- Topic
27k Popularity
57k Popularity
7k Popularity
589 Popularity
16k Popularity
5k Popularity
2k Popularity
95k Popularity
27k Popularity
26k Popularity
- Pin
- 🔥 Gate Square #Gate Alpha Third Points Carnival# Trading Sharing Event - 5 Days Left!
Share Alpha trading screenshots with #Gate Alpha Trading Share# to split $100!
🎁 10 lucky users * 10 USDT each
📅 July 4, 4:00 – July 20, 16:00 UTC+8
Gate Alpha 3rd Points Carnival Issue 10 is in full swing!
Trade and post for double the chances to win!
Learn more: https://www.gate.com/campaigns/1522alpha?pid=KOL&ch=5J261cdf
- 📢 Gate has released its latest Proof of Reserves report!
As of July 11, 2025:
💰 Total reserves reached $10.504 billion
📈 Reserve ratio stands at 126.03%
✅ Covers over 350 types of user assets
🔼 Surplus reserves increased 10.66% to $2.17 billion
Committed to transparency and user fund security.
📎 Learn more: https://www.gate.com/proof-of-reserves
- 📢 Gate Square #Creator Campaign Phase 1# is now live – support the launch of the PUMP token sale!
The viral Solana-based project Pump.Fun ($PUMP) is now live on Gate for public sale!
Join the Gate Square Creator Campaign, unleash your content power, and earn rewards!
📅 Campaign Period: July 11, 18:00 – July 15, 22:00 (UTC+8)
🎁 Total Prize Pool: $500 token rewards
✅ Event 1: Create & Post – Win Content Rewards
📅 Timeframe: July 12, 22:00 – July 15, 22:00 (UTC+8)
📌 How to Join:
Post original content about the PUMP project on Gate Square:
Minimum 100 words
Include hashtags: #Creator Campaign
- 🎉 [Gate 30 Million Milestone] Share Your Gate Moment & Win Exclusive Gifts!
Gate has surpassed 30M users worldwide — not just a number, but a journey we've built together.
Remember the thrill of opening your first account, or the Gate merch that’s been part of your daily life?
📸 Join the #MyGateMoment# campaign!
Share your story on Gate Square, and embrace the next 30 million together!
✅ How to Participate:
1️⃣ Post a photo or video with Gate elements
2️⃣ Add #MyGateMoment# and share your story, wishes, or thoughts
3️⃣ Share your post on Twitter (X) — top 10 views will get extra rewards!
👉
Weekly Updates | The total loss of Web3 security incidents is about 19.963 million US dollars
Overview
According to the SlowMist blockchain hacked archives (statistics, from August 14 to August 20, 2023, a total of 10 security incidents occurred, with a total loss of about 19.963 million US dollars.
Specific incident
MEV Bot
On August 14, 2023, Hexagate tweeted that a single MEV Bot was exploited for about $200,000 in the past few days, including BNBChain, Ethereum, Polygon, and Arbitrum.
Zunami Protocol
On August 14, 2023, the Zunami Protocol on Ethereum suffered a price manipulation attack and lost 1,179 ETH (approximately $2.2 million). The reason for the incident is that the calculation of LP price in the vulnerable contract depends on the CRV balance of the contract itself and the conversion ratio of CRV in the wETH/CRV pool. The attacker manipulated the LP price by transferring CRV to the contract and manipulating the conversion ratio of the wETH/CRV pool. According to MistTrack analysis, ETH has been transferred to Tornado Cash at present.
It is worth mentioning that our system detected this vulnerability before, and we also kindly reminded it of the vulnerability, but the project party did not pay attention to it, and it was too late when the incident happened.
Put
On August 15, 2023, the official Twitter account of Metis, the Ethereum expansion solution, was stolen. According to officials, team members fell victim to a SIM-swapping attack that allowed malicious actors to take over the account for about 30 hours.
The goal of SIM swapping attacks is identity theft, where the attacker takes over the victim's phone number, giving them access to bank accounts, credit cards, or encrypted accounts. Speaking to Cointelegraph, SlowMist CISO said: “As the popularity of Web3 attracts more people into the industry, the possibility of SIM swap attacks increases due to its relatively low technical requirements. Such SIM swap attacks are It’s also prevalent in the Web2 world, so it’s no surprise to see it pop up in a Web3 environment.”
(
Since SIM swapping attacks do not require much technical skill from the hacker, users must take care of their identity security to prevent such hacking attacks. For SIM swap hacking, we recommend using multi-factor authentication, enhanced account verification such as additional passwords, or establishing a secure PIN or password for SIM card or phone accounts.
You are Network
On August 15, 2023, Sei Network's official Discord server was compromised.
RocketSwap
On August 15, 2023, the Base ecological project RocketSwap was attacked. The attacker stole RCKT tokens, converted them into ETH worth about $868,000 and cross-chained them to Ethereum, and then the hacker created a memecoin named LoveRCKT , the purpose may be to use the stolen assets to manipulate market sentiment for personal gain.
The incident also raised questions about RocketSwap, especially the deployment process and private key storage. However, the team denied internal involvement and attributed the actions to third-party hackers. RocketSwap said: "The team needs to use offline signatures and put the private key on the server when deploying Launchpad. It is currently detected that the server has been cracked by violence, and because the farm contract uses a proxy contract, there are multiple high-risk permissions that lead to the transfer of farm assets."
SwirlLend
On August 16, 2023, the lending protocol SwirlLend team stole about $2.9 million worth of cryptocurrency from Base and $1.7 million worth of cryptocurrency from Linea, all of which were cross-chained to Ethereum. As of now, the deployer has transferred 254.2 ETH to Tornado Cash. SwirlLend's official Twitter and Telegram accounts have been logged out, and its official website is also inaccessible. According to MistTrack analysis, the deployer used SwftSwap, XY Finance, Orbiter Finance, etc. At the same time, the following IPs were found: 50.*.*.106, 50.*.*.58, 50.*.\ *.42.
Made by Apes
On August 16, 2023, on-chain analyst ZachXBT tweeted that there was an issue with SaaSy Labs APl of Made by Apes, an on-chain license application platform launched by BAYC, allowing access to personal details of MBA applications. This issue was reported to Yuga Labs before disclosure and has now been fixed. Yuga Labs responded that it is currently uncertain whether there is a case of data misuse, is contacting anyone who may have exposed information, and will provide fraud and identity protection to any users who may need it.
(
Exactly Protocol
On August 18, 2023, the DeFi lending agreement Exactly Protocol was attacked and lost more than 7,160 ETH (approximately US$12.04 million). The two contract attackers attack by calling the function kick() multiple times and use the developer contract on Ethereum to transfer deposits to Optimism and eventually transfer the stolen funds back to Ethereum. It is understood that the root cause of Exactly Protocol’s attack is insufficient_check. The attacker bypasses the permission check in the leverage function of the DebtManager contract by directly passing an unverified fake market address and changing _msgSender to the victim’s address. Then, in an untrusted external call, the attacker re-enters the crossDeleverage function in the DebtManager contract and steals the collateral from _msgSender. Exactly Protocol tweeted that the suspension of the agreement has been lifted, users can perform all operations, and no liquidation has occurred. The hack only affected users using the peripheral contract (DebtManager), the protocol is still functioning normally.
Harbor Protocol
On August 19, 2023, Harbor Protocol, a Cosmos ecological cross-chain stable currency protocol, tweeted that Harbor Protocol was exploited, resulting in the depletion of some funds in stable-mint, stOSMO, LUNA, and WMATIC vaults. From the information gathered so far, the attackers used the following address to perform all operations: comdex1sma0ntw7fq3fpux8suxkm9h8y642fuqt0ujwt5. It is reported that Harbor Protocol lost 42,261 LUNA, 1,533 CMDX, 1,571 stOSMO and 18,600 trillion WMATIC in the attack.
Thales
On August 20, 2023, the derivatives market Thales issued an announcement saying that a core contributor's PC/Metamask was hacked, and some of them acted as temporary deployers ($25,000) or administrator robots ($10,000). Hot wallets have been compromised. Do not interact with any Thalesmarket contracts on the BNB Chain, and revoke any contracts that are pending approval. All funds are safe on Optimism, Arbitrum, Polygon and Base. Thales said that as a result of the attack, support for the BSC will be officially dropped.
Summarize
Two incidents this week were losses caused by compromised private keys. In the past, events that caused losses due to improper management of the private key of the project party were also common, such as the Ronin Network event with a loss of more than 610 million US dollars, the Harmony event with a loss of more than 100 million US dollars, and the Wintermute event with a loss of more than 160 million US dollars. There are many reasons for the theft of private keys. There are three main aspects of private key security for project parties: private key cracking, social engineering attacks, and ecological security. Due to the importance of the private key, improving the level of secure storage (such as hardware encryption chip protection) and removing single-point risks are important means to prevent attacks. The backup of the private key/mnemonic can also consider reducing the risk of a single point, and use some safe backup methods, media or processes, etc. For details, please refer to the encrypted asset security solution produced by SlowMist: