Security Incidents

Key Takeaways: Resolv burned and put about 46 million USR (57%) of illegal supply to its blacklist There is no hacker-related wallet which can transfer or swap USR One of the measures is to upgrade contracts with coordination efforts to restrict impacts of the exploitation After the recent

The crypto space is once again debating control and transparency after blockchain investigator ZachXBT revealed a fresh update involving Circle. The company has now unfrozen two USDC wallets tied to 500 Casino and a user known as “Whale.” Together, the wallets held more than $330,000. This move

The UK High Court recently heard a case involving the theft of Bitcoin, where the plaintiff Ping Fai Yuen accused his estranged wife Fun Yung Li of secretly filming him to steal Bitcoin from his hardware wallet, worth approximately $176 million. Audio recordings and search warrant evidence support the plaintiff's claims, and the court upheld the asset freeze order, but dismissed part of the claims. The judge believes the plaintiff has a very high chance of winning and recommends that the case be heard as soon as possible.

The recently launched "Food Saver Hunter" app has raised concerns due to security issues, with user GPS data leaking and questionable API authorization. Additionally, Amazon has encountered system failures and financial losses, highlighting the risks of over-reliance on AI for programming. Experts are calling for stronger human oversight to ensure safety and accuracy.

Rumors surrounding the "secret XRP contract" spread rapidly in 2026, with Ripple's Chief Technology Officer David Schwartz publicly denying it, emphasizing that no pre-allocation agreement had ever been confirmed. This incident originated from misleading posts on social media, drawing market attention and highlighting issues in the dissemination of cryptocurrency information, reminding investors to verify sources when confronted with sensitive news.

Vietnamese police have cracked a massive cryptocurrency fraud case, arresting businessman Eric Vuong and six accomplices, with the amount involved reaching several billion dollars. The gang sold counterfeit coins to users through the fake platform ONUS, and police have summoned over 140 people for investigation.

GoPlus issued an alert, stating that the Anthropic Claude Chrome extension has a critical Prompt Injection vulnerability, affecting more than 3 million users. Attackers can steal Google Drive files and Gmail access permissions without any user action. The vulnerability has been fixed. Users need to check the extension version and ensure it is updated to 1.0.41 or higher to ensure security.

GoPlus Security Agency warns that the Anthropic Claude Chrome extension has a high-risk prompt injection vulnerability, affecting versions below 1.0.41. Attackers can exploit this vulnerability to hijack user sessions and steal data. Users should update the extension immediately and remain vigilant.

On March 27, GoPlus cited a Koi report stating that Anthropic's Claude Chrome extension has a critical prompt injection vulnerability, affecting all versions below 1.0.41. Users are advised to update to version 1.0.41 or higher immediately and to be cautious of phishing links. Attackers could exploit this to hijack the extension and carry out data theft.

Gate News reports that on March 27, according to BlockSec monitoring, a suspicious transaction targeting an unknown contract (Stake) occurred on the BSC chain, resulting in a loss of approximately $133,000. The root cause was an exploitable dependence on spot prices in the Stake contract.

An Israeli reservist was charged with leaking Iron Dome system secrets related to Iran and assisting the enemy during wartime, facing life imprisonment or the death penalty. Investigations revealed that this individual received cryptocurrency via Telegram and provided sensitive information. Similar incidents have occurred in Taiwan, where the Chinese Communist Party has used cryptocurrencies to infiltrate the military, posing challenges to national security. Countries need to strengthen the protection of military secrets.

On-chain detective ZachXBT revealed that Circle has unfrozen two frozen hot wallets, "500 Casino" and "Whale," which users were previously unable to withdraw from. The details of the case are still unclear, and Circle has not objected to the information.

_Moonwell faces $1M risk after attacker buys cheap tokens and submits malicious vote proposal to gain control of DeFi lending protocol contracts._ A decentralized finance platform called Moonwell is facing a serious security threat after a very cheap attack. The incident was a surprise to the

Resolv Labs strongly advises against trading or acquiring USR, as illegally minted USR has been mixed with legitimate USR, posing trading risks. An recovery plan for affected holders is currently under evaluation, but the effectiveness of any remedial measures cannot be guaranteed. Continuing to trade may complicate the asset recovery process.

Gate News reports that on March 26, Co-founder Yu Xian of SlowMist stated that a certain CEX has taken down the page that required users to input their plaintext seed phrases. He pointed out that the security model for online web pages is very weak, much lower than that of extensions and apps; collecting plaintext seed phrases through online web pages is easy for phishing sites to imitate and has long been a common phishing tactic.

DeFi lending protocol Moonwell has experienced a governance attack. The attacker purchased approximately 40 million MFAM tokens for $1,800 and attempted to transfer admin rights of core contracts such as the lending market through a proposal to extract user funds. Voting is currently underway, with opposition votes leading, but the outcome has not yet been decided.

On March 26, DeFi lending protocol Moonwell was subjected to a governance attack. The attacker used about $1,800 to purchase 40 million MFAM tokens and pushed a malicious proposal, putting over $1 million of user funds at risk. The proposal transferred control to the attacker's contract, affecting multiple lending markets.

U.S. prosecutors have indicted Chinese companies and nationals for supplying fentanyl precursors and facilitating payments via cryptocurrency. The case, linked to global networks and targeting international smuggling, highlights the role of stablecoin flows in the drug trade.

Hong Kong police are investigating the JPEX virtual asset trading platform scam. Since September 2023, they have arrested 80 people, frozen assets worth approximately HKD 228 million, and over 2,700 victims are involved with a total amount of HKD 1.6 billion. Authorities are searching for the mastermind and accomplices.

GoPlus Security warns that OpenClaw's ClawHub has a serious vulnerability, allowing attackers to bypass protection mechanisms to increase skill downloads and then trick users into installing malicious code. The vulnerability has been fixed. It is recommended to use AgentGuard for security protection.