子棋(重生版)|Jul 12, 2026 07:50
The Gate 1.7 million U theft incident, I have compiled the currently confirmed information, disputes between both parties, and truly alarming issues into a thread.
(1) The most debatable aspect of this matter is not whether it should be compensated or not.
But rather:
Why can an account that has enabled phone verification, email verification, Google verification, fund password, and facial recognition still have its security reset and have about $1.7 million withdrawn within a few days?
As of now, this matter has not been finalized.
The user claimed that their account was taken over by hackers, and all operations were not authorized by them; Gate indicates that there are no systemic vulnerabilities, and backend records show that security modifications and withdrawals have undergone multiple verifications.
(2) Let's first take a look at the timeline released by Gate:
On July 4th, the new device applied to reset its phone and email, and completed live face, SMS, and email verification;
On July 5th, once again passed facial verification and submitted the historical transaction records for 2019, unbinding the phone number;
On July 6th, reset Google Authenticator, change login password and fund password;
On July 7th, after logging in through historical devices and completing multiple verifications, approximately 49.96 ETH, 746475 HSKs, and 1.566 million USDT were withdrawn in 5 transactions;
On July 8th, users reported asset loss to the platform.
(3) The core viewpoint of Gate is:
Every step has verification records, so this is not a breach of the exchange system, but rather an issue on the account side.
The core rebuttal from users is:
I did not submit unbinding materials, did not perform facial verification, did not proactively modify security settings, and my phone, email, Google verification, and access key were all protected.
That is to say, the real dispute between the two sides is not whether the money has been taken away.
But rather:
Did I actually complete those seemingly legitimate verifications?
(4) The most popular claim online now is that hackers used leaked KYC data and AI deepfakes to bypass live face recognition.
This possibility cannot be ruled out.
But it must be made clear:
At present, public information is not sufficient to prove that facial recognition has been hacked by AI.
Who submitted the facial verification video?
Has the original video undergone anti-counterfeiting?
The equipment used at that time IP、 What are the geographic location, camera parameters, and behavioral characteristics?
Is there any remote control, device takeover, email hijacking, or customer service social worker attack?
These key pieces of evidence have not been fully disclosed yet.
So now it is not rigorous to directly classify it as' facial recognition being compromised '.
But this incident at least proves one thing:
Facial recognition can no longer be considered as the ultimate credible evidence.
(5) The real problem is not that one validation fails.
But instead, the entire risk control logic has encountered a single point of cascading risk.
New device login.
Unbind the phone number.
Reset Google verification.
Change login password.
Change the fund password.
Add an unverified address.
Large withdrawal.
These operations can be explained separately.
But when connected together, it is a typical account takeover path.
For an account with $1.7 million in assets, should the platform trigger such a series of high-risk operations
24 to 72 hour cooling off period?
Manual video review?
Confirm the original binding device?
Urgent freeze?
Large withdrawal delay?
If not, even if each step is' validated ', overall risk control may still fail.
(6) How should responsibilities be divided?
It cannot be simply said that 'if users do not keep it properly, the platform is not responsible'.
It is also not possible to directly assume "full responsibility of the exchange" when there is insufficient evidence.
A reasonable division of responsibilities should consider at least three things:
Firstly, whether the user's email, device, or credentials have been compromised;
Secondly, whether attackers use forged data, AI faces, or social engineering to bypass platform verification;
Thirdly, whether the platform has fulfilled its risk control obligations that match the account size after consecutive high-risk operations.
Verified as successful does not mean that risk control has fulfilled its responsibilities.
This is the most crucial aspect of this matter.
(7) The most appropriate way to handle Gate in the future should not just be to send a timeline and emphasize that 'the system has no issues'.
And should:
Publicly disclose the investigation conclusions involving independent security agencies;
Preserving original facial videos, device fingerprints IP、 Customer service records and operation logs;
Immediately track and assist in freezing the address involved in the case;
Explain why high net worth accounts can still quickly complete large withdrawals after continuously resetting security items;
Provide a temporary disposal plan before the responsibility is finally determined.
There are reports that Gate is working with a third party to promote asset freezing and subsequent processing, but the complete investigation conclusion has not yet been made public.
(8) This also raises an old question again:
Is it safe to keep money on a centralized exchange?
The answer is not simply safe or unsafe.
The advantages of centralized exchanges are liquidity, trading efficiency, and recovery mechanisms.
But the cost is:
Your asset control ultimately depends on the platform account system, customer service processes, and risk control models.
The risk of self custody is the loss of private keys.
The risk of centralized custody is that the account is taken over or the platform mistakenly identifies the attacker as you.
Both are not zero risk.
The only difference is who holds the risk.
(9) The most practical lesson for ordinary users is not to immediately withdraw all funds.
But rather:
Do not put long-term assets, trading funds, and reserve funds in the same account;
Use hardware keys and independent email addresses as much as possible for large assets;
Close unnecessary unverified withdrawals;
Regularly check login devices and security measures;
If you can set a withdrawal whitelist and a cooling off period, open them all;
Centralized exchanges only release the money that needs to be traded.
Exchanges should be trading venues and should not automatically become your long-term safe.
(10) Who is ultimately responsible for this matter depends on the evidence.
But it has already opened up a bigger problem:
In the past, we believed in passwords.
Later, I believed in text messages.
Later on, trust Google verification.
Now I start to believe in human faces.
The most dangerous change in the AI era is:
The 'you' seen by the system may not necessarily be you.
So the truly reliable security in the future will not be adding a verification, but even if one verification is breached, funds cannot be withdrawn. This is what exchanges should redesign.
Of course, for us users, it is not a problem to withdraw coins as soon as there is any movement on the platform. I heard that some people are unable to withdraw coins now, and I don't know what the situation is. I'm not afraid of ten thousand, but I'm afraid of what might happen
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink