🚀 Web3 Security Firm GoPlus Warns of New Telegram Phishing Scam
#Web3 #Security #Phishing #Telegram #Cybersecurity #GoPlus #Fragment #Scam #Wallet #Assets
According to Foresight News, Web3 cybersecurity company GoPlus has issued a warning about a new phishing method targeting Telegram users. Hackers are impersonating the official Fragment mini-program bot and sending private messages to users with anonymous accounts, offering bids. Once users click on the link provided by the fraudulent mini-program, they unknowingly grant authorization, leading to the theft of their wallet assets.
The phishing bots are designed to closely mimic the name and avatar of the official mini-program, making it difficult for users to distinguish between the real and fake bots. GoPlus advises users to verify the authenticity of such messages through official channels like the official website, Twitter, or trusted third-party sources such as DefiLlama and Foresight Wiki to avoid falling victim to these scams.#Web3 #Security #Phishing #Telegram #Cybersecurity #GoPlus #Fragment #Scam #Wallet #Assets
🚀 GoPlus Security API Enhances Permit Phishing Detection
#GoPlus #SecurityAPI #PhishingDetection #Web3 #BlockchainSecurity #AI #TokenSecurity #NFTSecurity #PermitPhishing #CryptoSafety #TrustWallet #TokenPocket #SafePal
According to BlockBeats, on October 11, GoPlus announced that its security API now fully supports Permit phishing signature detection. This enhancement allows for real-time updates and dynamic identification of most Permit signature phishing scenarios, effectively addressing recent threats that have resulted in significant financial losses for on-chain users, including millions of dollars lost by users like Shenyu.
GoPlus is recognized as the world's largest and most comprehensive Web3 security infrastructure. It features an advanced AI-driven security detection engine that operates in real-time, dynamically, and automatically. The platform supports security detection for tokens, malicious addresses, NFTs, authorizations, Permit phishing signatures, and dApp security information across more than 20 major public blockchains, including Ethereum and Solana. With an average of over 34.3 million daily API calls, GoPlus has integrated with leading wallets and dApps such as TrustWallet, TokenPocket, and SafePal. This integration has successfully thwarted numerous potential phishing attacks, rug pulls, malicious tokens, blacklisted address interactions, and risky authorizations, providing 24/7 protection for Web3 users' assets and transaction security.#GoPlus #SecurityAPI #PhishingDetection #Web3 #BlockchainSecurity #AI #TokenSecurity #NFTSecurity #PermitPhishing #CryptoSafety #TrustWallet #TokenPocket #SafePal
🚀 Web3 Projects Urged To Enhance Twitter Security Amid Phishing Scams
#Web3 #TwitterSecurity #PhishingScams #TwoFactorAuthentication #CyberSecurity #GoPlus #TwitterSecurityTips #Blockchain #OnlineSafety
According to BlockBeats, on October 18, several Web3 projects, including Eigenlayer and Rendr, along with their founders and key opinion leaders (KOLs), have recently experienced a surge in phishing scams through their official Twitter accounts. These accounts were compromised and used to post fraudulent links, posing significant risks to users.
GoPlus has advised the teams managing these Twitter accounts to implement Twitter's two-factor authentication (2FA) to enhance security. Additionally, they recommend being cautious when connecting Twitter to third-party applications, ensuring not to over-authorize these apps. Regular checks and timely revocation of third-party application permissions are also suggested to prevent the posting of phishing links that could harm users.#Web3 #TwitterSecurity #PhishingScams #TwoFactorAuthentication #CyberSecurity #GoPlus #TwitterSecurityTips #Blockchain #OnlineSafety
🚀 GoPlus Users Report Asset Theft Exceeding $1 Million
#GoPlus #AssetTheft #SecurityBreach #PrivateKeys #CryptoTheft #WalletSecurity #ForesightNews
According to Foresight News, GoPlus users have reported the theft of some of their assets. Security monitoring has identified the address involved in the theft as newly created yesterday. The stolen assets, amounting to over $1 million, have been transferred to the address 0x49add3e8329f2a2f507238b0a684d03eae205aab. GoPlus suspects that the theft may be due to the mass compromise of private keys belonging to users of a trading platform or trading bot. Users are advised to promptly check the security of their wallet assets.#GoPlus #AssetTheft #SecurityBreach #PrivateKeys #CryptoTheft #WalletSecurity #ForesightNews
🚀 GoPlus Issues Security Alert for Wallet Users
#GoPlus #SecurityAlert #WalletSecurity #Cryptocurrency #Hacker #AssetProtection #GasTransfers #BlockchainSecurity
According to Foresight News, GoPlus has issued a security alert urging users to check their wallets for any gas transfers from hacker addresses. Users are advised to promptly transfer their assets and switch to a secure wallet. GoPlus has identified and blacklisted the addresses associated with the attackers. Notably, the attackers have used a wallet starting with 0x9AE to send gas to multiple addresses, but no token transfers have occurred yet, giving users a chance to secure their assets.
The address used by the attackers to distribute gas is 0x9AEf1CA082c17f9D52Aa98ca861b50c776dECC35. The addresses used for consolidating stolen funds are as follows:
1. 0x49add3e8329f2a2f507238b0a684d03eae205aab
2. 0x7831d05afc72a10bd475eb4777680b4e9204695a
3. 0xb312a2c9ab9700dac49798f457b4c28e28f1c4fc
4. 0xc657b6e6c59af5bcff4de626dab52832e77d2996#GoPlus #SecurityAlert #WalletSecurity #Cryptocurrency #Hacker #AssetProtection #GasTransfers #BlockchainSecurity
🚀 Ethereum DeFi Project R0AR Suffers $780,000 Loss Due to Contract Backdoor
#Ethereum #DeFi #R0AR #SecurityBreach #Backdoor #SmartContracts #Web3 #GoPlus #CryptoTheft #BlockchainSecurity
According to PANews, Web3 security firm GoPlus reported on the X platform that the Ethereum-based DeFi project R0AR experienced a security breach on April 16, resulting in a theft of approximately $780,000. The incident was attributed to a backdoor in the project's contract. The project team released an incident report today, stating that the stolen funds have been recovered, although the addresses and transaction hashes have not yet been disclosed. This incident serves as a reminder for users to be cautious of backdoor contracts, specifically warning against interacting with contract 0xBD2Cd7.
The R0ARStaking contract was found to have a backdoor from the time of its deployment. A malicious address, 0x8149f, was pre-configured with a significant amount of $1R0R tokens available for extraction. The attacker initially conducted small deposit() and harvest() transactions to prepare for a malicious EmergencyWithdraw() operation. According to the contract's code logic, since the rewardAmount exceeded the r0arTokenBalance (the contract's balance), the rewardAmount was set to the contract's token balance. Consequently, all tokens within the contract were transferred to the malicious address 0x8149f. Similarly, all LP tokens from the LP Token contract were also transferred to the same address. Finally, the userInfo.amount was set to zero. The userInfo in the contract is a mapping structure, with its address dynamically calculated using the key (uid and msg.sender) hash. This suggests that the backdoor was premeditated, with the malicious address calculated before the contract's deployment.#Ethereum #DeFi #R0AR #SecurityBreach #Backdoor #SmartContracts #Web3 #GoPlus #CryptoTheft #BlockchainSecurity
🚀 GoPlus Alerts on Bankroll Network Contract Vulnerability
#GoPlus #BankrollNetwork #DeFi #Vulnerability #CryptoSecurity #SmartContract #AssetProtection
According to BlockBeats, GoPlus has issued a warning on social media about an ongoing attack targeting an outdated contract on the decentralized finance platform, Bankroll Network. The vulnerability allows attackers to withdraw funds from user addresses that have previously approved the contract. Users are advised to promptly revoke the authorization of the compromised contract to protect their assets.#GoPlus #BankrollNetwork #DeFi #Vulnerability #CryptoSecurity #SmartContract #AssetProtection
🚀 Ethereum EIP-7702 Protocol Targeted in Major Hack, Over $5.3 Million Lost
#Ethereum #EIP7702 #BlockBeats #GoPlus #GoPlusSecurityResearchInstitute #Web3Security #SignaturePhishing #MaliciousUpgrades #PermissionAbuse #MaliciousTransactions #SecurityDetection #EIP7702SecurityDetection #SecurityBrowserPlugin #SecurityUpdates #SecurityTools #ETH
According to BlockBeats, the Ethereum EIP-7702 protocol has become a new target for hackers, resulting in losses exceeding $5.3 million. Analysis by GoPlus Security Research Institute reveals that attackers employed techniques such as signature phishing, malicious upgrades, and permission abuse to execute the theft.
GoPlus, one of the first platforms to address security threats related to this protocol, has received numerous requests for assistance from affected users and has conducted extensive security research. To safeguard Web3 users' funds, GoPlus announced that its transaction simulation API now fully supports EIP-7702 security detection, effectively intercepting various malicious transactions based on this protocol. Additionally, a security browser plugin with related protective features will be launched soon.
GoPlus advises users to stay informed about security updates, enhance their security awareness, and utilize GoPlus security tools to prevent potential losses.#Ethereum #EIP7702 #BlockBeats #GoPlus #GoPlusSecurityResearchInstitute #Web3Security #SignaturePhishing #MaliciousUpgrades #PermissionAbuse #MaliciousTransactions #SecurityDetection #EIP7702SecurityDetection #SecurityBrowserPlugin #SecurityUpdates #SecurityTools #ETH
🚀 Unauthorized LayerZero Initialization Leads to GAIN Minting Incident
#LayerZero #GAIN #GoPlus #minting #crosschain #BinanceSmartChain #Ethereum #insiders #socialengineering #YalaAttack #cryptoSecurity #blockchain
According to BlockBeats, GoPlus has reported on social media that an unusual minting of GAIN tokens may have occurred due to unauthorized LayerZero Peer initialization and malicious exploitation. This incident is similar to the recent Yala attack.
The attackers, potentially insiders or individuals who socially engineered project members, initialized an additional LayerZero Peer on the Ethereum network. They minted TTTTT tokens and exploited a misconfigured Peer to bypass cross-chain verification, resulting in the minting of 5 billion GAIN tokens on the Binance Smart Chain.#LayerZero #GAIN #GoPlus #minting #crosschain #BinanceSmartChain #Ethereum #insiders #socialengineering #YalaAttack #cryptoSecurity #blockchain
🚀 GAIN Project Faces Major Security Breach Due to Configuration Error
#GAIN #securitybreach #LayerZero #Peer #Ethereum #BinanceSmartChain #BSC #crosschain #minting #GoPlus #Yala #TTTTT #attack #cryptonews #cryptoalert
According to PANews, the GAIN project has suffered a significant security breach due to a LayerZero Peer configuration error. Analysis by GoPlus reveals that attackers exploited this vulnerability by initializing an additional Peer on the Ethereum blockchain and minting TTTTT tokens. This allowed them to bypass cross-chain verification and excessively issue 5 billion GAIN tokens on the Binance Smart Chain. The incident bears similarities to the previous Yala attack, resulting in a dramatic price drop of over 90% for GAIN. Users are advised to temporarily cease interactions with the project to prevent potential losses.#GAIN #securitybreach #LayerZero #Peer #Ethereum #BinanceSmartChain #BSC #crosschain #minting #GoPlus #Yala #TTTTT #attack #cryptonews #cryptoalert
🚀 GoPlus Issues Security Alert on Uniswap Phishing Scam
#GoPlus #Uniswap #Phishing #Security #BlockBeats #Google #Web3 #Cryptocurrency #Scam
According to BlockBeats, GoPlus has issued a security alert regarding a phishing scam targeting Uniswap users. The alert highlights that the top search result for Uniswap on Google is a counterfeit phishing website. Attackers are reportedly using Google-sponsored ads and free Google sites domains to impersonate well-known Web3 platforms, luring users to these fraudulent sites to steal cryptocurrency assets.#GoPlus #Uniswap #Phishing #Security #BlockBeats #Google #Web3 #Cryptocurrency #Scam
🚀 Security Alert Issued for x402 Cross-Chain Protocol
#SecurityAlert #x402 #CrossChainProtocol #USDC #GoPlus #PANews #Theft #CryptoSecurity #Arbitrum #ETH #Blockchain #UserSecurity #CryptoScam #TransferUserToken #RevokeAuthorization #ARB
According to PANews, a security alert has been issued by the GoPlus Chinese community regarding a potential theft involving the x402 cross-chain protocol, known as @402bridge. The creator of the contract, starting with 0xed1A, transferred ownership to the address 0x2b8F. The new owner then used the transferUserToken method within the contract to move the remaining USDC from all authorized user wallets. Before minting, users were required to authorize USDC to the @402bridge contract, which led to over 200 users losing their remaining USDC due to excessive authorization. A total of 17,693 USDC was transferred to the 0x2b8F address, which was then converted to ETH and moved through multiple cross-chain transactions to Arbitrum.
Users who participated in this project are advised to promptly revoke related authorizations. It is recommended that users verify the authorization address to ensure it is the official project address before granting permissions, authorize only the necessary amount, and avoid unlimited authorizations. Regular checks on authorizations and the cancellation of unnecessary ones are also advised.#SecurityAlert #x402 #CrossChainProtocol #USDC #GoPlus #PANews #Theft #CryptoSecurity #Arbitrum #ETH #Blockchain #UserSecurity #CryptoScam #TransferUserToken #RevokeAuthorization #ARB
🚀 Balancer Exploit Leads to $3 Million Token Transfer
#Balancer #Exploit #TokenTransfer #SecurityBreach #stS #WBTC #ETH #PermitAuthorization #GoPlus #FrozenAddress #ERC20 #BlockchainSecurity
According to PANews, a recent exploit involving Balancer has resulted in the unauthorized transfer of approximately $3 million worth of tokens. The incident was highlighted by the GoPlus Chinese community on the X platform, revealing that the attacker used a Permit authorization to bypass security measures.
Earlier today, the attacker managed to transfer 195 stS tokens from the frozen address 0xf19…fae2 to a new address 0x0e9c…44D5. These tokens were then exchanged for WBTC and ETH. The failure of the freeze was attributed to its implementation at the native chain level, which only affected S tokens and not other ERC20 tokens like stS.
The stS tokens have a permit() method that allows off-chain signatures without requiring the frozen address to pay S, leading to the ineffectiveness of the freeze in this instance.#Balancer #Exploit #TokenTransfer #SecurityBreach #stS #WBTC #ETH #PermitAuthorization #GoPlus #FrozenAddress #ERC20 #BlockchainSecurity
🚀 Security Alert Issued for Malicious Chrome Extension Disguised as Ethereum Wallet
#SecurityAlert #MaliciousExtension #ChromeExtension #EthereumWallet #SuiTransactions #GoPlus #CyberSecurity #PhishingAttack #AssetTheft #CryptoSecurity #ChromeWebStore #ETH #SUI
According to PANews, GoPlus has issued a security alert regarding a malicious Chrome extension masquerading as an Ethereum (ETH) wallet. Released on November 12, 2024, this extension is designed to steal user assets by encoding mnemonic phrases into Sui transactions.
Promoted as a simple and secure ETH wallet, the extension contains a backdoor that encodes user mnemonic phrases into Sui addresses. It then broadcasts micro-transactions from a Sui wallet controlled by the attacker, making it highly covert.
As of now, the malicious extension has not been removed from the Chrome Web Store. GoPlus has reported the issue to Chrome and blacklisted the download link.
The extension is named 'Safery: Ethereum Wallet,' and the attacker's email is kifagusertyna@gmail[.]com.#SecurityAlert #MaliciousExtension #ChromeExtension #EthereumWallet #SuiTransactions #GoPlus #CyberSecurity #PhishingAttack #AssetTheft #CryptoSecurity #ChromeWebStore #ETH #SUI
🚀 User Loses $230,000 in Crypto Due to Malicious Transactions
#crypto #phishing #malicioustransactions #GoPlus #ArbWETH #EthLBTC #cryptorisk #security
According to PANews, a user has reportedly lost $230,000 worth of aArbWETH and aEthLBTC after signing malicious permit and increaseAllowance transactions. The incident was detected by GoPlus, highlighting the risks associated with phishing attacks in the cryptocurrency space.#crypto #phishing #malicioustransactions #GoPlus #ArbWETH #EthLBTC #cryptorisk #security
🚀 Security Alert: Malicious Skill 'What Would Elon Do' Identified as Trojan Program
#SecurityAlert #MaliciousSkill #TrojanProgram #WhatWouldElonDo #ClawHub #GoPlus #SSHkeys #Cryptocurrency #BrowserCookies #SupplyChainAttack #OpenClaw #ForesightNews #chiefofautism #MaliciousSkills
A recent report highlights a significant security threat involving the Skill 'What Would Elon Do,' which was once the top download on ClawHub. According to Foresight News, GoPlus monitoring has revealed that this Skill is actually a Trojan program. Attackers manipulated rankings and used bots to increase downloads, leading many users to install the malicious software.
Once installed, the Skill steals users' SSH keys, cryptocurrency wallet private keys, and browser cookies, establishing a reverse shell to the attackers' server. This has resulted in actual asset losses for users. The incident has uncovered a severe new supply chain attack vector within the Skill ecosystem. GoPlus advises users to cease running OpenClaw without protection.
Additionally, chiefofautism has disclosed that the ClawHub marketplace contains 1,184 malicious Skills, with a single attacker responsible for uploading 677 of these harmful packages.#SecurityAlert #MaliciousSkill #TrojanProgram #WhatWouldElonDo #ClawHub #GoPlus #SSHkeys #Cryptocurrency #BrowserCookies #SupplyChainAttack #OpenClaw #ForesightNews #chiefofautism #MaliciousSkills
🚀 User Loses $127,000 in Crypto Assets Due to Malicious Transactions
#crypto #loss #fraud #phishing #USDC #TIBBIR #PAXG #malicioustransactions #GoPlus #ChainCatcher
A user has reportedly lost approximately $127,000 in various crypto assets due to malicious transactions. According to ChainCatcher, GoPlus monitoring revealed that the user signed multiple fraudulent Approve transactions, leading to the unauthorized transfer of USDC, TIBBIR, and PAXG assets by a phishing attacker.#crypto #loss #fraud #phishing #USDC #TIBBIR #PAXG #malicioustransactions #GoPlus #ChainCatcher
🚀 GoPlus and Custos Forge Strategic Partnership for Token Locking
#GoPlus #Custos #StrategicPartnership #TokenLocking #OnChain #AssetManagement #Blockchain #Crypto #Innovation #Protocol #GPS
GoPlus has announced a long-term strategic partnership with Custos. According to ChainCatcher, the collaboration will focus on deepening cooperation in token locking services and exploring new possibilities in on-chain asset management. The aim is to elevate token locking from a basic tool to a protocol-level capital strategy infrastructure.
Both parties will maintain clear boundaries and distinct roles, achieving strategic synergy while independently developing. Custos will concentrate on innovation at the asset management protocol layer, advancing token locking services to a higher level. Meanwhile, GoPlus will continue to build security infrastructure and provide strategic support for Custos's development.#GoPlus #Custos #StrategicPartnership #TokenLocking #OnChain #AssetManagement #Blockchain #Crypto #Innovation #Protocol #GPS
🚀 Phishing Attack Results in Theft of $200,000 in USDC and wmtUSDT
#PhishingAttack #USDC #wmtUSDT #CryptoTheft #GoPlus #OnChainSecurity #MaliciousTransaction #CryptoPrecaution #ChainCatcher
A phishing attack has led to the theft of approximately $200,000 in USDC and wmtUSDT, according to ChainCatcher. The incident involved a malicious Permit and Approve transaction signed by an address beginning with 0x9709.
GoPlus has advised users to carefully verify transaction details and contract addresses when signing any on-chain authorizations or offline signature requests. This precaution is essential to prevent assets from being stolen through unauthorized or malicious requests.#PhishingAttack #USDC #wmtUSDT #CryptoTheft #GoPlus #OnChainSecurity #MaliciousTransaction #CryptoPrecaution #ChainCatcher
🚀 Significant Transfer of GPS Tokens from GoPlus
#GPS #GoPlus #Cryptocurrency #Blockchain #TokenTransfer
A substantial transfer of GPS tokens has been reported. According to ChainCatcher, at 15:54, 1.6 billion GPS tokens were moved from GoPlus to a contract address starting with 0x7448.#GPS #GoPlus #Cryptocurrency #Blockchain #TokenTransfer