TechFlow News — On December 2, social platform DeBox officially released a security incident report confirming that the private key of an EOA address used for buybacks and liquidity deployment was compromised, resulting in the theft of 31 ETH and 4.87 million BOX tokens. The incident involved only operational accounts and did not affect user asset security.
The DeBox team has implemented response measures: it will use funds from its stability fund to repurchase all stolen tokens from exchanges within one week and inject them into the BOX DAO asset pool; once multi-signature support is available on the app, operational accounts will be upgraded to multi-sig wallets; and a professional security firm has been engaged to conduct investigations and track the stolen assets. The team is actively monitoring the implicated addresses and reserves the right to take legal action. Any subsequent handling of recovered assets will be decided through DAO voting.




