Gate News message, April 29 — A user suffered a loss of approximately $1 million in yvWETH, an Alchemix Yearn Vault position, after authorizing an unverified contract earlier, according to PeckShield monitoring.
The unverified contract was created 10 days ago and contains a vulnerability that can be exploited to execute arbitrary calls, enabling attackers to drain authorized token balances.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Slow Mist Detects EIP-7702 Exploit: QNT Reserve Pool Loses 1,988.5 QNT (~$54.93M in ETH)
Gate News message, April 29 — Slow Mist detected a malicious transaction exploiting a vulnerability in an EIP-7702 account, resulting in the loss of 1,988.5 QNT (approximately 54.93 ETH) from a QNT reserve pool.
The vulnerability stemmed from a structural flaw in the reserve pool's access
GateNews19m ago
CertiK report: $900 million in AML fines; SEC crypto enforcement down 97% year over year
According to a report published by blockchain security audit firm CertiK on April 28, anti-money laundering (AML) enforcement has replaced securities violation findings and become the top regulatory threat facing crypto companies. The report shows that the U.S. Department of Justice and the Financial Crimes Enforcement Network (FinCEN) issued a total of $900 million in AML-related fines in the first half of 2025; in the same period, the U.S. Securities and Exchange Commission (SEC) saw crypto-asset penalties fall 97% year over year.
MarketWhisper26m ago
India I4C issues alert: surge in fake verification link phishing scams involving Trust Wallet
According to an official alert issued on April 28 by India’s Internet Crime Coordination Center (I4C), cases of “wallet-draining” scams targeting Trust Wallet users have continued to increase. Attackers lure users into granting wallet permissions to malicious smart contracts by impersonating “cryptocurrency verification” steps, after which the funds are immediately transferred out via automated scripts. I4C said that the upward trend in the number of these scams is driven by a surge in the number of complaints received by the national cybercrime reporting portal.
MarketWhisper52m ago
Hong Kong Monetary Authority Warns: HKDAP and HSBC Token Are Unlicensed Stablecoin Issuers
The Hong Kong Monetary Authority (HKMA) issued an official announcement on April 28, stating that tokens using “HKDAP” or “HSBC” as codes have appeared in the market. These tokens are not issued by a licensed stablecoin issuer, nor are they associated with the relevant licensed issuer(s). According to the HKMA announcement on the same day, the two licensed stablecoin issuers—Ding Dian Financial Technology Limited and The Hongkong and Shanghai Banking Corporation Limited—have both stated that they have not issued any regulated stablecoins.
MarketWhisper1h ago
Polymarket Data Breach Exposes Over 300K Records, Threat Actor Releases Exploit Tools
Gate News message, April 29 — Decentralized prediction market platform Polymarket appears to have suffered a data breach, with threat actor xorcat releasing over 300,000 data records and accompanying exploit tools on a known cybercriminal forum. According to reports, attackers exploited undisclosed
GateNews2h ago
Believe Founder Ben Pasternak Accused of Extracting $54M in Fees Through Launchcoin Migration
Gate News message, April 29 — A class-action lawsuit alleges that Believe founder Ben Pasternak extracted $54 million in fees through a Launchcoin migration process, according to ChainCatcher. The suit claims the migration included a two-week window period that resulted in token holder dilution,
GateNews2h ago
