Security Incidents

根據以太坊基金會於 2026 年 4 月 17 日（週四）發布的 ETH Rangers 計畫回顧報告，由以太坊基金會資助的 Ketman 計畫在六個月資助期內識別了 100 名使用虛假身分滲透 Web3 組織的北韓 IT 工作者，並聯繫了約 53 個加密項目，提醒其可能僱用了活躍的北韓特工。

A cyberattack on Grinex, a Kyrgyzstan cryptocurrency exchange, exposed a network allegedly helping Russia evade sanctions. Hackers stole $15 million, targeting Grinex and the linked TokenSpot. Grinex, viewed as a continuation of the sanctioned Garantex, faces scrutiny for facilitating transactions linked to sanctioned entities.

Polymarket has initiated an audit of its Builders Program after finding third-party tools that may facilitate insider trading by mimicking successful trades. The review follows scrutiny over potential market abuse linked to these apps.

CoW Swap suspended its protocol on April 14, 2026, after a DNS hijacking redirected users to a phishing site. The platform's security firm alerted users to revoke wallet approvals. The underlying smart contracts were safe, but backend and APIs were paused as a precaution.

由 Drift Protocol 投資者 Joshua McCollum 代表逾 100 名成員，於週三在美國馬薩諸塞州地方法院向 Circle 提起訴訟，指控後者於 4 月 1 日 Drift Protocol 約 2.8 億美元被盜事件中，允許攻擊者透過跨鏈傳輸協議將約 2.3 億美元 USDC 轉移至以太坊。

Tether CEO Paolo Ardoino announced the freezing of 3.29 million USDT connected to a hacker linked to Rhea Finance's $7.6 million theft due to a fake token contract attack.

Circle faces a class action lawsuit for failing to freeze $230 million in stolen USDC after the Drift Protocol attack. Plaintiffs argue that Circle's protocols allowed attackers to move and convert the stolen funds without intervention, raising concerns about the company's responsibilities in monitoring cross-chain transfers.

去中心化金融協議 Rhea Finance 於 4 月 16 日遭遇重大的安全漏洞，損失約 760 萬美元。攻擊者透過創建欺詐性代幣合約操控預言機，致使協議錯誤評估資產價值。此次損失佔 Rhea Finance 總鎖定價值的約 6%，證明了 DeFi 領域中預言機操縱攻擊的風險。用戶應謹慎評估資產風險。

吉爾吉斯斯坦的加密交易所Grinex因遭大規模網路攻擊，暫停交易與提款，並損失約1500萬美元USDT。被盜資金迅速轉換為TRX和ETH，以降低被凍結風險。Grinex被認為是受制裁交易所Garantex的繼任者，成為盧布兌加密貨幣的主要交易平台。Grinex的攻擊聲明將事件指向「敵對國家」，但缺乏具體證據。

A Kyrgyzstan-based cryptocurrency exchange suspended trading after hackers stole over $15 million USDT. The attackers moved funds across blockchains to evade detection. The incident highlights risks in centralized exchanges, especially in less regulated areas.

Zonda, a Polish cryptocurrency exchange, faces a crisis as its cold wallet containing 4,503 Bitcoin is inaccessible, prompting a surge in withdrawal requests. CEO Kral claims the private key was never transferred during the company's takeover, and authorities are investigating the situation amid bankruptcy fears.

French authorities are enhancing security for digital-asset executives and investors due to recent kidnappings. Following these threats, police escorted Paris Blockchain Week attendees, and protective measures for crypto holders are being developed.

Zonda, a Polish crypto exchange, revealed a cold wallet with 4,503 BTC amid a withdrawal crisis. CEO Przemysław Kral addressed fund misappropriation allegations and promised legal action against false claims, emphasizing that private keys were never transferred due to the former CEO's disappearance.

OneCoin龐氏騙局由伊格納托娃於2014年創立，吸引350萬投資者，詐騙約40億美元。美國司法部將提供4000萬美元補償受害者，創辦人失蹤，名列FBI頭號通緝，該案已引發全球執法機構合作，制裁多名同夥。

Rhea Finance experienced a security breach where an attacker created fake token contracts and manipulated liquidity pools, misleading the oracle system and extracting at least $7.6 million in assets.

A suspect connected to an international cybercriminal group was arrested in Ukraine for $100 million in fraud and money laundering. Police seized $11 million in assets and $3 million in cryptocurrency. The suspect faces charges for document forgery and money laundering.

Decentralized finance (DeFi) is under pressure as lending yields drop to levels similar to traditional bonds, blockchain activity declines, and a significant hack raises security concerns, challenging claims of institutional-grade safety.

France is implementing new measures to protect cryptocurrency holders in response to rising crime, including a prevention platform and stricter protocols. The country has seen a significant increase in crypto-related kidnappings, leading global incidents.

RedPeach has introduced mandatory facial recognition for content creators to combat impersonation by AI and outsourced chatters, ensuring genuine interactions. CEO Marco Cally emphasizes user protection against emotional scams, following legal challenges in the industry.

Blockaid flags CoW Swap's cow.fi frontend as malicious, urging users to revoke token approvals and avoid the dApp amid a broader wave of DeFi interface attacks. Summary Blockaid flags CoW Swap's main cow.fi frontend as malicious. Users are urged to revoke token approvals and avoid the dApp