资产安全
26,428 views
4 Discussing
Hot
Latest
See original
Another person's wallet was stolen, nearly 50 million evaporated overnight, all because they bought a 'cold wallet' on Douyin, a bloody lesson!!!
Many friends might not know what a cold wallet is at this point. In the cryptocurrency world, those who are truly big players typically use wallets to store tokens, making it convenient for long-term holding and also more secure.
Wallets are divided into cold wallets and hot wallets. Cold wallets are completely disconnected from the internet, similar to a USB flash drive, and are only connected for use. Hot wallets, on the other hand, are always online. Cold wallets are more secure, but hot wallets are more convenient. Generally, most people using cold wallets are those storing large assets long-term.
So why do assets in wallets disappear or get stolen?
It's mainly because they bought a fake wallet or a manipulated wallet, which is labeled as a cold wallet or a counterfeit brand new one. In reality, it's a premeditated trap organized by criminals, equivalent to having your generated keys monitored. Their team has the wallet's backend technology, and as soon as your funds enter, they can use your keys to steal your funds at any time.
Some friends might say that hot wallets are safer, but they are essentially the same. The key point lies in the authenticity and legitimacy of the wallet. Hot wallets can generally be downloaded and used by anyone, while cold wallets need to be purchased. Make sure to choose reputable platforms and brands, and don't be fooled or tempted by low prices to purchase unknown wallets.
Beware of security risks: Cold wallets must be properly stored in physical media (like hardware wallet recovery phrases, or private keys of paper wallets) to prevent loss or leakage. For hot wallets, make sure to use reliable software and keep your private keys and recovery phrases safe. Do not take screenshots or back them up on any apps on your phone; consider writing them down in a notebook.
Many friends might not know what a cold wallet is at this point. In the cryptocurrency world, those who are truly big players typically use wallets to store tokens, making it convenient for long-term holding and also more secure.
Wallets are divided into cold wallets and hot wallets. Cold wallets are completely disconnected from the internet, similar to a USB flash drive, and are only connected for use. Hot wallets, on the other hand, are always online. Cold wallets are more secure, but hot wallets are more convenient. Generally, most people using cold wallets are those storing large assets long-term.
So why do assets in wallets disappear or get stolen?
It's mainly because they bought a fake wallet or a manipulated wallet, which is labeled as a cold wallet or a counterfeit brand new one. In reality, it's a premeditated trap organized by criminals, equivalent to having your generated keys monitored. Their team has the wallet's backend technology, and as soon as your funds enter, they can use your keys to steal your funds at any time.
Some friends might say that hot wallets are safer, but they are essentially the same. The key point lies in the authenticity and legitimacy of the wallet. Hot wallets can generally be downloaded and used by anyone, while cold wallets need to be purchased. Make sure to choose reputable platforms and brands, and don't be fooled or tempted by low prices to purchase unknown wallets.
Beware of security risks: Cold wallets must be properly stored in physical media (like hardware wallet recovery phrases, or private keys of paper wallets) to prevent loss or leakage. For hot wallets, make sure to use reliable software and keep your private keys and recovery phrases safe. Do not take screenshots or back them up on any apps on your phone; consider writing them down in a notebook.
Ycash:
断网之后,生成钱包,然后永不再联网。如果要转出,用此断网设备向联网设备提供签名。联网设备就算有毒,也无法得到断网设备的私钥,只能得到该笔签名。
See original
Family, the 618 celebration discount from @OneKeyHQ is here!
https://shop.onekey.so/?r=DTA618
Enter the mysterious code DTA618
Directly unlock additional discounts, stacking event discounts
The price of getting a hardware wallet is simply irresistible!
🔥
Not only can you add a "safety lock" to your wallet and mnemonic phrase, but maybe in the future there will also be
surprise benefits? Like Solana phones giving users airdrops? Or other
reward programs, who wouldn't love that? Plus with this Web3 Security Week, you can also participate
in various activities: share your "risk adventure stories", take challenges and win
prizes, and even invite friends to join in and get a Classic 1s for free!
http://onekey.so/r/RUPH15
#OneKey618 #资产安全 #HardwareWallets
https://shop.onekey.so/?r=DTA618
Enter the mysterious code DTA618
Directly unlock additional discounts, stacking event discounts
The price of getting a hardware wallet is simply irresistible!
🔥
Not only can you add a "safety lock" to your wallet and mnemonic phrase, but maybe in the future there will also be
surprise benefits? Like Solana phones giving users airdrops? Or other
reward programs, who wouldn't love that? Plus with this Web3 Security Week, you can also participate
in various activities: share your "risk adventure stories", take challenges and win
prizes, and even invite friends to join in and get a Classic 1s for free!
http://onekey.so/r/RUPH15
#OneKey618 #资产安全 #HardwareWallets
See original
I have a good buddy who, after graduating, worked a 9-to-5 job at a small company in Shenzhen. His life was ordinary, but he always dreamed of financial freedom. In 2025, he accidentally stumbled upon cross-border e-commerce and started selling creative home goods on Amazon. After more than half a year of exploration, from product selection to operation, he finally welcomed a surge in orders and made a net profit of $50,000 in one month! Looking at the numbers in his account, he was so excited that he couldn't sleep all night. But then the problem arose: how could he safely and quickly cash out this money to his domestic account?
He tried traditional bank transfers, but the complicated procedures, the hassle of opening offshore accounts, the high fees, and the long waiting time for funds to arrive made him headache. Just when he was at a loss, a friend recommended “BiyaPay.” With a mindset of giving it a try, my buddy downloaded the BiyaPay App, and the registration process was as simple as ordering takeout, taking just a few minutes.
On his first operation, he exchanged USDT in his account through BiyaPay to USD at a 1:1 real-time exchange rate, with a fee of only 0.5%, which was several times lower than the bank! What surprised him even more was that he initiated a withdrawal that afternoon, and by that evening, the money was already in his account! "This is just too fast. Later, my buddy told me that BiyaPay is truly a magic tool for cash flow!"
Later on, my buddy discovered that BiyaPay not only allows for cash flow but also enables the purchase of U.S. stocks and can exchange over 30 fiat currencies and more than 200 cryptocurrencies, making global investment and cross-border payments a breeze. More importantly, BiyaPay holds MSB financial licenses from the U.S. and Canada, ensuring safety and giving him peace of mind.
Now, he has quit his job and is working full-time in cross-border e-commerce, with BiyaPay becoming his "best partner" for cashing out funds. "From account to pocket, BiyaPay makes my wealth flow as simply as breathing!"
#Biyapay #SafeCashOut #NoFrozenCard #资产安全
He tried traditional bank transfers, but the complicated procedures, the hassle of opening offshore accounts, the high fees, and the long waiting time for funds to arrive made him headache. Just when he was at a loss, a friend recommended “BiyaPay.” With a mindset of giving it a try, my buddy downloaded the BiyaPay App, and the registration process was as simple as ordering takeout, taking just a few minutes.
On his first operation, he exchanged USDT in his account through BiyaPay to USD at a 1:1 real-time exchange rate, with a fee of only 0.5%, which was several times lower than the bank! What surprised him even more was that he initiated a withdrawal that afternoon, and by that evening, the money was already in his account! "This is just too fast. Later, my buddy told me that BiyaPay is truly a magic tool for cash flow!"
Later on, my buddy discovered that BiyaPay not only allows for cash flow but also enables the purchase of U.S. stocks and can exchange over 30 fiat currencies and more than 200 cryptocurrencies, making global investment and cross-border payments a breeze. More importantly, BiyaPay holds MSB financial licenses from the U.S. and Canada, ensuring safety and giving him peace of mind.
Now, he has quit his job and is working full-time in cross-border e-commerce, with BiyaPay becoming his "best partner" for cashing out funds. "From account to pocket, BiyaPay makes my wealth flow as simply as breathing!"
#Biyapay #SafeCashOut #NoFrozenCard #资产安全
See original
【Shocked! Scroll Ecological Lending Platform Rho Markets is suspected to have been hacked! 💥】
🛑 Just now, Scroll Ecological Lending Platform Rho Markets issued an emergency announcement on the X platform: "We have detected abnormal activities on the platform and are currently investigating. During this period, we will suspend the platform and keep the community informed of the progress of the investigation. After everything returns to normal, the platform function will be enabled again."
🔍 Everyone, if you have recently operated on Rho Markets, please pay attention to the security of your assets! Hacker attacks are really hard to prevent, so everyone should be more careful and stay alert.
🔒 I hope Rho Markets can find out the cause as soon as possible and resume normal operations. At the same time, it also reminds other platforms to improve security measures to protect the safety of user assets. We will also continue to pay attention to the progress of the incident and update the latest news in a timely manner.
#WazirX黑客事件 #scroll #黑客攻击 #以太坊ETF批准预期 #资产安全 $BTC $ETH $BNB
🛑 Just now, Scroll Ecological Lending Platform Rho Markets issued an emergency announcement on the X platform: "We have detected abnormal activities on the platform and are currently investigating. During this period, we will suspend the platform and keep the community informed of the progress of the investigation. After everything returns to normal, the platform function will be enabled again."
🔍 Everyone, if you have recently operated on Rho Markets, please pay attention to the security of your assets! Hacker attacks are really hard to prevent, so everyone should be more careful and stay alert.
🔒 I hope Rho Markets can find out the cause as soon as possible and resume normal operations. At the same time, it also reminds other platforms to improve security measures to protect the safety of user assets. We will also continue to pay attention to the progress of the incident and update the latest news in a timely manner.
#WazirX黑客事件 #scroll #黑客攻击 #以太坊ETF批准预期 #资产安全 $BTC $ETH $BNB
See original
A new choice for asset protection--multi-signature wallet
Multi-signature wallet concept
Multi-Sig stands for multi-signature, which is a specific type of digital signature that allows more than two users to sign as a group. Therefore, multi-signatures are generated by combining multiple single signatures.
For example, imagine a safe with two locks and two keys, one key held by A and the other by B. The only way to open this safe is for two people, A and B, to provide the keys to unlock the lock at the same time. If you only have one of the keys, you cannot open the safe.
Multi-Sig stands for multi-signature, which is a specific type of digital signature that allows more than two users to sign as a group. Therefore, multi-signatures are generated by combining multiple single signatures.
For example, imagine a safe with two locks and two keys, one key held by A and the other by B. The only way to open this safe is for two people, A and B, to provide the keys to unlock the lock at the same time. If you only have one of the keys, you cannot open the safe.
See original
Loopring Wallet responds to $5 million security breach, launching emergency measures to ensure user assets are safe
Loopring, an Ethereum zero-knowledge rollup protocol, announced on Sunday that its smart wallet had suffered a major security breach, with attackers impersonating wallet owners to reset ownership and redeem assets.
The attack was allegedly linked to Loopring's official Guardian service, and the project is currently working with security and law enforcement agencies to investigate how the two-factor authentication system was compromised and hunt down the cybercriminals.
Loopring officially discloses the theft
According to a comprehensive announcement released by Loopring on the X platform, the attacker targeted a subset of wallets and exploited a vulnerability in the official Guardian service. This caused some wallets in Loopring to fall victim to this security breach.
The attack was allegedly linked to Loopring's official Guardian service, and the project is currently working with security and law enforcement agencies to investigate how the two-factor authentication system was compromised and hunt down the cybercriminals.
Loopring officially discloses the theft
According to a comprehensive announcement released by Loopring on the X platform, the attacker targeted a subset of wallets and exploited a vulnerability in the official Guardian service. This caused some wallets in Loopring to fall victim to this security breach.
See original
Revealing several key points about stolen digital assets, learning will make your assets safer!
Uncovering the U-stealing fraud industry chain: It takes five minutes to deposit $500,000 into a bank, but it only takes less than a second for it to be gone once you click on the U-stealing link.
Now domestic scammers are upgrading from traditional telecommunications fraud to virtual currency fraud. Hello everyone, today I will reveal the complete U-theft fraud industry chain for you.
First of all, we need to know what USDT theft is. In simple terms, it is the act of stealing or transferring USDT from other people's digital wallets by various means. So why do scammers target USDT theft? The reason is also very simple. Virtual currency is not protected by law in China. When victims go to China to report the case, many uncles in hats don't know what USDT is. Some uncles in hats directly tell you that it is not protected by law, and they will not file a case for investigation. Often the victims can only blame themselves for their bad luck.
Now domestic scammers are upgrading from traditional telecommunications fraud to virtual currency fraud. Hello everyone, today I will reveal the complete U-theft fraud industry chain for you.
First of all, we need to know what USDT theft is. In simple terms, it is the act of stealing or transferring USDT from other people's digital wallets by various means. So why do scammers target USDT theft? The reason is also very simple. Virtual currency is not protected by law in China. When victims go to China to report the case, many uncles in hats don't know what USDT is. Some uncles in hats directly tell you that it is not protected by law, and they will not file a case for investigation. Often the victims can only blame themselves for their bad luck.
See original
#币安7周年 #资产安全
Based on my experience, I suggest that after joining the cryptocurrency circle, you should not pay too much attention to the rise and fall of numbers, but regard it as a virtual digital asset.
Don't pay too much attention to daily gains and losses, but regard it as a kind of points in the game, and you can start over at any time.
Only in this way can you get real joy and happiness in the cryptocurrency circle.
Based on my experience, I suggest that after joining the cryptocurrency circle, you should not pay too much attention to the rise and fall of numbers, but regard it as a virtual digital asset.
Don't pay too much attention to daily gains and losses, but regard it as a kind of points in the game, and you can start over at any time.
Only in this way can you get real joy and happiness in the cryptocurrency circle.
See original
The role of passwords and private keys/mnemonics in decentralized wallets
“I have my wallet password and wallet address, how do I log in to my wallet?”
If you still have this question, it means you haven’t really understood the role that wallet passwords and private keys/mnemonic phrases play in decentralized wallets.
Why can’t I import the wallet password to restore control of wallet assets?
The wallet password is mainly used to encrypt the private key information. For example, you need to enter the password when transferring money or other on-chain operations; when importing the wallet with the private key/mnemonic phrase, you must set the wallet password. The password can be modified or reset in the wallet. If the original password is forgotten, you can use the private key or mnemonic phrase to import the wallet and set a new password.
If you still have this question, it means you haven’t really understood the role that wallet passwords and private keys/mnemonic phrases play in decentralized wallets.
Why can’t I import the wallet password to restore control of wallet assets?
The wallet password is mainly used to encrypt the private key information. For example, you need to enter the password when transferring money or other on-chain operations; when importing the wallet with the private key/mnemonic phrase, you must set the wallet password. The password can be modified or reset in the wallet. If the original password is forgotten, you can use the private key or mnemonic phrase to import the wallet and set a new password.
See original
Hide small amount records and stay away from phishing scams.
Why do "zero amount" transfer records appear?
The "zero amount" transfer operation is performed directly through the TransferFrom function in the USDT contract. Any on-chain address can be called and a record will be generated on the chain and synchronized in the wallet, and a blank record will be generated in the authorization record.
The purpose of this operation is to simulate the transfer/transfer record from the user's address, and combine it with the method of transferring small amounts of assets into the disguised address to induce the user to mistakenly copy the address and make the transfer. In essence, this kind of call does not cause any risk to the assets, and the Gas consumed by the call will also be paid by the other party. When copying the address in the history record, complete address information verification is required to avoid misoperations such as using the wrong payment address and transferring money.
The "zero amount" transfer operation is performed directly through the TransferFrom function in the USDT contract. Any on-chain address can be called and a record will be generated on the chain and synchronized in the wallet, and a blank record will be generated in the authorization record.
The purpose of this operation is to simulate the transfer/transfer record from the user's address, and combine it with the method of transferring small amounts of assets into the disguised address to induce the user to mistakenly copy the address and make the transfer. In essence, this kind of call does not cause any risk to the assets, and the Gas consumed by the call will also be paid by the other party. When copying the address in the history record, complete address information verification is required to avoid misoperations such as using the wrong payment address and transferring money.
See original
Solana’s Pump.fun platform loses $2 million in internal attack
Brief Overview:
• Pump.fun, an emoji coin platform on Solana, suffered an internal attack, resulting in losses of $2 million.
• The attacker interfered with the token listing process by manipulating the Bonding Curve.
• The platform has upgraded its contracts, suspended trading, and ensured that user funds were not harmed.
On May 16 at 15:21 UTC, pump.fun, a meme coin platform within the Solana ecosystem, was attacked, resulting in a loss of approximately 12,300 SOL, equivalent to nearly $2 million.
The attacker used Margin.fi’s flash loan method to obtain SOL without using his own funds and purchase pump.fun tokens. This move attracted widespread attention in the crypto community.
• Pump.fun, an emoji coin platform on Solana, suffered an internal attack, resulting in losses of $2 million.
• The attacker interfered with the token listing process by manipulating the Bonding Curve.
• The platform has upgraded its contracts, suspended trading, and ensured that user funds were not harmed.
On May 16 at 15:21 UTC, pump.fun, a meme coin platform within the Solana ecosystem, was attacked, resulting in a loss of approximately 12,300 SOL, equivalent to nearly $2 million.
The attacker used Margin.fi’s flash loan method to obtain SOL without using his own funds and purchase pump.fun tokens. This move attracted widespread attention in the crypto community.
See original
A must see! TokenPocket Security Tips Collection
Genuine wallet download channel
Recently, a large number of fake TokenPocket download links have appeared on search sites. If the fake wallet above is downloaded through these fake links, the fake wallet will intercept and steal when the user imports the private key mnemonic phrase. After obtaining permission, they The assets in the wallet may be stolen directly, or the wallet may be monitored and stolen immediately when a large amount of assets are transferred to the address.
I would like to remind everyone: Do not access and download wallets at will, especially on search sites; do not use fake installation packages recommended by others, and stay away from fake TokenPocket wallets. Using a genuine wallet is the most basic first step for the security of your assets.
Recently, a large number of fake TokenPocket download links have appeared on search sites. If the fake wallet above is downloaded through these fake links, the fake wallet will intercept and steal when the user imports the private key mnemonic phrase. After obtaining permission, they The assets in the wallet may be stolen directly, or the wallet may be monitored and stolen immediately when a large amount of assets are transferred to the address.
I would like to remind everyone: Do not access and download wallets at will, especially on search sites; do not use fake installation packages recommended by others, and stay away from fake TokenPocket wallets. Using a genuine wallet is the most basic first step for the security of your assets.
See original
Dexx was stolen, how can we protect our assets and income!
I saw the news of Dexx being stolen as soon as I woke up today (see Figure 1). Based on the recent market of the local dog, it is estimated that there will be a loss of hundreds of millions of US dollars. After all, the statistics of a single group now exceed 10 million US dollars.
What's even more ridiculous is that Dexx claims to be a [self-hosted wallet], but it directly exposes the private key inscription online (see Figure 2), which is equivalent to the user's assets being naked on the chain, waiting for people to steal 😅. This once again exposes the huge security risks of the current meme trading tool, including various tg bots.
Therefore, in order to protect your assets and income, we recommend that you 👇🏻
1. Try not to use trading tools that require private keys or mnemonics. Every input means that your wallet has an additional security risk
2. When speculating memes, try to use new wallets, isolate assets, and set the upper limit of recharge assets (for example, each wallet can recharge up to 5 Sol, etc.)
3. Friends who pursue stable income can consider exchanging part of the income from speculating memes for BTC and staking it in some staking protocols, such as BounceBit @BounceBit, which has just launched the V2 version (for detailed introduction, please see BounceBit V2 介绍)
Finally, I still want to tell everyone that Crypto is a dark forest. The only person who can be responsible for your assets is you. Don't trust anyone. Although this may prevent us from rushing into the local dog in the first time, it can allow us to put our pockets in peace to a greater extent.
If you can't get the money in the end, then you are just working for the hackers on the chain. I hope you will never encounter this problem🙏
#BBCeDeFi $BB #资产安全
I saw the news of Dexx being stolen as soon as I woke up today (see Figure 1). Based on the recent market of the local dog, it is estimated that there will be a loss of hundreds of millions of US dollars. After all, the statistics of a single group now exceed 10 million US dollars.
What's even more ridiculous is that Dexx claims to be a [self-hosted wallet], but it directly exposes the private key inscription online (see Figure 2), which is equivalent to the user's assets being naked on the chain, waiting for people to steal 😅. This once again exposes the huge security risks of the current meme trading tool, including various tg bots.
Therefore, in order to protect your assets and income, we recommend that you 👇🏻
1. Try not to use trading tools that require private keys or mnemonics. Every input means that your wallet has an additional security risk
2. When speculating memes, try to use new wallets, isolate assets, and set the upper limit of recharge assets (for example, each wallet can recharge up to 5 Sol, etc.)
3. Friends who pursue stable income can consider exchanging part of the income from speculating memes for BTC and staking it in some staking protocols, such as BounceBit @BounceBit, which has just launched the V2 version (for detailed introduction, please see BounceBit V2 介绍)
Finally, I still want to tell everyone that Crypto is a dark forest. The only person who can be responsible for your assets is you. Don't trust anyone. Although this may prevent us from rushing into the local dog in the first time, it can allow us to put our pockets in peace to a greater extent.
If you can't get the money in the end, then you are just working for the hackers on the chain. I hope you will never encounter this problem🙏
#BBCeDeFi $BB #资产安全
Login to explore more contents