TechFlow news, on October 28, SlowMist's Yu Xian posted on the X platform stating: "After reviewing dozens of theft reports related to GMGN submitted to SlowMist, a common pattern emerged: users' private keys were not leaked, but their SOL and BNB were all invested into honeypot pools (i.e., tokens that can only be bought, not sold). Hackers primarily drained user funds by removing liquidity from these honeypot pools, profiting over $700,000. Since private keys weren't compromised, this was likely caused by a sophisticated phishing method. As GMGN has already fixed the relevant issues, reproducing the attack is difficult. It is speculated that the issue is related to GMGN's account model—when users visit a phishing website, the site captures login signature information from the GMGN account model, such as access_token and refresh_token values, thereby taking over the user's account permissions. Without the user's 2FA, attackers cannot directly export private keys or withdraw funds, so they execute a 'matched trading' attack via honeypot pools to indirectly steal user assets."
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / support@techflowpost.com ICP License: 琼ICP备2022009338号
