Security Incidents

Bitrefill suffered a cyberattack on March 1st that resulted in the leakage of approximately 18,500 customer records. The attack originated from a compromised employee laptop, using tactics similar to those of North Korean hacker groups. The company has isolated its systems and is working with experts to restore operations while strengthening cybersecurity measures.

Slowmist founder余弦 warned on X platform that multiple users have suffered theft incidents, with suspicions that private keys or seed phrases were collected by hackers. The hacker address has profited approximately $85,000, with some community members suspecting a connection to MoreLogin fingerprint browser, though no conclusive evidence has been found yet. Calling on victims to provide relevant information for investigation.

A hacker group has engaged in internal conflict over profit-sharing disputes, publicly exposing that they stole approximately $7 million in cryptocurrency assets through supply chain attacks. The group impersonated a network security company and used automated tools to obtain seed phrases and steal multi-chain wallet data, involving 37 types of tokens. The whistleblower plans to surrender to law enforcement, and details of the incident are pending investigation.

CertiK has revealed significant security vulnerabilities in AI agent marketplaces, emphasizing that current detection methods are inadequate. The research advocates for enhanced runtime security and skill isolation to prevent potential compromises from undetected malicious code.

On March 17, the National Security Department released the "Lobster" Security Hardening Guide, which identified breeding risks including host takeover and data theft. It recommends checking control interfaces, permission configurations, credential security, and plugin sources, emphasizing the principle of least privilege and implementation of isolation measures.

A High Court case reveals the alleged theft of over $170 million in Bitcoin from a hardware wallet, raising concerns about self-custody risks. The funds, claimed by Ping Fai Yuen, were transferred without his knowledge and divided among multiple wallets. Allegations suggest involvement from the claimant's spouse, though these remain unproven. The case exemplifies challenges in cryptocurrency disputes, particularly regarding custody and personal relationships.

A UK court has allowed a $172M Bitcoin theft case to proceed, where a man alleges his wife recorded his wallet recovery phrase to steal 2,323 BTC. The case highlights challenges in handling crypto disputes under existing laws.

The UK High Court is hearing a Bitcoin theft case in which the plaintiff alleges his estranged wife secretly stole 2,323 Bitcoin in 2023. In the case, the plaintiff used audio evidence to prove that the defendant and her sister planned to transfer the Bitcoin. The judge found a high probability of the plaintiff prevailing and ordered asset freezing while dismissing some claims, recommending expedited trial proceedings.

The Korean National Police Agency is developing new virtual asset seizure management guidelines, incorporating handling of privacy coins for the first time. The new regulations will clarify software wallet management, address virtual asset custody gaps, and improve law enforcement efficiency. Police plan to designate private custodian institutions, while experts recommend establishing a centralized public custody mechanism to reduce risks. This reform has been prompted by recent Bitcoin theft incidents, driving the management system's transition toward the digital asset era.

Israeli journalist Fabian received death threats after reporting on Iranian missiles landing. Losers who bet $14 million on prediction market Polymarket became dissatisfied, even fabricating screenshots to apply pressure. The incident reveals potential risks of prediction markets, suggesting that financial incentives may lead to illegal behavior and increased manipulation phenomena.

An Israeli journalist covering Iran's attack faced death threats from Polymarket bettors after reporting details that affected approximately $20 million in wagers, raising concerns about press freedom and public safety. The incident highlights the potential risks of prediction markets exerting pressure on media coverage and has sparked discussions about relevant regulations.

A bizarre cryptocurrency theft case has occurred in the UK, where a man accused his estranged wife of using a surveillance camera to steal the seed phrase of his Bitcoin cold wallet and stealing 2,323 Bitcoin. The case has entered the court trial stage, involving whether digital assets are subject to traditional property law. The judge ruled that if the allegations are proven, there may be an opportunity to recover the funds.

Israeli *Times of Israel* military reporter Emanuel Fabian recently disclosed that after reporting on an Iranian ballistic missile that struck an empty field in Beit Shemesh, a suburb of Jerusalem, he faced sustained harassment from bettors associated with Polymarket, including receiving death threats. This incident is particularly striking not only because it involves frontline war reporting and a prediction market with a funding pool exceeding $14 million, but also because it reveals an increasingly acute question: when market participants' profits begin to depend on media narratives, public information, and even violent events themselves, is the prediction market truly "price discovery," or is it creating dangerous incentives for the real world? Why did a frontline report trigger a mob of bettors? "That day, I reported on the *Times of Israel*'s live blog that the missile struck an empty field, with no

Users fell victim to phishing attacks by signing malicious Permit transactions, losing approximately $280,000 in USDC and USDT to phishing attackers. The victim address is 0xB20d4Cd049B1A65Bc0475D29060Fe54fa0981607, with multiple phishing addresses involved in the incident.

The Taipei District Prosecutors Office has concluded its investigation into a robbery case. The principal suspect Li You-kuan, through a dealer who switched sides to set up and deceive the victim through fraudulent means and violent coercion, forced the victim to transfer 330,000 USDT. The prosecution has indicted 8 suspects and recommended heavy sentences. This case reflects the lack of regulation in the virtual asset market, allowing underground forces to intervene, resulting in frequent "crypto circle black-on-black" incidents.

Crypto security researcher al_f4lc0n has accused the blockchain project Injective of slow communication in handling a critical security vulnerability and disputes over the bug bounty amount. The vulnerability originates from a defect in the sub-account verification mechanism, threatening over $500 million in assets. al_f4lc0n failed to receive the deserved bounty, raising questions about Injective's security governance.

British businessman Ping Fai Yuen is suing his ex-wife for stealing his Bitcoin seed phrase and transferring assets worth approximately $172 million. The case is currently under court review, involving legal issues related to privacy surveillance and asset misappropriation. This incident highlights security vulnerabilities in the self-custody model of crypto assets.

Cryptocurrency-related crimes are rapidly rising in Spain's Basque region, with police investigating 541 cases involving fraud, money laundering, and other offenses. Social media platform Instagram has become a major channel for scams, prompting police to establish a cross-departmental task force to address the issue. Regulatory authorities emphasize the need to enhance market transparency and user protection to balance innovation and security.

Polymarket platform sparked public controversy after an Israeli journalist reported on Iran's missile attacks. The journalist faced threats demanding modification of the report, raising concerns about market manipulation and information interference. This incident reveals structural risks inherent in prediction markets, underscores the urgent need to protect media independence, and highlights challenges regarding transparency and regulatory compliance.