Crypto

As a flagship platform under the HKMA’s Fintech 2025 strategy, FiNETech aims to capture the immense growth potential across fintech business areas and technologies. It connects financial institutions with a rapidly expanding network of local fintech solutions to empower the broader financial services industry. As a global leader in blockchain threat intelligence, SlowMist was invited…

In May 2023, the platform launched the DGCX Xinkangjia Big Data Exchange, claiming to be “the official sub-station of the Dubai Gold and Commodities Exchange (DGCX) in China,” and declared partnerships with multiple state-owned enterprises such as PetroChina and COSCO Shipping. The platform used forged contracts, official letters, website screenshots, and other materials to back…

https://x.com/SlowMist_Team/status/1942949653231841352 Key Information Attacker Address:https://arbiscan.io/address/0xdf3340a436c27655ba62f8281565c9925c3a5221 Attack Contract:https://arbiscan.io/address/0x7d3bd50336f64b7a473c51f54e7f0bd6771cc355 Vulnerable Contract:https://arbiscan.io/address/0x3963ffc9dff443c2a94f21b129d429891e32ec18 Attack Transaction: https://arbiscan.io/tx/0x03182d3f0956a91c4e4c8f225bbc7975f9434fab042228c7acdc5ec9a32626ef Root Cause The attack was caused by two fundamental design flaws in GMX v1: when the attacker created short positions, they did so by reentrantly invoking the increasePosition function, which bypassed the update of the globalShortAveragePrices in the ShortsTracker. However, when the Keeper later…

https://home.treasury.gov/news/press-releases/sb0185 The sanctions target not only Aeza Group, but also its UK-based front company Aeza International Ltd., two Russian subsidiaries (Aeza Logistic LLC and Cloud Solutions LLC), four key executives (CEO Arsenii Penzev, Director Yurii Bozoyan, CTO Vladimir Gast, and Administrator Igor Knyazev), as well as one cryptocurrency wallet address (TU4tDFRvcKhAZ1jdihojmBWZqvJhQCnJ4F). “Cybercriminals continue to rely…

https://www.binance.com/en/blog/security/binance-physical-security-team-on-how-to-avoid-the-threat-of-reallife-attacks-634293446955246772 What Is a Wrench Attack? “You can have top-notch technical protection, but an attacker only needs a $5 wrench to beat you up until you hand over the password.” This vivid concept of the “$5 wrench attack” comes from a comic by XKCD. It refers to situations where attackers bypass technical security entirely and instead…

This is a Node.js-based project. We began by analyzing its dependencies and discovered that it referenced a third-party package called crypto-layout-utils. Upon further inspection, we found that this package had already been removed from the official NPM registry. Moreover, the version specified in the package.json file did not appear in NPM’s historical records. Our initial…

(https://hacked.slowmist.io/) By Ecosystem Ethereum remains the hardest-hit ecosystem, with ~$38.59 million in losses. Solana followed with ~$5.8 million, then BSC with ~$5.49 million. 2. By Project Type DeFi was the most frequently targeted category, with 92 incidents (76.03% of the total) and ~$470 million in losses. Compared to H1 2024 (158 incidents, ~$659 million), losses dropped by 28.67%. Exchanges…

Investor sentiment in the US digital asset market is shifting, with Ethereum exchange-traded funds (ETFs) attracting fresh inflows while Bitcoin-based products face outflows. According to data from SoSo Value, US-listed Ethereum ETFs saw a combined inflow of $296.5 million on July 21, marking one of the asset class’s strongest single-day performances. Fidelity’s FETH led the…