ChainCatcher reports that, according to GoPlus monitoring, the account abstraction solution Holdstation has been targeted in a supply chain attack. The attacker stole developer session tokens, bypassed two-factor authentication, and injected malicious code into application updates, resulting in user funds being stolen.
The attack caused a total loss of 462,000 USDT. The attacker’s address is 0xcbfA60B39cfAeaE475f649fB6705bD477219bF8d. The Holdstation team has suspended services, pledged to fully compensate affected users, and is working with security teams to investigate the incident. They also posted a message on-chain, hoping to encourage the attacker to return the funds through a bug bounty program.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Stablecoin USR Suddenly Crashes and Depegs! Resolv Reveals "Minting Vulnerability" Exploited by Hackers, Who Steal $25 Million
DeFi protocol Resolv suffered an attack on March 22, where hackers minted 80 million stablecoins USR at low cost and cashed out approximately $25 million, causing USR to depeg and triggering market volatility. The attack stemmed from a lack of security measures on the protocol's privileged accounts, impacting overall liquidity and affecting the lending market. Resolv subsequently suspended the protocol and emphasized that collateral pools remained unaffected, but experts believe the hidden losses caused by the incident are significant.
区块客1h ago
Husband accuses wife of stealing over 2,000 bitcoins! Judge: The plaintiff has a very high chance of winning.
The UK High Court is hearing a Bitcoin theft case in which the plaintiff alleges his estranged wife secretly stole 2,323 Bitcoin in 2023. In the case, the plaintiff used audio evidence to prove that the defendant and her sister planned to transfer the Bitcoin. The judge found a high probability of the plaintiff prevailing and ordered asset freezing while dismissing some claims, recommending expedited trial proceedings.
区块客2h ago
7 Associated Accounts Precisely Bet on US-Israel Military Actions, Earning Approximately $1 Million in Profits Over Two Years
Investigation found that 7 associated accounts on a certain prediction market platform made precise bets against U.S. airstrikes over the past two years, accumulating profits of approximately $1 million, allegedly involving insider trading.
GateNews3h ago
Cryptocurrency fraudsters gain ground as panic over the war fills social media
Fraud networks leverage the trust generated by war-related content to promote crypto scams. Through synchronized operations and deception, they exploit international events to mislead users into participating in fraudulent activities, resulting in significant profits for the scammers.
CryptoBreaking3h ago
Resolv Foundation: Temporarily suspends the Season 4 airdrop claim, as well as RESOLV token staking and unstaking functions
Golden Finance reported that the Resolv Foundation announced on the X platform that due to a recent security incident involving Resolv Labs' stablecoin USR, with both the protocol and applications now suspended, the Season 4 airdrop claiming function is temporarily unavailable. Additionally, the staking and unstaking functions for RESOLV tokens are also temporarily unavailable. Once the protocol recovery plan is finalized and the application can be safely used again, these functions will be restored.
金色财经_3h ago
Ledger Founder Kidnapping Suspect Arrested in Bitcoin Extortion Case
Police arrest a suspect linked to the kidnapping case of David Balland, co-founder of Ledger. The criminal group committed violence against him and his partner to extort bitcoin. International cooperation has intensified efforts to combat violent crimes targeting cryptocurrency, reminding holders to enhance security awareness.
GateNews6h ago
