慢雾 SlowMist

Author: Lisa & 23pds
Editor: Sherry
Background
On June 18, 2025, on-chain detective ZachXBT revealed that Iran's largest cryptocurrency exchange, Nobitex, was suspected of suffering a hacker attack, with large abnormal asset transfers involving multiple public chains.
(https://t.me/investigations)
SlowMist further confirmed that the affected assets in the incident cover TRON, EVM, and BTC networks, with preliminary estimated losses of approximately $81.7 million.
(https://x.com/slowmist_team/status/1935246606095593578)
Nobitex also issued a statement confirming that some infrastructure and hot wallets indeed suffered unauthorized access, but emphasized that user funds are safe.

background
From OpenAI's GPT series to Google's Gemini, to various open source models, advanced artificial intelligence is profoundly reshaping the way we work and live. However, as technology develops rapidly, a dark side that deserves vigilance is gradually emerging - the emergence of unlimited or malicious large language models.
So-called unrestricted LLM refers to language models that are deliberately designed, modified, or "jailbroken" to circumvent the built-in security mechanisms and ethical restrictions of mainstream models. Mainstream LLM developers usually invest a lot of resources to prevent their models from being used to generate hate speech, false information, malicious code, or provide instructions for illegal activities. However, in recent years, some individuals or organizations have begun to look for or develop unrestricted models on their own for motives such as cybercrime. In view of this, this article will take stock of typical unrestricted LLM tools, introduce how they are abused in the crypto industry, and explore related security challenges and solutions.

Overview
In May 2025, the total loss from Web3 security incidents was approximately $266 million. Among them, according to statistics from the SlowMist Blockchain Hacking Archive (https://hacked.slowmist.io), there were a total of 15 hacking incidents, resulting in losses of approximately $257 million, with $162 million frozen or returned. The causes of incidents include contract vulnerabilities, oracle attacks, and account hacks. Additionally, according to statistics from the Web3 anti-fraud platform Scam Sniffer, there were 7,164 victims of phishing incidents this month, with losses amounting to $9.63 million.
(https://dune.com/scam-sniffer/may-2025-scam-sniffer-scam-report)

Author: Liz & Reborn
Editor: Liz
background
Yesterday, a user contacted the SlowMist security team to ask how to cancel the signature and attached a screenshot showing that his wallet address had risky authorization.
The user said that there was an authorization in his wallet that could not be revoked, and no response was given after multiple clicks. The wallet interface also displayed a risk warning. He also recalled that he had authorized a swap operation for a certain token many years ago, so he felt that this risk warning was not groundless.
A scam disguised as security
The SlowMist security team used the block browser and Revoke to check, but did not find any risk authorization records for the addresses in the screenshots. Soon after, the user sent another screenshot showing the results of his query in a tool. After comparison, the addresses in the two screenshots were inconsistent. We immediately suggested that the user provide the link to the tool together with the relevant addresses. At this point, the user also began to wonder: Could it be that both of his addresses have risk authorization?

Author: Lisa & 23pds
Editor: Liz
Background
On May 21, 2025, the U.S. Department of Justice (DOJ), in collaboration with Microsoft and law enforcement agencies from multiple countries, successfully seized the notorious info-stealing malware LummaC2's core infrastructure. The five key domain names and their subdomains that were seized were all fundamental operational nodes of LummaC2, and law enforcement successfully located and controlled over 2,300 sites behind it, indirectly striking many downstream attack groups that relied on this tool.
According to disclosures from the FBI, LummaC2 has been used in over 1.7 million info-stealing attacks, targeting not limited to browser autofill data, email and bank account login credentials, cryptocurrency wallet mnemonic phrases, etc. This seizure operation was conducted in phases: on May 19, the government seized two domain names; on May 20, LummaC2 administrators notified users of three new alternative domain names; the next day, these three domain names were also seized.

Author:Victory & Lisa
Editor: Liz
background
On May 22, according to community news, Cetus, the liquidity provider in the SUI ecosystem, was suspected of being attacked, the depth of the liquidity pool dropped significantly, and multiple token trading pairs on Cetus fell, with an estimated loss of more than US$230 million. Subsequently, Cetus issued an announcement stating: "An incident was detected in our protocol. For safety reasons, the smart contract has been temporarily suspended. The team is currently investigating the incident. We will soon issue a further investigation statement."
After the incident, the SlowMist security team immediately intervened to analyze the incident and issued a security alert. The following is a detailed analysis of the attack methods and fund transfer.

Authors: Liz & Lisa
Editor: Sherry
Background
In the field of crypto assets, social engineering attacks are becoming a major threat to user fund security. Since 2025, a large number of social engineering scam incidents targeting Coinbase users have surfaced, drawing widespread attention from the community. It is clear from the community discussions that these incidents are not isolated cases, but a type of scam that is characterized by persistence and organization.
On May 15, Coinbase released a statement confirming previous speculations about the existence of 'insiders' within Coinbase. It is reported that the U.S. Department of Justice (DOJ) has initiated an investigation into this data leak incident.

Author: Lyndon & Lisa
Editor: Sherry
In the previous issue, we introduced in detail the architectural principles and cross-chain identification methods of THORChain. In this issue, we will turn our attention to another mainstream cross-chain tool - Bitget Swap.
What is Bitget Swap?
Bitget Wallet (formerly BitKeep) is a decentralized multi-chain wallet that supports asset management, DApp browsing, NFT market and trading functions. As one of its core components, Bitget Swap provides an aggregated decentralized trading experience, especially in cross-chain exchange scenarios.

Recap: Who is LockBit?
LockBit is an active Ransomware-as-a-Service (RaaS) organization that first appeared in September 2019. Due to its initial version adding the ".abcd" suffix when encrypting files, it was once referred to as "ABCD Ransomware." The group is known for its mature technology, high automation, and efficiency in ransom collection, having launched numerous attacks globally against enterprises, governments, educational institutions, and medical organizations, and has been classified as a high-level persistent threat (APT) organization by multiple national security agencies. We disclosed this organization last year.

Author: Lisa
Editor: Liz
Background
In April 2025, the United Nations Office on Drugs and Crime (UNODC) released a report titled (Global Impact of Southeast Asia's Scam Centers, Underground Banks, and Illegal Network Markets). This report systematically analyzes the emerging transnational organized crime forms in Southeast Asia, particularly focusing on the new digital crime ecology built around online scam centers, integrated with underground bank money laundering networks and illegal online market platforms.
Shortly after the report was released, the U.S. Treasury Department announced on May 5, 2025, sanctions against the Karen National Army (KNA) and its leaders and relatives, recognizing it as a significant transnational crime organization that leads and assists in conducting online scams, human trafficking, and cross-border money laundering activities. The KNA-controlled area along the Myanmar-Thai border has become a gathering place for multiple scam groups, and its collusion with the Myanmar military enables it to lease land on a large scale and provide electricity and security services in armed-controlled areas, supporting the daily operations of scam parks. On May 1, 2025, the Financial Crimes Enforcement Network also designated Huione Group as a primary money laundering concern, pointing out its role as a key channel for North Korean hacker groups and Southeast Asian scam groups to launder proceeds from virtual asset crimes, involving various virtual asset investment scams such as 'pig butchering'.

Author: Lisa
Editor: Sherry
In April 2025, the FBI released the (2024 Cryptocurrency Fraud Report). This report is based on data collected by the FBI's Internet Crime Complaint Center (IC3) in 2024, analyzing the number of cryptocurrency-related complaints, the scale of losses, victim profiles, types of crimes, and asset recovery progress. This article will interpret the core contents of the report to help readers quickly grasp trend changes and enhance their awareness and prevention capabilities against complex cybersecurity threats.
(Click the original text at the end of the article to view the report)

Overview
In April 2025, the total loss of Web3 security incidents was about 26.4 million US dollars. Among them, according to the SlowMist Blockchain Hacked Archive (https://hacked.slowmist.io), there were 18 hacking incidents, resulting in a loss of about 21.11 million US dollars, and 17.89 million US dollars were frozen or returned. The causes of the incidents involved contract loopholes, social engineering, internal evil and private key leakage. In addition, according to the Web3 anti-fraud platform Scam Sniffer, there were 7,565 victims of phishing incidents this month, with a loss of 5.29 million US dollars.
(https://dune.com/scam-sniffer/april-2025-scam-sniffer-scam-report)

Recently, the Model Context Protocol (MCP) has rapidly become the 'new infrastructure' of the AI ecosystem due to the promotion by organizations like Anthropic and the swift adoption by giants such as OpenAI, Microsoft, and Google. It achieves seamless connection between AI and local tools, databases, and APIs through standardized interfaces, greatly expanding the execution capabilities of agents, and is seen by the industry as the 'USB-C interface of AI'. In the Web3 industry, MCP-related applications have also begun to emerge. However, this protocol is currently in a 'chaotic' phase, facing multiple security risks and new attack surfaces, and can refer to SlowMist's recently released MCP attack surface and security checklist.

Currently, the MCP (Model Context Protocol) system is still in a relatively early stage of development, with a chaotic overall environment where various potential attack methods emerge endlessly. The current protocol and tool design make it difficult to defend. To help the community better understand and enhance the security of MCP, SlowMist has specially open-sourced the MasterMCP tool, hoping to help everyone identify security vulnerabilities in product design through actual attack drills, thereby gradually strengthening their MCP projects.
At the same time, this can be paired with the previous MCP security checklist to better understand the underlying perspectives of various attacks. This time, we will get hands-on practice together, demonstrating common attack methods under the MCP system, such as information poisoning, hiding malicious commands, and other real cases. All scripts used in the demonstrations will be open-sourced to GitHub (link at the end), allowing everyone to fully replicate the entire process in a safe environment, and even develop their own attack test plugins based on these scripts.

Recently, SlowMist, Amber Group, and RigSec were invited to conduct a special training on smart contract analysis and cryptocurrency tracking for the Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force.
This training not only reflects the Hong Kong Police's open mindset and forward-looking layout in facing emerging technologies but also showcases their solid efforts and proactive actions in combating crimes related to virtual assets and protecting the legitimate rights and interests of the public. The Hong Kong Police Force is laying the groundwork for creating a safer virtual asset environment through continuous deepening of professional skills and actively introducing external practical experience.

Author: Lisa
Edited by: Sherry
Background
On-chain messages, as a special means of communication in the blockchain world, have been frequently used in various security incidents in recent years. For example, recently, SlowMist assisted KiloEx in engaging in multiple rounds of communication with attackers through on-chain messages, ultimately successfully facilitating the return of all stolen funds amounting to $8.44 million. In an anonymous environment, on-chain messages can serve as an effective tool for establishing preliminary dialogue, laying the foundation for subsequent fund recovery.
In our previous article (On-chain Messaging in the Theft Emergency Guide), we detailed the messaging method on Ethereum. The Bitcoin network also supports on-chain messaging, but the implementation methods are slightly different. The core tool for on-chain messaging in Bitcoin is the OP_RETURN instruction. It allows users to embed 80 bytes of custom data in the transaction, which will not be used by nodes for transaction validation and will not affect the status of UTXOs, purely for recording information, and will be fully recorded on the blockchain.

On April 15, 2025, the decentralized perpetual contract trading platform KiloEx suffered a hacker attack, resulting in a loss of approximately $8.44 million. After the incident, SlowMist immediately intervened to analyze the situation and issued a security alert. Fortunately, with the project team's proactive response and collaboration with SlowMist and others, all stolen assets were successfully recovered after 3.5 days, and the incident was resolved satisfactorily.
(https://x.com/SlowMist_Team/status/1911991384254402737)
Incident Review
Vulnerability Cause Analysis
According to KiloEx's analysis report, this attack originated from a flaw in the contract authorization verification mechanism. The TrustedForwarder contract inherited OpenZeppelin's MinimalForwarderUpgradeable contract, and the execute method was not overridden in TrustedForwarder, making it an accessible method without authorization.

Author: Liz & Reborn
Editor: Sherry
Background
In the previous issue of the Web3 Security Beginner's Guide, we analyzed the Pi Yao Pan scam; this issue will focus on clipboard security.
In many incidents of cryptocurrency theft, one of the most confusing points for victims is often: 'I never transmitted my private key online; how could it be stolen?' In fact, the leakage of private keys / mnemonic phrases does not necessarily occur through cloud or online transmission; it may also happen during what seems to be 'local, safe' operations. For example, have you ever filled in your private key / mnemonic phrase by copy-pasting? Have you ever saved it in a note or screenshot? These common operations are also the breakthrough points targeted by hackers.

Author: Liz & Reborn
Editor: Sherry
background
In the previous issue of the Web3 Security Beginner’s Guide to Avoiding Pitfalls, we analyzed the Pixiu Disk scam. This issue will focus on clipboard security.
In many cases of crypto asset theft, the most confusing thing for victims is often: "I didn't transmit my private key online at all, how could it be stolen?" In fact, the leakage of private keys/mnemonics does not necessarily happen through cloud or network uploads. It may also happen in your seemingly "local, safe" operations. For example, have you ever filled in your private key/mnemonics by copying and pasting? Have you ever saved it in a memo or screenshot? These common operations are also the breakthrough points targeted by hackers.

Background
This security checklist is written and maintained by @SlowMist_Team.
SlowMist Technology, as a global leader in blockchain ecosystem threat intelligence, aims to help the blockchain ecosystem integrate with AI ecosystems to enhance security protection capabilities and ensure higher user privacy.
Thanks to FENZ.AI for their strong support.
FENZ.AI is reshaping AI security audits with future technology. From MCP attack detection to AI loyalty assessment, FENZ is building the infrastructure for the AI era - 'Super Intelligence Begins with Super Security'.
Summary
With the rapid development of large models, various new AI tools are constantly emerging, currently represented by