cio

According to monitoring by Lookonchain, the Solana ecosystem DeFi protocol Drift Protocol has suffered a significant attack, with approximately $220 million to $270 million in assets suspiciously transferred to the address "HkGz4K." Subsequently, some of these assets were bridged to the Ethereum chain to purchase ETH, with a total of 19,913 ETH bought so far, valued at $42.6 million.The attacker also transferred some of the stolen SOL to Hyperliquid to exchange for ETH, as well as transferring some stolen SOL to Binance. Additionally, according to monitoring by onchainschool.pro, the details of the stolen assets are as follows: USDC valued at $103 million; SOL valued at $54 million; WBTC valued at $19 million; WETH valued at $12 million; cbBTC valued at $11 million; USDT valued at $6 million; USDS valued at $5 million; SYRUPUSDC valued at $3 million; JLP valued at $2 million.Drift Protocol's official statement indicated that they have noticed unusual activity and are currently investigating. Please do not deposit funds into Drift during the investigation period. This is not an April Fool's joke. Please act cautiously until further notice. Drift Protocol will release the latest news through official channels.

Slow Fog has once again issued a security reminder stating to pay attention to checking for malicious versions of axios and the exposure risk of OpenClaw npm global installation history. [email protected] and [email protected] have been confirmed as malicious versions, both of which have injected the dependency [email protected], delivering cross-platform malicious payloads through the postinstall script.The impact of OpenClaw is assessed based on scenarios: source code builds are not affected, as the locked versions in the lock file are 1.13.5/1.13.6; however, users who installed via npm install -g [email protected] face historical exposure risks due to the presence of optionalDependencies.axios@^1.7.4 in the dependency chain, which may resolve to [email protected] during the time window when the malicious version is still online. Currently, npm has reverted the resolution to [email protected], but environments that were installed during the attack window are still advised to be checked. Slow Fog has provided inspection commands and IoC paths for various platforms; if the plain-crypto-js directory is found, even if the package.json has been cleaned, it should still be regarded as high-risk execution traces. It is recommended that affected hosts immediately rotate credentials and conduct host-side inspections. Previously, Slow Fog founder Yu Xian reminded that OpenClaw version 3.28 may introduce a toxic version of axios, and users need to urgently check.

Slow Fog founder Yu Xian issued a security reminder stating: We are fairly certain that if the user's OpenClaw is the latest version 3.28, it may introduce a poisoned axios, please be cautious in your checks.In addition, related Skills may also rely on axios, leading to indirect poisoning. Due to the widespread use of axios, a comprehensive check can be conducted under certain conditions.

According to The Street, Goliath Ventures, a cryptocurrency company based in Florida, has filed for Chapter 11 bankruptcy reorganization in the Southern District of Florida.The company is alleged to be linked to a $328 million Ponzi scheme, with over 2,000 victim investors, including Gregory Wilson, who lost approximately $8.74 million, and John Euliano, who lost about $1.28 million. Additionally, plaintiffs have filed a class-action lawsuit against JPMorgan Chase early next month, accusing it of turning a blind eye to suspicious transactions involving Goliath Ventures.Previously, Goliath Ventures' former CEO Christopher Alexander Delgado was arrested for allegedly being involved in the $328 million Ponzi scheme and faces charges of wire fraud and money laundering. Delgado lured victims under the guise of investing in cryptocurrency liquidity pools and promising monthly returns, but the funds were used to pay returns to earlier investors, purchase luxury homes, and finance extravagant activities.

According to a security alert released by GoPlus Security, Silverfort security researchers discovered a serious vulnerability in OpenClaw's skill repository ClawHub. Attackers can bypass all protective mechanisms by calling the internal function downloads:increment, allowing them to inflate the download count to over 20,000 in just a few minutes with a single curl request, thereby pushing malicious skills to the top of search rankings and enticing users or AI Agents to install them automatically.Once the malicious skill is running, it can steal sensitive data such as cryptocurrency wallets and API keys. The vulnerability has been patched within 24 hours. GoPlus advises users that a high download count does not equal safety and recommends using AgentGuard for security scanning and protection.

According to Slow Fog monitoring, the Apifox desktop client has encountered a supply chain attack, with front-end script files hosted on its official CDN being injected with highly obfuscated malicious JavaScript code.Affected users may face risks such as credential theft, sensitive data leakage, and remote command execution, with the malicious code executing automatically and being highly concealed. Slow Fog recommends that users immediately revoke all Tokens, reset passwords, log out and log back in to invalidate sessions, block the *.apifox.it.com domain, clear local storage, and review API logs and abnormal activities.

According to GoPlus security monitoring, an address starting with 0x9709 signed malicious Permit and Approve transactions, resulting in approximately $200,000 worth of USDC and wmtUSDT being stolen by phishing attackers.GoPlus states that users should carefully verify transaction details and contract addresses when signing any on-chain authorizations (Approve) or offline signatures (Permit) to avoid signing unknown malicious requests and prevent asset theft.

According to Gate market data, U.S. stocks opened with the Dow Jones Industrial Average down 0.55%, the S&P 500 down 0.82%, and the Nasdaq Composite down 1.35%. Precious metal concept stocks fell sharply, with Coeur Mining down 8%, Newmont Mining down 9%, and Pan American Silver down 6%. The Nasdaq Golden Dragon China Index fell 1.9%.

According to GoPlus monitoring, a user lost approximately $85,000 in sNUSD to a phishing attack due to signing a malicious Approve transaction.

According to GoPlus monitoring, about 8 hours ago, a user lost $1.76 million in USDC to a phishing attack after signing a malicious Permit transaction.

According to CoinDesk, Bitwise Asset Management Chief Investment Officer Matt Hougan stated that if Bitcoin can capture a larger share of the global value storage market currently dominated by gold and government bonds, Bitcoin could eventually reach $1 million per coin. Geopolitical tensions, potential crises in traditional "safe" assets, and Bitcoin's fixed supply could accelerate its rise, but most believe this will take a decade or longer, rather than being an imminent event.Analysts say that the $1 million target is less of an exact prediction and more of a shorthand for Bitcoin maturing into a major global currency asset, with the outcome depending on long-term institutional adoption and the expansion of the value storage market.

According to market news, the European Cybercrime Centre, in collaboration with the U.S. Department of Justice and other agencies, has announced the dismantling of a malicious proxy service network named "SocksEscort" and the freezing of $3.5 million in cryptocurrency related to the case.The network is said to have compromised over 369,000 routers and IoT devices in 163 countries worldwide, providing users with over 35,000 proxies in recent years. The European Cybercrime Centre stated that 34 domain names and 23 servers were seized in operations across 7 countries, and payment platforms associated with the service are estimated to have received over $5.7 million in cryptocurrency. The investigation began in June 2025 and found that the infected devices were primarily used to facilitate criminal activities such as ransomware and DDoS attacks.The U.S. Department of Justice has charged that criminals used the proxy service to conceal their location and commit fraud, including bank and cryptocurrency account takeovers, citing multiple victim loss cases, including a New York cryptocurrency exchange customer who was scammed out of $1 million.

According to GoPlus monitoring, a user lost approximately $53,000 worth of PAXG due to signing a malicious authorization (Approve) transaction, which was exploited by phishing attackers.

According to the security alert released by GoPlus, attackers are using Google search ads to deploy malware that is a pixel-perfect clone of the official #Claude Code installation page. This malware steals user passwords, cookies, session tokens, crypto wallets, credentials, and system information.GoPlus recommends identifying the ad labels in search results, carefully checking the subtle differences in URLs compared to the official website; verifying installation methods through multiple channels such as official documentation, social media, or GitHub repositories; not executing unfamiliar commands directly and analyzing command behavior before running; and installing security plugins to intercept phishing links, risky signatures, authorizations, and transactions in real-time.

According to The Block, Bitwise Chief Investment Officer Matt Hougan reiterated in a recent memo that the price of Bitcoin is expected to reach $1 million per coin. He pointed out that when viewed as a competitor to gold in the global value storage market, its long-term potential becomes clearer.Currently, the global value storage market is nearly $38 trillion, with gold accounting for about $36 trillion and Bitcoin approximately $1.4 trillion, making up less than 4%. Hougan believes that if the market continues to expand at an annual compound growth rate of about 13% over the past 20 years, it could reach around $121 trillion in the next decade, at which point Bitcoin would only need to capture about 17% of the market share to achieve a price of $1 million.He believes recent developments support this possibility: the spot Bitcoin ETF has become the fastest-growing ETF in history, institutions such as Harvard's endowment and the Abu Dhabi sovereign wealth fund have allocated to this asset, and Bitcoin's long-term volatility has decreased. He acknowledges that risks still exist but also points out that if concerns about government debt and fiat currency devaluation intensify, this prediction may still seem conservative.

Bitwise Chief Investment Officer Matt Hougan stated that the price of Bitcoin could potentially reach $1 million per coin in the future. He believes that when viewed from the perspective of the global "Store of Value" market, Bitcoin's long-term potential becomes clearer, as it is gradually competing with gold for the status of a digital value storage asset.In his latest memo titled "How Bitcoin Gets to $1 Million," Hougan pointed out that the current global value storage market is approximately $38 trillion, with about $36 trillion coming from gold, while Bitcoin is around $1.4 trillion, accounting for less than 4% of that market. Hougan believes that many investors underestimate Bitcoin's potential because they overlook the growth rate of the value storage market itself. For example, when the first gold ETF was launched in the U.S. in 2004, the global gold market was only about $2.5 trillion, and it has now approached $40 trillion, with a compound annual growth rate of about 13%. This growth has been primarily driven by increasing government debt, geopolitical uncertainty, and loose monetary policies.If the value storage market continues to expand at a similar pace over the next decade, its size could reach approximately $121 trillion. In this scenario, Bitcoin would only need to capture about 17% of the market share for its price to reach $1 million. Hougan also noted that the development of the crypto market in recent years has laid the groundwork for this outlook. For instance, a few years ago, there was no Bitcoin spot ETF in the U.S., but now Bitcoin spot ETFs have become one of the fastest-growing ETF products in history. At the same time, institutional investors, including Harvard University's endowment fund and the Abu Dhabi sovereign wealth fund, have begun to allocate Bitcoin.

According to 23pds, the Chief Information Security Officer of Slow Fog Technology, an intelligence system has discovered a malicious npm package named "@openclaw-ai/openclawai" that is implementing a multi-layer attack.This malicious package disguises itself as a legitimate command-line tool called OpenClaw Installer, aimed at stealing sensitive user information, including system credentials, cryptocurrency wallet private keys, browser data, SSH keys, and Apple Keychain database, among others.

The U.S. Treasury Department, in its report on the GENIUS Act submitted to Congress, suggested that Congress consider creating a "hold law" for digital assets. This proposal aims to provide a legal safe harbor for crypto platforms, allowing them to temporarily and voluntarily freeze digital assets suspected of illegal activity during investigations.Ari Redbord, policy director at TRM Labs, stated that this legislation would give law enforcement time to address the rapid nature of blockchain transactions. Although the Bank Secrecy Act protects institutions that submit suspicious activity reports, there is currently a lack of clear statutory provisions authorizing platforms to freeze funds without a court order. The report noted that this move would strengthen public-private partnerships in combating crypto fraud and money laundering.

The U.S. Treasury submitted a 32-page report to Congress stating that cryptocurrency mixers can be used for legitimate financial privacy purposes, allowing users to protect sensitive information such as personal wealth, business payments, or charitable donations. This stance marks a shift from its attitude when sanctioning Tornado Cash in 2022.The report reveals that North Korean cybercriminals stole at least $2.8 billion in digital assets between January 2024 and September 2025, including $1.5 billion stolen from Bybit, and regularly used mixers for multi-step money laundering. Since May 2020, over $1.6 billion in mixer deposits have flowed into cross-chain bridges, with more than $900 million concentrated in a bridging protocol related to North Korean money laundering activities.The report distinguishes between custodial and non-custodial mixers, noting that compliant custodial mixers can provide customer identity and off-chain transaction data, but it did not recommend imposing new restrictions on non-custodial mixers. In terms of legislative recommendations, the report urges Congress to create a digital asset-specific "freezing law" to provide safe harbor protection for financial institutions to temporarily freeze suspicious assets during short-term investigations, and suggests that Congress clarify which DeFi participants should bear anti-money laundering obligations.The report also proposes adding a "sixth special measure" to Section 311 of the USA PATRIOT Act, authorizing the Treasury to impose bans or restrictions on specific digital asset transfers that do not involve agency banking relationships. This report was prepared based on Section 9 of the GENIUS Act signed in July 2025.