Security Incidents

Three suspects posing as police officers attacked a couple in Versailles, forcing them to transfer approximately €900,000 in Bitcoin. French authorities confirm the theft and are investigating the growing trend of violent robberies targeting crypto holders.

Gwangju District Prosecutors Office in South Korea recently sold 320.8 Bitcoin seized, cashing out 31.6 billion Korean Won. This batch of Bitcoin originally came from investigations into illegal gambling platforms from 2018 to 2021. Although there was an incident where Bitcoin was stolen by hackers due to a public official's mistake, the hackers later returned the Bitcoin. Authorities have conducted investigations and also discovered other cases of seized Bitcoin going missing.

On March 10th, a French couple was attacked at home by three fake police officers armed with knives, forcing them to transfer approximately 900,000 euros worth of Bitcoin. The couple was injured and tied up, and the assailants fled. This case is the latest example of a "wrench attack" in cryptocurrency. Several similar incidents have occurred in France this year.

The National Internet Emergency Center has issued a risk alert, as improper use of the OpenClaw agent has led to security vulnerabilities. Users are advised to strengthen network controls, enhance credential management, strictly regulate plugin sources, and stay updated on security updates to ensure safe application.

Gate News Announcement: On March 10, Cosmos Labs disclosed on the X platform that a recent security vulnerability affecting some blockchains built on Cosmos EVM Stack has been discovered. The vulnerability involves related functional modules and has impacted Layer 1 blockchains in the production environment.

Gate News Announcement, March 10th, experts from the China Academy of Information and Communications Technology issued a safety warning regarding the recently popular open-source AI agent OpenClaw (commonly known as "Lobster"). The experts pointed out that although the agent has been updated to the latest version and can fix known security vulnerabilities, this does not mean that all security risks have been completely eliminated. Previously, the Ministry of Industry and Information Technology's Cybersecurity Threat and Vulnerability Information Sharing Platform had issued related security risk alerts. (CCTV News)

Financial institutions are cautious about AI proxy tools like OpenClaw, concerned about data leaks and system risks. Industrial and Commercial Bank of China issued a risk warning, advising users to authorize cautiously, not to believe in high-yield promises easily, and to protect personal information.

Gate News reports that on March 10, the crypto community announced that Aethir's marketing director Masha Prusso was accused of having sourced women for Epstein. Meanwhile, community insiders revealed that Aethir has recently undergone large-scale layoffs, with several co-founders and executives leaving one after another, suspected of soft Rug pulling. It is also reported that Masha Prusso's personal website has been taken down recently.

Gate News: On March 10, the Gwangju District Prosecutor's Office in South Korea sold 320.8 Bitcoins, with the proceeds of 31.6 billion Korean Won (approximately $21.5 million) remitted to the national treasury. The Bitcoins were originally confiscated after a crackdown on an illegal gambling platform, stolen in August 2025 due to a phishing attack on an official, and voluntarily returned by the hacker in February this year. The prosecution then sold the assets in batches over 11 days (from February 24 to March 6). The hacker remains at large, and the investigation is ongoing. (The Block)

JELLYJELLY tokens experienced an extreme divergence of 34% between the perpetual contract mark price and the on-chain spot price on March 10, suspected of price manipulation. Analysis shows a surge in open interest and a funding rate reaching -2% every 4 hours, indicating market instability and manipulation risk. Analysts warn investors that this situation could trigger significant price volatility and reflects structural risks during the integration process of decentralized and centralized exchanges.

DeFi lending protocol Compound Finance recently experienced a security incident, with users reporting that its official website was redirected to a phishing page. Attackers used domain spoofing to carry out the attack. Although no funds were lost, this is the second similar incident Compound has faced in the past two years. Security experts stated that the automation of phishing tools increases the risk of attacks. The ongoing issues facing Compound are undermining market confidence, and front-end security and governance transparency are becoming key factors for its long-term development.

The Russian "All-Russian People's Front" warns that scammers are forging donation documents to induce supporters of Iran to donate cryptocurrencies, claiming that the funds will be used to aid Ukrainian soldiers. The organization reiterates that all crypto fundraising activities in its name are scams, and legitimate donations can only be made through official website bank transfers. Meanwhile, Russian security agencies are stepping up efforts to combat related criminal activities. Cryptocurrencies are becoming increasingly important in the political and military funding flows in the Middle East, posing new security challenges for users.

Gate News reports that on March 10, BlockSec detected a suspicious transaction targeting the MT-WBNB liquidity pool on BSC, resulting in a loss of approximately $242,000. The attack exploited a flaw in the buyer restriction mechanism, allowing the attacker to bypass restrictions via a router and sell MT for profit, leading to the loss of funds.

South Korea's National Tax Service accidentally leaked cryptocurrency seed phrases, leading to assets worth approximately $4.8 million being stolen. The first thief surrendered and returned the assets, but they were stolen again by others. Experts criticized the National Tax Service for not taking necessary protective measures, and authorities admitted the mistake and promised to strengthen security systems.

Gate News Announcement, March 10th, Cosmos Labs disclosed that a security vulnerability has been recently discovered, affecting some blockchains built on the Cosmos EVM Stack. This vulnerability has impacted Layer 1 blockchains in the production environment.

Slow Mist Technology warns that attackers are poisoning Bing AI search results to promote fake OpenClaw installers, tricking users into downloading malware. Attackers are using GitHub to create fake repositories, simply hosting malicious code on the platform to contaminate search results. On Windows and macOS, the malware employs specific intrusion methods and can steal sensitive information. Users should avoid downloads from unknown sources and stay vigilant.

NFT Lending Protocol Gondi Announces Compensation for Users Who Suffered Losses Due to Smart Contract Vulnerability, with Approximately 78 NFTs stolen, estimated at around $230,000. The vulnerability stemmed from a logical flaw in the "Sell & Repay" contract, allowing attackers to transfer NFTs without owning them. Gondi is currently compensating users through a three-pronged approach: contacting affected users, recovering stolen NFTs, and repurchasing similar items using the proceeds. Other platform functions have returned to normal.

Gate News Report, March 10th, SlowMist Technology Chief Information Security Officer 23pds posted on the X platform that attackers have launched poisoning attacks on Bing AI search results, tricking users into downloading and installing counterfeit OpenClaw programs, thereby stealing users' crypto assets and sensitive information.

NFT platform Gondi was subjected to a contract vulnerability attack on March 10th, resulting in the theft of 78 NFTs and a loss of approximately $230,000. The issue stemmed from a logical flaw in the new version of the Sell & Repay contract. Gondi has taken control of the situation, disabled related functions, is actively compensating affected users, and is pursuing the stolen NFTs.

Gate News Report, March 9 — According to Goplus monitoring, the NFT liquidity trading platform gondixyz was hacked due to a vulnerability, resulting in the theft of multiple NFTs with estimated losses of approximately $230,000. gondixyz official statement: "Please do not repay loans until the team confirms safety." Users are advised to immediately revoke approvals for affected contracts via Revoke Cash and refrain from initiating any new activities on the platform.