, the hot wallet of Singapore-based cryptocurrency exchange Phemex was attacked, resulting in a loss of approximately $70 million. Phemex CEO Federico Variola stated on the X platform: "Hello everyone, we are investigating reports regarding a hot wallet. Please rest assured that the cold wallet is still safe and can be verified by anyone. We will provide more updates as soon as possible."

(https://x.com/MistTrackio/status/1882412516518789500)_

NoOnes

On January 1, 2025, the P2P trading platform NoOnes was attacked, with its hot wallet showing hundreds of suspicious outgoing transactions on Ethereum, Tron, Solana, and BSC, resulting in a loss of approximately $7.2 million. CEO Ray Youssef explained that the incident was due to the exploitation of its Solana bridge.

(https://x.com/raynoOnes/status/1882744360812306885)_

AdsPower

On January 24, 2025, AdsPower's security team discovered an intrusion incident where hackers spread malicious code that led to the tampering of some third-party browser extensions, resulting in over $4.7 million stolen. The SlowMist security team has intervened for analysis. If users have used AdsPower and installed extension wallets or manually updated extension wallets between January 21, 18:00 and January 24, 18:00 (UTC+8), their extension wallets on AdsPower may be backdoored (with mnemonic phrases/private keys at risk of being stolen). Users are advised to transfer relevant wallet assets as soon as possible.

(https://x.com/AdsPowerBrowser/status/1882983731419570220)

Moby

On January 8, 2025, attackers gained control of the private keys used to authorize Moby's core contract upgrades, compromising the protocol. This attack exposed 3.77 wBTC, 207.76 wETH, and 1,500,351.5 USDC in the sOLP and mOLP liquidity pools to risk. Moby, with the assistance of the Seal911 team, has recovered approximately 1.47 million USDC.

(https://medium.com/moby-trade/moby-post-mortem-report-growth-plan-504ad5b0dd35)

Orange Finance

On January 8, 2025, the liquidity management project Orange Finance, based on Arbitrum, was exploited due to a multi-signature configuration error, resulting in the theft of assets worth $830,000. The attacker gained ownership of each vault, modified their implementations, and extracted deposited assets as well as over-authorized funds. Approximately 94% of the total loss (about $780,000) came from deposited assets, while the remaining 6% (about $47,000) was due to over-authorization.

(https://mirror.xyz/0x6FA2aF9a4d6fFe654361F713780963C10412e7c3/gN17YMrLhKKg9YT9a391U74pWr9IhqBUDWUqDyDamjE)

Feature Analysis and Security Recommendations

Recently, there has been a surge in account theft incidents. According to the SlowMist Blockchain Hacked Archive, there were 21 account theft incidents in January, accounting for about half of the total incidents, with accounts related to political figures or political content being particularly prominent. Hackers or malicious actors use social media to promote meme coins, leveraging users' FOMO emotions to attract funds and then abscond with the money. For example, the X account @TrumpDailyPosts posted 4 tweets promoting meme coins, which were quickly deleted within minutes, resulting in a theft of approximately $1.25 million. Therefore, users are advised to remain vigilant, verify the source of information before purchasing tokens, and not to trust sudden announcements on social media, especially those involving meme coins related to political figures, well-known institutions, or celebrities, to avoid falling into scams.

Additionally, the SlowMist security team has noted that many recent requests for help from victims are related to the "fake Safeguard" scam on Telegram. The related malicious tactics and countermeasures can be found in New Tactics | Telegram Fake Safeguard Scam.

免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

注册返10%、领$600,前100名赠送PRO会员
链接:https://accounts.suitechsui.blue/zh-CN/register?ref=FRV6ZPAF&return_to=aHR0cHM6Ly93d3cuc3VpdGVjaHN1aS5hY2FkZW15L3poLUNOL2pvaW4_cmVmPUZSVjZaUEFG
Ad
Share To

Related Articles

avatar
avatarOdaily星球日报
27 minutes ago
The 15th Pizza Festival, Overview of the Bitcoin Ecosystem
avatar
avatarOdaily星球日报
1 hour ago
The Singularity 3.0 Conference was successfully held, marking another milestone in the expansion of the Endless Web3 Genesis Cloud Ecosystem.
avatar
avatar链捕手
3 hours ago
Why is it said that Memecoin is the decentralized engine of cultural activities in the era of digital intelligence?
avatar
avatarOdaily星球日报
3 hours ago
Stablecoins have weathered a decade of ups and downs, ultimately becoming the U.S. government's officially designated "peer-to-peer electronic cash."
avatar
avatar深潮TechFlow
4 hours ago
Huobi HTX joins hands with HTX DAO to celebrate Bitcoin Pizza Day, opening a new chapter in Web3 globalization consensus.
APP

X

Telegram

Facebook

Reddit

CopyLink