OKX Web3 钱包 100% 自托管钱包。用钱包被盗那只能是自己的原因要么就是私钥泄露了要么电脑被黑了Star_OKX (@star_okx):@wallet 安全团队已经完成调查，原文将其描述为“OKX 钱包漏洞”并不准确。需要澄清两点：1️⃣ 该事件并不是 OKX Web3 钱包的安全漏洞。攻击方式是黑客通过木马软件控制用户设备后，通过篡改网页 JS 代码植入 hook，或监听键盘输入等方式，窃取本地存储的加密文件和密码。2️⃣ OKX Web3 钱包是 100% ...

Core Viewpoint - Step Finance reported a hacking incident involving several of its fund wallets, indicating that the attack was executed through a specific attack vector and that remedial measures have been implemented [1] Group 1 - The company disclosed that the attack occurred during the night, highlighting the urgency of the situation [1] - Step Finance is collaborating closely with security experts to address the breach and mitigate further risks [1] - Relevant authorities have been notified about the incident, indicating compliance with regulatory requirements [1]

Core Insights - The 2025 Web3 Security Report by CertiK indicates that losses from hacking, scams, and vulnerabilities are projected to reach approximately $3.35 billion, an increase from $2.446 billion in 2024 [1] - Excluding the significant Bybit incident, which accounted for about $1.447 billion, the overall amount of stolen funds is lower than the previous year, highlighting a trend of "decreasing event numbers but increasing single-event loss sizes" [1] - Supply chain attacks have resulted in the highest monetary losses, while phishing attacks have the highest number of incidents; Ethereum remains the blockchain with the most concentrated security events [1]

Core Insights - The U.S. government successfully seized 127,000 bitcoins from a Cambodian fraud group, valued at approximately $15 billion at the time of seizure, which raises questions about the methods used to access these decentralized assets [1][3][6]. Group 1: Background of the Fraud Group - The Cambodian fraud group, known as the "Prince Group," was founded by Chen Zhi, who transitioned from private server operations to telecom fraud after facing increased domestic crackdowns [5][6]. - The group established at least 10 fraud centers in Southeast Asia, employing coercive tactics to recruit individuals from over 60 countries, forcing them into fraudulent activities [5][6]. Group 2: U.S. Government's Seizure Operation - The U.S. Department of Justice's indictment revealed that the seizure operation took four years, indicating a high level of planning and execution [3][7]. - The bitcoins were reportedly stolen during a 2020 hacking incident, but they remained untouched until they were transferred to a wallet labeled "U.S. government" in June 2024 [6][7]. Group 3: Implications of the Seizure - The operation highlights the potential for state-level cyber actions, suggesting that the U.S. government may have controlled the bitcoins since the hacking incident [7][9]. - The seized funds, originally intended for fraud victims, are unlikely to be returned, raising ethical concerns about the handling of such assets by the U.S. government [9][10].

Core Viewpoint - A U.S. cybersecurity provider claims to have been attacked by hackers supported by the Chinese government, prompting a response from the Chinese Foreign Ministry, which denies the allegations and criticizes the lack of evidence [1]. Group 1: Company Response - The Chinese Foreign Ministry spokesperson, Lin Jian, stated that they are unaware of the specific situation mentioned by the U.S. cybersecurity provider [1]. - The Ministry reiterated its consistent opposition to hacking activities and emphasized the importance of combating such actions legally [1]. Group 2: Political Context - The Chinese government opposes the dissemination of false information for political purposes, highlighting a broader context of geopolitical tensions surrounding cybersecurity issues [1].

Core Viewpoint - The recent incident of fraudulent transactions involving the SPDB Mastercard Red Sand Credit Card has raised significant concerns among cardholders, with many sharing their experiences on social media [1] Group 1: Incident Overview - A growing number of cardholders have reported unauthorized transactions, prompting SPDB and Mastercard to conduct investigations [1] - Industry experts suggest that the concentrated fraud incidents may be linked to organized hacking activities [1] Group 2: Financial Responsibility - Some cardholders have had their bills cleared, and affected credit cards have been frozen or reported lost [1] - Multiple cardholders have indicated that the bank has assured them they will not bear the losses from the fraudulent transactions [1] Group 3: Institutional Response - SPDB's credit card center has issued a statement committing to protect customers from undue losses and to uphold their legal rights [1] - Mastercard has initiated an emergency investigation in collaboration with SPDB, forming a special team to trace the source of the risk and prevent potential threats, while also ensuring the financial protection of affected cardholders [1]

Core Viewpoint - Multiple pharmacies in Moscow have reportedly experienced severe system failures, suspected to be due to a cyber attack, leading to the suspension of operations across all locations of the "Capital Pharmacy" chain [1] Group 1: Incident Details - The cash register and inventory management systems of the pharmacies have completely collapsed, forcing employees to take temporary leave [1] - The pharmacy chain plans to repair the system issues in the coming days, although a specific timeline for restoration has not been provided [1] - The official website of the pharmacy confirmed the system failure but did not explicitly label it as a cyber attack [1]

Core Viewpoint - The hacking incident at the Iranian cryptocurrency exchange Nobitex, which resulted in an estimated theft of $100 million, is believed to be politically motivated, potentially linked to the ongoing tensions between Israel and Iran [1][2]. Group 1: Incident Details - Nobitex reported that the total estimated stolen assets amount to approximately $100 million, but the situation is under control, and user assets are protected by a reserve fund, ensuring no user financial loss [1]. - The hacker group Gonjeshke Darande, allegedly linked to Israel, claimed responsibility for the theft and previously announced the destruction of data from Iran's state-owned bank Sepah [1][2]. - Elliptic indicated that the stolen funds were rendered inaccessible by being stored in vanity addresses without corresponding keys, making recovery virtually impossible with current technology [1]. Group 2: Political Context - The hacker group is suspected to have ties to Israel, although no official confirmation of its identity or nationality exists [2]. - The hacking incident may be related to the recent escalation of tensions between Israel and Iran, as suggested by cybersecurity experts [2]. - The actions of the hacker group align with Israel's regional priorities, targeting Iranian digital sectors and strategic entities [2]. Group 3: Industry Impact - The incident adds to the growing list of victims of hacking in the cryptocurrency industry, with over $2.1 billion in digital assets stolen in 2025 alone, according to blockchain security firm CertiK [2].

Core Viewpoint - Major cryptocurrency exchanges Binance and Kraken have reportedly become targets of hacking attacks similar to those recently disclosed by Coinbase, but their internal policies and technologies have successfully mitigated these attacks [1]. Group 1: Hacking Incidents - Binance and Kraken faced hacking attempts that mirrored the recent attack on Coinbase, but their defenses were effective [1]. - Binance identified that scammers attempted to bribe customer service personnel and provided a Telegram account to contact the criminals [1]. - The security teams of several competing exchanges became aware of hackers specifically targeting large holders on Coinbase as early as December of the previous year [1]. Group 2: Coinbase Data Breach - Coinbase publicly disclosed a significant data breach where hackers bribed overseas customer service outsourcing personnel to obtain sensitive information of approximately 97,000 users [1]. - The hackers demanded a ransom of $20 million in Bitcoin, threatening to release the data if not paid [1]. - Coinbase refused to pay the ransom and instead offered a reward of the same amount for information leading to the resolution of the case [1]. Group 3: Industry Context - The cryptocurrency industry has been a target for cybercriminals since its inception over a decade ago, with numerous exchanges like Bybit, Bitfinex, and FTX suffering losses amounting to billions due to hacking incidents [1].

Core Viewpoint - The article discusses the recent hacking incident involving the infamous online forum 4chan, detailing the methods used by the hacker to gain access and the subsequent impact on the platform [17][38]. Group 1: Overview of 4chan - 4chan is described as a highly controversial and unregulated forum with a monthly active user base of 20 million and peak concurrent users reaching 200,000 [6][7]. - The forum is known for its extreme and often offensive content, including a section dedicated to "politically incorrect" discussions [8][12]. - It has been a source of various internet memes and cultural phenomena, but also a platform for misinformation, with 12% of fake news on Reddit traced back to 4chan [10][12]. Group 2: Hacking Incident - On April 14, 4chan became inaccessible due to a hacking incident, which was later confirmed to be a result of a successful attack by a hacker who claimed responsibility on a rival forum [17][18]. - The hacker released 120 GB of sensitive data, including source code, moderator information, and user IP addresses, demonstrating the severity of the breach [20][21]. Group 3: Method of Attack - The hacker exploited a vulnerability by uploading a malicious file disguised as a PDF, which was actually a PostScript file, taking advantage of 4chan's lack of file validation [29][30]. - The attack was facilitated by an outdated version of Ghostscript used by 4chan, which allowed the hacker to execute commands and gain server access [35][36]. - Following the breach, 4chan has updated its security measures, including replacing affected servers and disabling the PDF upload feature temporarily [38][39]. Group 4: Implications and Reactions - The incident highlights a shift in hacking techniques, moving away from social engineering to exploiting technical vulnerabilities, which has surprised many in the cybersecurity community [41][42]. - After two weeks of downtime, 4chan resumed operations, continuing to attract attention for its controversial content [42].