- Pin
- 🔥 Gate Post Ambassador Exclusive Posting Reward Task Is On!
👉 Post daily from May 19 to May 25 and share a $300 prize pool based on your post quality!
Join now: https://www.gate.io/questionnaire/6679
Registration deadline: May 20 10:00 UTC
🎁 Reward Details:
S-Level Weekly Ranking Reward
Post every day for 7 days with an overall quality score above 90 to qualify for S-Level.
2 outstanding ambassadors will each receive a $50 trading fee rebate voucher.
A/B-Level Tiered Rewards
Based on the number of posts and their quality, ambassadors will be ranked and rewarded accordingly:
A-Level:
Post on
- Gate Brand Strategy Major Upgrade
Launching our global domain Gate.com, alongside a brand-new logo!
With a cleaner, more distinctive, universally recognized visual identity, we're moving from industry leader to true pace-setter.
✨ Three Pillars of Our Strategic Upgrade
1. User First: Serving 23 million users worldwide, with a reserve ratio of 128.57%, solidly among the top in the industry.
2. Tech Innovation: Pioneering the use of zero-knowledge proofs to verify reserve security.
3. Global Compliance: One of the few crypto platforms legally operating across multiple regions.
Just as we declare
- 🍕 Bitcoin Pizza Day is Almost Here!
Join the celebration on Gate Post with the hashtag #Bitcoin Pizza Day# to share a $500 prize pool and win exclusive merch!
📅 Event Duration:
May 16, 2025, 8:00 AM – May 23, 2025, 06:00 PM UTC
🎯 How to Participate:
Post on Gate Post with the hashtag #Bitcoin Pizza Day# during the event. Your content can be anything BTC-related — here are some ideas:
🔹 Commemorative:
Look back on the iconic “10,000 BTC for two pizzas” story or share your own memories with BTC.
🔹 Trading Insights:
Discuss BTC trading experiences, market views, or show off your contract gai
November Web3 Security Incident Summary: Total Loss Approximately $8,624,000
Author: SlowMist Security Team
Overview
In November 2024, the total loss from Web3 security incidents was approximately $86.24 million. Among them, according to the SlowMist Blockchain Blacklist, there were a total of 21 hacking incidents, resulting in a loss of approximately $76.86 million, with $25.5 million being recovered. The incidents were caused by contract vulnerabilities, compromised accounts, and price manipulation, among other reasons. In addition, according to Web3 anti-fraud platform Scam Sniffer, there were 9,208 phishing victims this month, with a total loss of $9.38 million.
()
Major Security Events
MetaWin
On November 4, 2024, according to on-chain investigator ZachXBT, the encryption gambling platform MetaWin was suspected to have been attacked, with more than $4 million stolen on Ethereum and Solana on-chain. According to MetaWin CEO Skel, the attacker infiltrated MetaWin's hot wallet through the platform's frictionless withdrawal system.
DeltaPrime
On November 11, 2024, Decentralized Finance protocol DeltaPrime was attacked on Avalanche and Arbitrum, with an estimated initial loss of 4.75 million dollars. The fundamental reason for this attack is the lack of input verification in the reward claim function.
()
Thala
On November 15, 2024, Thala, a Decentralized Finance project based on Aptos, was attacked, resulting in a theft of $25.5 million. The attacker exploited vulnerabilities in its Smart Contracts. The project party temporarily suspended the related Smart Contract and froze some Tokens, ultimately successfully freezing approximately $11.5 million in assets. After collaborating with law enforcement and multiple blockchain security teams, the project party successfully negotiated the recovery of the assets and allowed the attacker to retain $300,000 as a bounty.
()
DEXX
On November 16, 2024, multiple users' funds were stolen from the on-chain trading terminal DEXX. According to the SlowMist security team, the scale of losses in this incident has reached 21 million US dollars. Currently, the SlowMist security team is assisting DEXX officials and partners in continuous analysis. On November 28, the SlowMist security team disclosed 8,612 attacker Addresses on Solana on-chain collected so far, and the attacker Addresses on EVM on-chain will also be made public after the cleaning statistics are completed.
()
Polter Finance
On November 17, 2024, Polter Finance, a Decentralized Finance project based on Fantom, was attacked, resulting in a loss of approximately $12 million. The attacker used Flash Loans to deplete the token reserves of BOO, artificially raising the calculated price of BOO. This allowed them to borrow tokens far beyond the actual value of the collateral, resulting in huge profits. The founder of the platform stated that they have reported to the Singapore authorities and are trying to contact the attacker through on-chain messages to negotiate the return of funds, but have not received a response yet.
()
Feature Analysis and Security Recommendations
The number of security incidents and the scale of losses this month have significantly decreased compared to last month, reflecting to some extent the continuous improvement of the industry's security measures. It is worth noting that, both in terms of the distribution of attack causes and the resulting scale of losses, contract vulnerabilities are the highest proportion. The 7 contract vulnerability exploitation incidents that occurred this month resulted in approximately $30 million in losses, accounting for 39% of the total losses. SlowMist Security Team recommends that project parties always remain vigilant and regularly conduct comprehensive security audits to track and address new security threats and vulnerabilities, and protect project and asset security.
In addition, the SlowMist security team noted a real-world case of AI poisoning against the Crypto industry this month. This phenomenon indicates that the scope of Supply Chain attacks is expanding further. Some developers, in their pursuit of efficiency, may rely too much on AI-generated code and neglect scrutiny of code security. Therefore, the SlowMist security team reminds developers and project parties not to blindly trust the output when using AI to generate code. All code should undergo strict security audit and testing before being put into actual use to prevent security risks and protect the security of the project and users' assets. At the same time, the project party should also strengthen the overall security management of Supply Chain, conduct a comprehensive evaluation of third-party tools and services, and continue to follow the security trends in related fields to respond to new threats in a timely manner.
Finally, the events included in this article are the main security events of this month. More blockchain security events can be found in the SlowMist Blockchain Blacklist (/). Click to read the original article for direct access.