Compiled by: ChainCatcher

Important News:

JaredFromSubway MEV bot attacked, losing $7.5 million

Secret Network loses $4.67 million due to cross-chain vulnerability, attack went undetected for seven days

Michael Saylor releases Bitcoin Tracker information again, may disclose increased holdings next week

What important events occurred in the past 24 hours?

JaredFromSubway MEV bot attacked, losing $7.5 million

According to ChainCatcher, on-chain analysts monitored that the well-known Ethereum MEV bot JaredFromSubway was attacked, resulting in a loss of approximately $7.5 million. The attacker constructed a false MEV arbitrage path, inducing the bot to automatically generate token authorizations, and under the condition that the authorization was not revoked, transferred WETH, USDC, and USDT from the bot's contract using the open authorization, with funds ultimately flowing to the attacker's wallet address. Analysis pointed out that this attack was not a traditional phishing or smart contract vulnerability, but a targeted exploitation of the bot's automation execution mechanism.

Secret Network loses $4.67 million due to cross-chain vulnerability, attack went undetected for seven days

According to ChainCatcher, blockchain research institution Common Prefix disclosed that hackers exploited a vulnerability in the Secret Network and Axelar cross-chain bridge contract on June 10, forging deposits and minting uncollateralized tokens, subsequently cashing out approximately $4.67 million.

The attack went undetected for seven days until a normal cross-chain transfer failed due to insufficient funds in the escrow account on June 17, exposing the anomaly. The root of the vulnerability lies in the fact that when the contract changed from an escrow model to a minting model, it deleted two key functions responsible for verifying the source of transfers, and had never undergone external auditing since its deployment in early 2023. Secret Network pointed out that the Axelar bridging infrastructure failed to trigger any effective anomaly monitoring or emergency pause mechanism before the assets were stolen on a large scale.

The stolen funds were routed to Ethereum via Osmosis and exchanged for ETH on CoW Protocol, then dispersed into exchanges such as KuCoin, ChangeNow, and HitBTC. Currently, approximately $672,000 remains in the attacker's Axelar wallet. Secret Network has requested Axelar to freeze the address but was denied. Axelar emphasized that its core protocol was never affected, and the exploited contract was not developed or maintained by Axelar. Currently, Axelar has disabled the related cross-chain connections and stated that it is coordinating with exchanges and law enforcement agencies for follow-up.

Petition to abolish virtual asset tax in South Korea gains 58,571 signatures, set to be submitted to Congress for review

According to ChainCatcher, as reported by Edaily, the South Korean national petition for the "abolition of virtual asset (cryptocurrency) tax" has gained 58,571 signatures. According to congressional law, the related petition should be submitted for review at the first committee meeting held after 30 days of being handed over to the committee.

Under the current income tax law, starting from January 1 next year, income from the transfer or lending of virtual assets will be classified as other income and subject to income tax. Income from virtual assets exceeding 2.5 million Korean won (approximately $1,800) will be subject to a total tax rate of 22%, which includes other income tax (20%) and local income tax (2%).

Security company: Gitcoin subdomain suffers front-end attack, suspected of embedding phishing program

According to ChainCatcher, blockchain security company Blockaid stated that its detection system found signs of a front-end attack on the Gitcoin subdomain files[.]gitcoin[.]co, with the website suspected of containing malicious code named "Eleven drainer" used for wallet asset theft. Blockaid warned users not to interact with the website at this time, and the related issues are under investigation and repair.

Adam Back: Strategy will not go to zero, bearish views on STRC are unfounded

According to ChainCatcher, crypto pioneer Adam Back stated that the market's negative views on Strategy and its preferred stock STRC lack basis, as what Strategy is doing is essentially just selling Bitcoin to pay dividends, and it has not changed its Bitcoin reserve strategy, and is precisely "proving that it can pay returns to investors through Bitcoin while reducing debt ratios."

Adam Back further pointed out that Strategy is showcasing a new financial model to the market, where Bitcoin may become an alternative asset to cash for corporate asset management and capital operations in the future, while the FUD sentiment surrounding MSTR and STRC is exaggerated. Strategy will not "go to zero," and its long-term value lies in continuously holding Bitcoin and promoting market understanding of Bitcoin's monetary properties.

Michael Saylor releases Bitcoin Tracker information again, may disclose increased holdings next week

According to ChainCatcher, Strategy founder Michael Saylor released Bitcoin Tracker-related information again and stated, "Looks better with more dots."

According to previous patterns, Strategy always discloses information about increased Bitcoin holdings the day after relevant news is released.

Meme Popularity Rankings

According to data from the meme token tracking and analysis platform GMGN, as of June 22, 09:00,

The top five popular ETH tokens in the past 24 hours are: ASTEROID, sato, AAVE, PRISM, LINK

The top five popular Solana tokens in the past 24 hours are: QAI, RTM, three, SOLANGELE, DUCKY

The top five popular Base tokens in the past 24 hours are: PEAK, SOSO, ABS, FUN, CLANKER

What are some interesting articles worth reading in the past 24 hours?

10 Counterintuitive Insights on Latin American Payments

The most shocking to me was the sixth point. When I went to Latin America, I thought stablecoins were a structurally high-profit business. The reality I saw on the ground, however, is that they are competing to go to zero.

The winner will not be the one with the best exchange channel, but the one that excels in the next layer (wallets, cards, yields, branding) above the exchange.

To every taxi driver, bartender, bank manager, and regulator willing to take the time to explain things to a foreigner with poor Spanish and even worse Portuguese.

The wheels on my suitcase will eventually be fixed.

But the things learned on this trip will not be worn away.

Perp DEX: The Next Generation Exchange "War"

Hyperliquid says: on-chain Perps can become the exchange system and a new entry point; Aster says: to capture CEX users, performance and privacy issues must be resolved; Lighter says: the next phase will shift from experience competition to trust mechanism competition; dYdX / GMX says: the old model is not without value, but the industry standards have changed; Coinbase says: the war of Perps is already expanding externally.

And this "war" has just begun.

The Impossible Triangle is a Pseudo Problem

Today's public chains are essentially like a Google spreadsheet: charging you rent on one side while laying everything you have bare for strangers to see. The version that can keep your secrets is a pure upgrade, and it is precisely what will ultimately bring the next trillion dollars on-chain.

Let’s face honestly what most crypto products truly offer today. Strip away the consensus mechanism, and a public chain is just a shared Google spreadsheet that records everyone's transactions, only slower, more expensive, and readable by every competitor and predator on Earth.

Compared to a real Google spreadsheet, the only real added value it has is decentralized consensus: ensuring that no one can secretly change a row. This guarantee is real and valuable. But today, it is the only value increment.

Every exchange and every DeFi protocol built on mainstream public chains is fundamentally renting out this characteristic.

With provable compliant privacy, it is no longer a worse electronic spreadsheet. It becomes something that has no counterpart in the old world: a shared machine that can confirm transactions as true without revealing the transaction content.