吴说获悉，CertiK 发布的 2025 年 Web3 安全报告显示，2025 年因黑客攻击、诈骗和漏洞造成的损失约 33.5 亿美元，高于 2024 年（约 24.46 亿美元）；但若剔除单笔规模巨大的 Bybit 事件（约 14.47 亿美 元），整体被盗资金规模低于上一年，呈现"事件数量减少、单次损失规模上升"的特征。报告指出，供 应链攻击造成的损失金额最高，钓鱼攻击事件数量最多；以太坊仍是安全事件最集中的公链。 （来源：吴说） ...

Core Insights - The U.S. government successfully seized 127,000 bitcoins from a Cambodian fraud group, valued at approximately $15 billion at the time of seizure, which raises questions about the methods used to access these decentralized assets [1][3][6]. Group 1: Background of the Fraud Group - The Cambodian fraud group, known as the "Prince Group," was founded by Chen Zhi, who transitioned from private server operations to telecom fraud after facing increased domestic crackdowns [5][6]. - The group established at least 10 fraud centers in Southeast Asia, employing coercive tactics to recruit individuals from over 60 countries, forcing them into fraudulent activities [5][6]. Group 2: U.S. Government's Seizure Operation - The U.S. Department of Justice's indictment revealed that the seizure operation took four years, indicating a high level of planning and execution [3][7]. - The bitcoins were reportedly stolen during a 2020 hacking incident, but they remained untouched until they were transferred to a wallet labeled "U.S. government" in June 2024 [6][7]. Group 3: Implications of the Seizure - The operation highlights the potential for state-level cyber actions, suggesting that the U.S. government may have controlled the bitcoins since the hacking incident [7][9]. - The seized funds, originally intended for fraud victims, are unlikely to be returned, raising ethical concerns about the handling of such assets by the U.S. government [9][10].

Core Viewpoint - A U.S. cybersecurity provider claims to have been attacked by hackers supported by the Chinese government, prompting a response from the Chinese Foreign Ministry, which denies the allegations and criticizes the lack of evidence [1]. Group 1: Company Response - The Chinese Foreign Ministry spokesperson, Lin Jian, stated that they are unaware of the specific situation mentioned by the U.S. cybersecurity provider [1]. - The Ministry reiterated its consistent opposition to hacking activities and emphasized the importance of combating such actions legally [1]. Group 2: Political Context - The Chinese government opposes the dissemination of false information for political purposes, highlighting a broader context of geopolitical tensions surrounding cybersecurity issues [1].

Core Viewpoint - The recent incident of fraudulent transactions involving the SPDB Mastercard Red Sand Credit Card has raised significant concerns among cardholders, with many sharing their experiences on social media [1] Group 1: Incident Overview - A growing number of cardholders have reported unauthorized transactions, prompting SPDB and Mastercard to conduct investigations [1] - Industry experts suggest that the concentrated fraud incidents may be linked to organized hacking activities [1] Group 2: Financial Responsibility - Some cardholders have had their bills cleared, and affected credit cards have been frozen or reported lost [1] - Multiple cardholders have indicated that the bank has assured them they will not bear the losses from the fraudulent transactions [1] Group 3: Institutional Response - SPDB's credit card center has issued a statement committing to protect customers from undue losses and to uphold their legal rights [1] - Mastercard has initiated an emergency investigation in collaboration with SPDB, forming a special team to trace the source of the risk and prevent potential threats, while also ensuring the financial protection of affected cardholders [1]

Core Viewpoint - Multiple pharmacies in Moscow have reportedly experienced severe system failures, suspected to be due to a cyber attack, leading to the suspension of operations across all locations of the "Capital Pharmacy" chain [1] Group 1: Incident Details - The cash register and inventory management systems of the pharmacies have completely collapsed, forcing employees to take temporary leave [1] - The pharmacy chain plans to repair the system issues in the coming days, although a specific timeline for restoration has not been provided [1] - The official website of the pharmacy confirmed the system failure but did not explicitly label it as a cyber attack [1]

Core Viewpoint - The hacking incident at the Iranian cryptocurrency exchange Nobitex, which resulted in an estimated theft of $100 million, is believed to be politically motivated, potentially linked to the ongoing tensions between Israel and Iran [1][2]. Group 1: Incident Details - Nobitex reported that the total estimated stolen assets amount to approximately $100 million, but the situation is under control, and user assets are protected by a reserve fund, ensuring no user financial loss [1]. - The hacker group Gonjeshke Darande, allegedly linked to Israel, claimed responsibility for the theft and previously announced the destruction of data from Iran's state-owned bank Sepah [1][2]. - Elliptic indicated that the stolen funds were rendered inaccessible by being stored in vanity addresses without corresponding keys, making recovery virtually impossible with current technology [1]. Group 2: Political Context - The hacker group is suspected to have ties to Israel, although no official confirmation of its identity or nationality exists [2]. - The hacking incident may be related to the recent escalation of tensions between Israel and Iran, as suggested by cybersecurity experts [2]. - The actions of the hacker group align with Israel's regional priorities, targeting Iranian digital sectors and strategic entities [2]. Group 3: Industry Impact - The incident adds to the growing list of victims of hacking in the cryptocurrency industry, with over $2.1 billion in digital assets stolen in 2025 alone, according to blockchain security firm CertiK [2].

Core Viewpoint - Major cryptocurrency exchanges Binance and Kraken have reportedly become targets of hacking attacks similar to those recently disclosed by Coinbase, but their internal policies and technologies have successfully mitigated these attacks [1]. Group 1: Hacking Incidents - Binance and Kraken faced hacking attempts that mirrored the recent attack on Coinbase, but their defenses were effective [1]. - Binance identified that scammers attempted to bribe customer service personnel and provided a Telegram account to contact the criminals [1]. - The security teams of several competing exchanges became aware of hackers specifically targeting large holders on Coinbase as early as December of the previous year [1]. Group 2: Coinbase Data Breach - Coinbase publicly disclosed a significant data breach where hackers bribed overseas customer service outsourcing personnel to obtain sensitive information of approximately 97,000 users [1]. - The hackers demanded a ransom of $20 million in Bitcoin, threatening to release the data if not paid [1]. - Coinbase refused to pay the ransom and instead offered a reward of the same amount for information leading to the resolution of the case [1]. Group 3: Industry Context - The cryptocurrency industry has been a target for cybercriminals since its inception over a decade ago, with numerous exchanges like Bybit, Bitfinex, and FTX suffering losses amounting to billions due to hacking incidents [1].

Core Viewpoint - The article discusses the recent hacking incident involving the infamous online forum 4chan, detailing the methods used by the hacker to gain access and the subsequent impact on the platform [17][38]. Group 1: Overview of 4chan - 4chan is described as a highly controversial and unregulated forum with a monthly active user base of 20 million and peak concurrent users reaching 200,000 [6][7]. - The forum is known for its extreme and often offensive content, including a section dedicated to "politically incorrect" discussions [8][12]. - It has been a source of various internet memes and cultural phenomena, but also a platform for misinformation, with 12% of fake news on Reddit traced back to 4chan [10][12]. Group 2: Hacking Incident - On April 14, 4chan became inaccessible due to a hacking incident, which was later confirmed to be a result of a successful attack by a hacker who claimed responsibility on a rival forum [17][18]. - The hacker released 120 GB of sensitive data, including source code, moderator information, and user IP addresses, demonstrating the severity of the breach [20][21]. Group 3: Method of Attack - The hacker exploited a vulnerability by uploading a malicious file disguised as a PDF, which was actually a PostScript file, taking advantage of 4chan's lack of file validation [29][30]. - The attack was facilitated by an outdated version of Ghostscript used by 4chan, which allowed the hacker to execute commands and gain server access [35][36]. - Following the breach, 4chan has updated its security measures, including replacing affected servers and disabling the PDF upload feature temporarily [38][39]. Group 4: Implications and Reactions - The incident highlights a shift in hacking techniques, moving away from social engineering to exploiting technical vulnerabilities, which has surprised many in the cybersecurity community [41][42]. - After two weeks of downtime, 4chan resumed operations, continuing to attract attention for its controversial content [42].

Group 1: Trump's Family Involvement in Cryptocurrency - The Trump family has gained significant attention in the cryptocurrency space, particularly with the launch of "Trump Coin," which saw its price surge nearly 60% to a peak of $14.7 following an announcement of a dinner event with top holders [3][4] - Melania Trump also launched "Melania Coin," which experienced a buying frenzy before its official release, resulting in traders making nearly $100 million in profits shortly after [3][4] - Trump's family controls a significant portion of the "Trump Coin," with estimates suggesting they hold 80% of the total supply, and Trump himself has reportedly earned $350 million from these ventures [4] Group 2: Regulatory Changes in Cryptocurrency - The Federal Reserve has recently retracted several documents urging banks to exercise caution in cryptocurrency activities, signaling a more favorable regulatory stance towards the crypto industry [5] - The Fed's withdrawal of previous regulatory guidance indicates that banks are no longer required to report crypto-related activities, which could lead to increased participation in the market [5] - This shift in regulatory approach is seen as a boost for the cryptocurrency sector, potentially encouraging more institutional involvement [5] Group 3: Security Concerns in Cryptocurrency - A significant security breach occurred on the Binance Smart Chain, where hackers stole approximately 2 million Binance Coins, equating to an estimated $100 million loss [8] - This incident highlights the ongoing security risks within the cryptocurrency market, emphasizing the need for investors to choose reliable trading platforms and implement robust asset protection measures [8] - The combination of high-profile scams, regulatory changes, and security threats creates a complex environment for investors in the cryptocurrency space [8]