The monthly security incident highlights from Zero Time Technology have begun! According to statistics from various blockchain security risk monitoring platforms, losses due to vulnerabilities, hackers, and scams in January 2025 amounted to approximately $98 million, with 28 cryptocurrency hacking incidents reported, of which about $8 million was attributed to phishing. However, this represents a 44.6% decrease compared to the $133 million loss in January 2024, and a 56% decrease from the $23.58 million loss in December 2024.

Hacking Incidents

Typical Security Incidents: 7

(1) On January 8, users of Orange Finance (a DeFi protocol on Arbitrum) had over $800,000 stolen. The attacker was able to access the protocol's management keys and used these keys to execute malicious upgrades on the protocol's contracts, thereby stealing funds from all users who had valid token approvals for the protocol.

(2) On January 8, Moby experienced a private key leak that affected some LP assets in certain protocols. They stated that this was not a security issue related to the protocol's smart contracts, but rather that hackers attempted to steal funds by simply upgrading existing smart contracts using stolen proxy private keys. Ultimately, tonykebot conducted a successful white hat rescue operation, taking advantage of the lack of protection in the UUPS implementation, and returned 1.47 million USDC previously obtained by the Moby hacker to the project owner.

(3) On January 13, the Zero Time Technology security team monitored an attack on UniLend on the EVM chain, resulting in a loss of approximately $197,000. The cause of this vulnerability was that UniLend did not subtract the amount that should be transferred out during the redeem process when calculating the collateral amount, leading to an incorrect calculation where the collateral amount was higher than what the attacker actually possessed, allowing the exchange to succeed when it should not have. This ultimately led to the attacker draining the project's stETH tokens.

For detailed attack analysis, click this link:

Zero Time Technology || Unilend Attack Incident Analysis

(4) On January 15, the Zero Time Technology project team detected multiple attacks on the Ethereum-based project Sorra, resulting in a total loss of $41,000. The cause of this vulnerability was that the Sorra project team did not check whether users had already withdrawn their rewards when users withdrew, allowing users to repeatedly extract rewards through numerous operations. The attacker exploited this vulnerability to initiate multiple transactions, withdrawing all SOR Tokens from the Sorra project.

For detailed attack analysis, click this link:

Zero Time Technology || SorraStaking Attack Incident Analysis

(5) On January 21, Forta detected a vulnerability on TheIdolsNFT worth $324,000.

(6) On January 23, the hot wallet of Phemex, a cryptocurrency exchange based in Singapore, was attacked, resulting in a loss of approximately $70 million.

(7) On January 24, the Slow Mist security team monitored that due to ODOS's lack of input validation, this vulnerability had been exploited on multiple chains, resulting in a loss of approximately $100,000. ODOS tweeted that this attack exploited a vulnerability in its audited executor contract, stealing income stored in the contract, but did not affect any user funds.

Rug Pull / Phishing Scams

Typical Security Incidents: 10

(1) On January 2, a holder of $VIRTUAL lost all tokens worth approximately $196,396 due to a phishing transaction labeled "increase limit."

(2) On January 3, a holder of $RLB lost all tokens worth approximately $1 million due to a phishing signature for "Uniswap Permit2."

(3) On January 6, an address starting with 0x5167 lost $155,256 worth of EIGEN after signing a phishing transaction labeled "increase allowance."

(4) On January 7, an address starting with 0x8536 lost $103,020 worth of tokens after signing a phishing transaction for "Uniswap Permit2."

(5) On January 8, an address starting with 0x3402 lost $474,422 worth of $OLAS, $SEKOIA, $VIRTUAL, and $FJO after signing multiple phishing signatures.

(6) On January 14, an address starting with 0x00c0 lost $263,255 worth of $VIRTUAL after signing a phishing transaction.

(7) On January 17, an address starting with 0x80dc lost $426,106 worth of USUALUSDC+ after signing a phishing signature for "permit."

(8) On January 20, an address starting with 0x1e70 lost $135,068 worth of WETH after signing a phishing signature for "allow."

(9) On January 22, an address starting with 0x3149 lost $553,045 worth of $PAXG after signing a phishing transaction for "transfer."

(10) On January 29, an address starting with 0xeb2 lost $384,645 worth of $LINK after signing a phishing transaction for "increaseApproval."

Summary

In January, cryptocurrency phishing scams stole $10.25 million from 9,220 victims, a 56% decrease from the $23.58 million loss in December. However, criminals are continuously evolving and adopting more sophisticated attack methods.

The Zero Time Technology security team advises project teams to remain vigilant and reminds users to be cautious of phishing attacks. Users are encouraged to thoroughly understand the background and team of a project before participating and to carefully choose investment projects. Additionally, internal security training and permission management should be conducted, and professional security companies should be sought for audits and background investigations before launching projects.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。