Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
I noticed an important warning from security experts — there's a wave of phishing targeting macOS users. The essence is that emails supposedly about audits or token unlocks are actually phishing attacks.
How does it work? Malicious actors send attachments with clever names — for example, a file looks like a .docx, but in reality, it's a .docx.scpt. The double extension is misleading, and people run the script thinking they're opening a regular document.
After launching, problems begin. The script steals system passwords, bypasses TCC protection (which is the permission system in macOS), and installs a backdoor on Node.js. As a result, attackers gain access to the system and can do anything.
SlowMist and Chainbase analyzed this phishing campaign and issued recommendations. If you accidentally opened such an email or entered your password — act immediately. Disconnect from the internet, check your system for compromise, change your passwords.
Be more cautious with verification and unlock emails. If something looks suspicious — it's better to verify directly with the source than risk your system.