- Topic
451 Popularity
3k Popularity
4k Popularity
8k Popularity
23k Popularity
2k Popularity
32k Popularity
20k Popularity
32k Popularity
129k Popularity
- Pin
- 🎉 A Warm Welcome to Dr.Han on Gate Square!
Dr.Han — Founder of Gate and a seasoned crypto industry observer — is now officially sharing insights on Gate Square!
📢 Follow Dr.Han and like or comment on his latest post for a chance to win!
👉 Post: https://www.gate.com/post/status/11966645
👉 Profile: https://www.gate.com/profile/Dr_Han
🎁 Giveaway Alert:
We’ll randomly select 10 lucky users from those who follow + like/comment to receive a limited-edition Gate T-shirt — the same style worn by Dr.Han!
(If shipping is unavailable in your region, a $50 Futures Voucher will be provided instead.)
�
- 🔥 Gate Square #Gate Alpha Third Points Carnival# Trading Sharing Event is Live!
Share Alpha trading highlights screenshots with #Gate Alpha Trading Share# to split $100!
🎁 10 lucky users * 10 USDT each
📅 July 4, 4:00 – July 20, 16:00 UTC+8
Don’t forget—the main Alpha Points Carnival prize pool is up to $1,000,000!
Trade and post for double the chances to win!
Learn more: https://www.gate.com/announcements/article/45908
- 🎉 Gate xStocks Trading is Now Live! Spot, Futures, and Alpha Zone – All Open!
📝 Share your trading experience or screenshots on Gate Square to unlock $1,000 rewards!
🎁 5 top Square creators * $100 Futures Voucher
🎉 Share your post on X – Top 10 posts by views * extra $50
How to Participate:
1️⃣ Follow Gate_Square
2️⃣ Make an original post (at least 20 words) with #Gate xStocks Trading Share#
3️⃣ If you share on Twitter, submit post link here: https://www.gate.com/questionnaire/6854
Note: You may submit the form multiple times. More posts, higher chances to win!
📅 July 3, 7:00 – July 9,
- #GateSquareGiveaway# - Spot the Differences 👀
GM ☕ Our frog friend has two slightly different mornings—can you find all the changes?
💰 $10 Futures Voucher * 5 winners
To join:
🔹Follow Gate_Square
🔹Like this post and drop your answer in the comments
📅 Ends at 16:00 PM, July 7 (UTC)
Largest single theft in history: $1.46 billion in encryption assets hacked, industry alarm bells ring again
Unprecedented Huge Loss from a Single Event
A staggering security incident has resulted in a loss of approximately $1.46 billion in funds, setting a historical record for a single theft case. The victim is a well-known trading platform, whose Ethereum cold wallet was attacked by the Lazarus Group hacking organization. The scale of this theft surpasses the $611 million stolen from a certain network in 2021, and even exceeds the approximately $1 billion theft from the Central Bank of Iraq in 2003.
This major event has caused widespread panic and deep reflection within the industry. Let us analyze this "life-and-death race" crisis step by step.
Cold wallet defense line breached
Cold wallets are usually considered the safest way to store cryptocurrencies because they are completely isolated from the internet. The withdrawal of funds requires strict multi-factor verification and approval processes. The trading platform employs a solution that combines multi-signature wallets with hardware cold wallets, setting a 3/3 signature threshold, meaning all three private key holders must authorize simultaneously to execute any asset transfer.
The hacker organization did not directly breach the cold wallet, but successfully infiltrated the computer systems of three signers. They had previously deployed a malicious contract with a backdoor, which quietly replaced normal transaction requests with the pre-deployed malicious contract during the signers' daily operations.
The root cause of this vulnerability lies in a successful phishing attack. The hacker tricked the wallet signer into signing malicious transaction data, ultimately leading to the malicious upgrade of the contract, allowing the hacker to control the cold wallet and transfer all funds. This once again proves that even the most stringent security measures can be breached as long as human intervention is involved.
Discussion on the Feasibility of Blockchain Rollbacks
In light of the massive amount of stolen funds, some are calling for a "rollback" operation to reset the blockchain to its state before the attack occurred. In response, the CEO of the trading platform stated: "This shouldn't be decided by one person. According to the spirit of blockchain, perhaps it should be decided through a community vote, but I'm not sure."
Ethereum core developer Tim Beiko explained that rollback operations are currently impossible in the Ethereum ecosystem. By 2025, the development of DeFi and cross-chain bridges means that stolen funds can easily be mixed within application networks. For example, stolen funds can be exchanged on decentralized exchanges, and the tokens obtained can be used as collateral in DeFi protocols, with borrowed assets then bridged to other chains. A complete "rollback" would invalidate all recent on-chain activities, potentially causing greater chaos. Many settled transactions involve impacts beyond Ethereum (such as exchange sales, redemption of physical assets, etc.), and these off-chain components cannot be reversed. Therefore, rollback is not a wise solution.
Controversy Arises Over Withdrawal Suspension
After the incident, the founder of a well-known exchange suggested temporarily halting all withdrawals as a standard safety precaution. This suggestion sparked intense debate.
Some industry insiders oppose this. They believe that stopping withdrawals will make users feel that the exchange is powerless over their funds. Even without a hacking attack, preventing or delaying withdrawals can be very frustrating. This is also a reason why many users abandon certain trading platforms, as they often extend the waiting time for user withdrawals.
The CEO of the victimized trading platform responded that if the hacker attack was through penetrating internal systems or compromising hot wallets, they would immediately suspend all withdrawals. However, in this incident, the compromised wallet was an ETH cold wallet, unrelated to the internal systems. He emphasized that all withdrawals were processed within 12 hours after the incident, and the withdrawal system has fully returned to normal speed, allowing users to withdraw any amount without encountering any delays.
Assistance and Support in the Industry
After the incident, multiple trading platforms and institutions extended their help. A whale account from a large exchange and another trading platform collectively transferred over 50,000 ETH to the cold wallet of the victim platform. Additionally, an exchange directly transferred 12,652 stETH (approximately 33.75 million USD) to its cold wallet.
According to data statistics, in the past 12 hours, the victim trading platform has seen an inflow of funds exceeding 4 billion USD, including 63,168.08 ETH, 3.15 billion USD of USDT, 173 million USD of USDC, and 525 million USD of CUSD. This inflow of funds has fully covered the losses caused by the hacking attack.
Many exchanges and industry leaders have also voiced their support. Some exchanges have stated that they have frozen related addresses, and once they detect stolen assets flowing in, they will immediately freeze the relevant assets to support recovery efforts. The founder of a well-known blockchain project stated that they will closely monitor the situation and make every effort to assist in tracking the related funds.
Barriers to Recovering Funds
According to monitoring, in the two and a half days following the incident, hackers have transferred 89,500 ETH (approximately $224 million), which accounts for 18% of the total ETH they stole (499,000 ETH). At this rate, the hackers could convert the remaining 410,000 ETH into other assets within half a month.
Some blockchain detectives discovered that 5,000 stolen ETH were laundered through a certain trading platform and converted into Bitcoin. The victimized trading platform requested that the platform freeze the funds and track their movements, but was denied. The platform publicly disclosed this request and stated that it would not provide any assistance because its users had been banned by the victim platform.
The CEO of the victimized trading platform responded: "This is not just about us, but the entire industry's attitude towards hackers. We sincerely hope that the platform can reconsider and assist in stopping the outflow of funds. We have the support of Interpol and regulatory agencies, and preventing these funds from leaving is not just helping us."
Latest Developments in the Situation
After a series of remedial actions, loans, and self-help measures, the victimized trading platform announced that it has officially registered with the Indian authorities, and all services (including the ability to open new trades and access all products) have been fully restored for existing users.
The platform has also launched a bounty program targeting the Lazarus hacking organization, which will showcase transparent data regarding its money laundering activities. The total bounty is 10% of the recovered funds, and if all funds are recovered, the total bounty could reach up to $140 million. The specific allocation is: 5% to the entity that successfully freezes the funds, and 5% to contributors who help trace the funds. This initiative aims not only to recover stolen funds but also to set a new standard for the industry in responding to security threats.
Although the trading platform successfully mitigated the most dangerous risk of a bank run, the subsequent actions of hackers to cash out or exchange the stolen ETH for other currencies may exert significant selling pressure on the market. The market continues to decline, and has entered a state of panic. In the absence of short-term positive news, the cryptocurrency market is showing signs of a bear market, and investors need to approach the future market developments with caution.