Binance Square
#cryptosecurity

cryptosecurity

閲覧回数 8.3M
8,663人が討論中
DRACO CHAIN
·
--
$INJ SDK COMPROMISED — 50,000 WEEKLY DOWNLOADS AFFECTED ⚠️ @injectivelabs/sdk-ts npm パッケージは、開発者の GitHub アカウントが侵害された後、不正に改変されました。バージョン 1.20.21 には、ウォレットの秘密鍵やミニフレーズを盗み、偽装されたサーバーにエンコードするコードが含まれています。 約 50,000 件の週次ダウンロード数に加えて、同一スコープ内で他の 17 個のパッケージもロックされているため、これは広範なサプライチェーン攻撃です。怪しいコミットは 6 月 8 日に開始されました。依存関係を監査しましたか? 投資助言ではありません。常にリスクを管理してください。 #INJ #SupplyChainAttack #CryptoSecurity #SecurityAlert ⚠️
$INJ SDK COMPROMISED — 50,000 WEEKLY DOWNLOADS AFFECTED ⚠️

@injectivelabs/sdk-ts npm パッケージは、開発者の GitHub アカウントが侵害された後、不正に改変されました。バージョン 1.20.21 には、ウォレットの秘密鍵やミニフレーズを盗み、偽装されたサーバーにエンコードするコードが含まれています。

約 50,000 件の週次ダウンロード数に加えて、同一スコープ内で他の 17 個のパッケージもロックされているため、これは広範なサプライチェーン攻撃です。怪しいコミットは 6 月 8 日に開始されました。依存関係を監査しましたか?

投資助言ではありません。常にリスクを管理してください。

#INJ #SupplyChainAttack #CryptoSecurity #SecurityAlert

⚠️
記事
🚨 Crypto Security 2026:数字が明かすこと(そして、あなたの最大のリスクはなぜ)2026年、暗号資産分野が思いがけない記録を更新:これまでで最も多くのハックが発生しているのに、総損失は減少しています。これは本当のところ、あなたにとって何を意味するのでしょう。 📊 S1 2026 の主要数字 第1学期に記録された207件のインシデント。2025年同時期の83件から→+150% ~972百万ドル(M$)が盗まれ、前年は23億ドル(Md$) → -60% 盗まれた資金の66%は、北朝鮮に関連するグループに結び付けられている 2026年4月に被害の大半が集中。Drift ProtocolとKelpDAOへの攻撃(単独で約600M$)がその中心です

🚨 Crypto Security 2026:数字が明かすこと(そして、あなたの最大のリスクはなぜ)

2026年、暗号資産分野が思いがけない記録を更新:これまでで最も多くのハックが発生しているのに、総損失は減少しています。これは本当のところ、あなたにとって何を意味するのでしょう。
📊 S1 2026 の主要数字
第1学期に記録された207件のインシデント。2025年同時期の83件から→+150%
~972百万ドル(M$)が盗まれ、前年は23億ドル(Md$) → -60%
盗まれた資金の66%は、北朝鮮に関連するグループに結び付けられている
2026年4月に被害の大半が集中。Drift ProtocolとKelpDAOへの攻撃(単独で約600M$)がその中心です
Master_tr:
"I followed you. Please follow me back too! 🤝📈"
·
--
ブリッシュ
翻訳参照
🛡️ Zcash تستعد لترقية Ironwood لتعزيز أمان الخصوصية أعلنت Zcash عن موعد ترقية Ironwood في 28 يوليو، والتي ستتضمن إغلاق مجمع الخصوصية القديم Orchard بعد ظهور مخاوف مرتبطة بثغرة “Infinity” التي أثارت احتمالية إنشاء عملات ZEC مزيفة. تهدف هذه الخطوة إلى تعزيز سلامة شبكة Zcash وحماية نموذج الإصدار النقدي للرمز، من خلال معالجة المخاطر المحتملة قبل أن تؤثر على ثقة المستخدمين أو النظام البيئي. تُعد الخصوصية أحد أهم ركائز Zcash منذ إطلاقها، ومع تطور تقنيات البلوكشين، أصبحت حماية الأصول وضمان شفافية القواعد الداخلية للشبكة عوامل أساسية لاستمرار أي مشروع طويل الأمد. 🔐 ترقية Ironwood تمثل خطوة استباقية تؤكد أهمية الأمان والمرونة في شبكات الخصوصية. #Zcash #zec #blockchain #Privacy #CryptoSecurity {future}(ZECUSDT)
🛡️ Zcash تستعد لترقية Ironwood لتعزيز أمان الخصوصية
أعلنت Zcash عن موعد ترقية Ironwood في 28 يوليو، والتي ستتضمن إغلاق مجمع الخصوصية القديم Orchard بعد ظهور مخاوف مرتبطة بثغرة “Infinity” التي أثارت احتمالية إنشاء عملات ZEC مزيفة.
تهدف هذه الخطوة إلى تعزيز سلامة شبكة Zcash وحماية نموذج الإصدار النقدي للرمز، من خلال معالجة المخاطر المحتملة قبل أن تؤثر على ثقة المستخدمين أو النظام البيئي.
تُعد الخصوصية أحد أهم ركائز Zcash منذ إطلاقها، ومع تطور تقنيات البلوكشين، أصبحت حماية الأصول وضمان شفافية القواعد الداخلية للشبكة عوامل أساسية لاستمرار أي مشروع طويل الأمد.
🔐 ترقية Ironwood تمثل خطوة استباقية تؤكد أهمية الأمان والمرونة في شبكات الخصوصية.
#Zcash #zec #blockchain #Privacy #CryptoSecurity
翻訳参照
📚 Hot Wallets vs Cold Wallets: Understanding Crypto Storage Options On July 10, 2026, choosing between hot and cold wallets is essential knowledge for any crypto user. Hot wallets are connected to the internet — convenient but more vulnerable to attacks. Cold wallets are offline storage like hardware devices. They are significantly more secure but less convenient for frequent trading. Most users benefit from a combination of both approaches. With total market cap of $2.28T and daily volume of $63.69B, securing your assets should be the top priority for any crypto participant. 📌 Key Takeaway: Hot wallets offer convenience but less security. Cold wallets offer maximum security for long-term storage. Use both for a balanced approach. #CryptoWallets #CryptoSecurity #BinanceAlphaAlert
📚 Hot Wallets vs Cold Wallets: Understanding Crypto Storage Options
On July 10, 2026, choosing between hot and cold wallets is essential knowledge for any crypto user. Hot wallets are connected to the internet — convenient but more vulnerable to attacks.
Cold wallets are offline storage like hardware devices. They are significantly more secure but less convenient for frequent trading. Most users benefit from a combination of both approaches.
With total market cap of $2.28T and daily volume of $63.69B, securing your assets should be the top priority for any crypto participant.

📌 Key Takeaway:
Hot wallets offer convenience but less security. Cold wallets offer maximum security for long-term storage. Use both for a balanced approach.

#CryptoWallets #CryptoSecurity
#BinanceAlphaAlert
記事
翻訳参照
Why 90% of enterprise crypto hacks happenOver 90% of enterprise crypto hacks do not happen because of blockchain vulnerabilities, but because of poorly integrated wallet infrastructure. It is painful watching funds spend millions on security audits only to lose user assets because they chose the wrong custody setup. One bad API integration or misconfigured key management system can wipe out a treasury overnight. Before committing capital to $BTC or $ETH wallet infrastructure, boards often get blinded by slick sales pitches and ignore the disaster recovery protocols. The real danger lies in key management. If you are using multi-party computation, you need to know exactly who holds the key shares and what happens if your provider goes bankrupt. A lot of teams assume their tech partner is fully compliant, but when regulatory crackdowns hit, they find their access frozen. Another massive risk is transaction fee scaling. During periods of extreme network congestion, a poorly designed wallet system can lock you out of your own funds because it cannot handle dynamic gas fees. This means you cannot exit positions or rescue capital when the market starts crashing. Have you ever had funds stuck due to a wallet provider outage? #CryptoSecurity #Custody #BlockchainInfrastructure

Why 90% of enterprise crypto hacks happen

Over 90% of enterprise crypto hacks do not happen because of blockchain vulnerabilities, but because of poorly integrated wallet infrastructure.
It is painful watching funds spend millions on security audits only to lose user assets because they chose the wrong custody setup. One bad API integration or misconfigured key management system can wipe out a treasury overnight.
Before committing capital to $BTC or $ETH wallet infrastructure, boards often get blinded by slick sales pitches and ignore the disaster recovery protocols. The real danger lies in key management. If you are using multi-party computation, you need to know exactly who holds the key shares and what happens if your provider goes bankrupt. A lot of teams assume their tech partner is fully compliant, but when regulatory crackdowns hit, they find their access frozen.
Another massive risk is transaction fee scaling. During periods of extreme network congestion, a poorly designed wallet system can lock you out of your own funds because it cannot handle dynamic gas fees. This means you cannot exit positions or rescue capital when the market starts crashing.
Have you ever had funds stuck due to a wallet provider outage?
#CryptoSecurity #Custody #BlockchainInfrastructure
翻訳参照
🔒 Security is the foundation of every crypto journey. I always enable 2FA, verify wallet addresses before every transaction, and never share my seed phrase with anyone. A few extra seconds of caution can prevent costly mistakes. Stay safe, stay informed, and protect your assets. 💛 #Binance #CryptoSecurity #Web3
🔒 Security is the foundation of every crypto journey.

I always enable 2FA, verify wallet addresses before every transaction, and never share my seed phrase with anyone. A few extra seconds of caution can prevent costly mistakes.

Stay safe, stay informed, and protect your assets. 💛 #Binance #CryptoSecurity #Web3
·
--
ブリッシュ
翻訳参照
⚠️ Fake USDT Is Fooling Crypto Users Here's What You Need to Know Not every token labeled USDT is actually Tether. Scammers have become very creative. They can create fake tokens that look almost identical to the real USDT, using the same name, logo, and even making them appear valuable in some wallets. Imagine opening your wallet, seeing a USDT balance, and believing it's real only to discover later that it can't be transferred, traded, or accepted by anyone. This is how many people lose money. Before trusting any USDT you receive, especially from: 🔸 Airdrops 🔸 Unknown wallets 🔸 Promotional payments 🔸 Random giveaways Take a few seconds to verify the token's contract address. A few tips to stay safe: • Never judge a token by its name or logo alone. • Verify the contract address on a trusted blockchain explorer. • Be extra cautious with unsolicited token transfers. • If something feels suspicious, don't send or trade the token until you've confirmed it's genuine. In crypto, a quick verification can save you from a costly mistake. Share this post to help others stay safe from fake USDT scams. 🛡️ #CryptoSecurity $USDT
⚠️ Fake USDT Is Fooling Crypto Users Here's What You Need to Know

Not every token labeled USDT is actually Tether.

Scammers have become very creative. They can create fake tokens that look almost identical to the real USDT, using the same name, logo, and even making them appear valuable in some wallets.

Imagine opening your wallet, seeing a USDT balance, and believing it's real only to discover later that it can't be transferred, traded, or accepted by anyone.

This is how many people lose money.

Before trusting any USDT you receive, especially from:
🔸 Airdrops
🔸 Unknown wallets
🔸 Promotional payments
🔸 Random giveaways

Take a few seconds to verify the token's contract address.

A few tips to stay safe:
• Never judge a token by its name or logo alone.
• Verify the contract address on a trusted blockchain explorer.
• Be extra cautious with unsolicited token transfers.
• If something feels suspicious, don't send or trade the token until you've confirmed it's genuine.

In crypto, a quick verification can save you from a costly mistake.

Share this post to help others stay safe from fake USDT scams. 🛡️

#CryptoSecurity $USDT
翻訳参照
💡 Importance of Self-Custody: Why Not Your Keys Means Not Your Crypto On July 10, 2026, with 17,418 cryptocurrencies and a $2.28T market, the principle of self-custody has never been more relevant. Recent exchange incidents remind us that trusting third parties carries risk. Hardware wallets and non-custodial solutions give users full control over their private keys. While exchanges offer convenience, they also present a single point of failure for your assets. With $BTC at $64,004 and daily volume of $63.69B, the infrastructure for self-custody has improved dramatically. Multi-sig setups and hardware wallets are more accessible than ever. 📌 Key Takeaway: Self-custody is the core principle of crypto. Not your keys, not your coins — take control of your assets regardless of market conditions. #SelfCustody #CryptoSecurity #BinanceAlphaAlert
💡 Importance of Self-Custody: Why Not Your Keys Means Not Your Crypto
On July 10, 2026, with 17,418 cryptocurrencies and a $2.28T market, the principle of self-custody has never been more relevant. Recent exchange incidents remind us that trusting third parties carries risk.
Hardware wallets and non-custodial solutions give users full control over their private keys. While exchanges offer convenience, they also present a single point of failure for your assets.
With $BTC at $64,004 and daily volume of $63.69B, the infrastructure for self-custody has improved dramatically. Multi-sig setups and hardware wallets are more accessible than ever.

📌 Key Takeaway:
Self-custody is the core principle of crypto. Not your keys, not your coins — take control of your assets regardless of market conditions.

#SelfCustody #CryptoSecurity
#BinanceAlphaAlert
翻訳参照
Post 30 🛡️ Stay alert against scams. ❌ Never share your seed phrase. ❌ Don't trust guaranteed profit offers. ✅ Verify links before connecting your wallet. Your security is your responsibility. 🔐 #CryptoSecurity
Post 30 🛡️
Stay alert against scams.
❌ Never share your seed phrase.
❌ Don't trust guaranteed profit offers.
✅ Verify links before connecting your wallet.
Your security is your responsibility. 🔐 #CryptoSecurity
翻訳参照
Security should always come first. 🔐 Enable Two-Factor Authentication. 🛡️ Use strong passwords. 💼 Store large holdings safely. Protecting your assets is part of being a smart crypto investor. #CryptoSecurity
Security should always come first.
🔐 Enable Two-Factor Authentication.
🛡️ Use strong passwords.
💼 Store large holdings safely.
Protecting your assets is part of being a smart crypto investor. #CryptoSecurity
記事
ホワイトハットハッカーが“700億ドル”級の欠陥を3,000ドルのサーバーで発見 — 暗号資産の危機一髪となった2026年の全貌ホワイトハットハッカーが“700億ドル”級の欠陥を3,000ドルのサーバーで発見 — 暗号資産の2026年最接近の危機の全貌 たった3,000ドルのサーバー。成功率90%以上の模擬攻撃。そして、デジタル資産700億ドルが危険にさらされ得た脆弱性——それらを見つけたのは、攻撃者ではなく善意の人たちでした。 完全に検証された内訳はこちらです: ◆ セキュリティ研究者が、Aptosブロックチェーンのスマートコントラクト実行環境における重大な欠陥を発見しました。その内容は「stale-cache bug」として説明されており、型の取り違え(タイプ・コンフュージョン)の脆弱性につながるものです

ホワイトハットハッカーが“700億ドル”級の欠陥を3,000ドルのサーバーで発見 — 暗号資産の危機一髪となった2026年の全貌

ホワイトハットハッカーが“700億ドル”級の欠陥を3,000ドルのサーバーで発見 — 暗号資産の2026年最接近の危機の全貌
たった3,000ドルのサーバー。成功率90%以上の模擬攻撃。そして、デジタル資産700億ドルが危険にさらされ得た脆弱性——それらを見つけたのは、攻撃者ではなく善意の人たちでした。
完全に検証された内訳はこちらです:
◆ セキュリティ研究者が、Aptosブロックチェーンのスマートコントラクト実行環境における重大な欠陥を発見しました。その内容は「stale-cache bug」として説明されており、型の取り違え(タイプ・コンフュージョン)の脆弱性につながるものです
翻訳参照
A crypto trader lost nearly $1 million in USDT after unknowingly signing a malicious phishing transaction on Ethereum. Always verify every transaction before approving it. If you don't fully understand or aren't expecting it, don't sign. Stay alert. One wrong approval can cost everything. #Ethereum #CryptoSecurity
A crypto trader lost nearly $1 million in USDT after unknowingly signing a malicious phishing transaction on Ethereum.

Always verify every transaction before approving it. If you don't fully understand or aren't expecting it, don't sign.

Stay alert. One wrong approval can cost everything.

#Ethereum #CryptoSecurity
記事
たった1件のP2P取引で銀行が凍結されるまで暗号資産で最も痛手となる損失は、高レバレッジの清算画面で起きるのではなく、見かけ上はうまくいったピアツーピア取引の後に、あなた自身の地元の銀行口座で発生します。 購入者に説得されて、相手のいとこの口座からの送金を受け入れてしまったせいで、目が覚めたら銀行口座が完全に凍結されていた——そんな耐えがたい感覚を想像してみてください。あなたは$USDTを売りましたが、現実の資金は法的な宙ぶらりんの状態に閉じ込められてしまいました。 OTC取引の初期のころ、身を守るために唯一重要なのは本人確認(アイデンティティの照合)だと、痛い目で学びました。購入者が家族の名義で支払うよう求めてくる場合、たいていは典型的なトライアンギュレーション詐欺(いわゆる三角詐欺)です。送金してくる相手は、暗号資産を買っていること自体を理解しておらず、市場の取引商品を支払っているつもり、あるいは友人を助けているつもりです。そして詐欺に遭ったと気づいた時点で、警察に被害届を出します。

たった1件のP2P取引で銀行が凍結されるまで

暗号資産で最も痛手となる損失は、高レバレッジの清算画面で起きるのではなく、見かけ上はうまくいったピアツーピア取引の後に、あなた自身の地元の銀行口座で発生します。
購入者に説得されて、相手のいとこの口座からの送金を受け入れてしまったせいで、目が覚めたら銀行口座が完全に凍結されていた——そんな耐えがたい感覚を想像してみてください。あなたは$USDTを売りましたが、現実の資金は法的な宙ぶらりんの状態に閉じ込められてしまいました。
OTC取引の初期のころ、身を守るために唯一重要なのは本人確認(アイデンティティの照合)だと、痛い目で学びました。購入者が家族の名義で支払うよう求めてくる場合、たいていは典型的なトライアンギュレーション詐欺(いわゆる三角詐欺)です。送金してくる相手は、暗号資産を買っていること自体を理解しておらず、市場の取引商品を支払っているつもり、あるいは友人を助けているつもりです。そして詐欺に遭ったと気づいた時点で、警察に被害届を出します。
#WarshNamesLeadersForFiveFedTaskForces 🚨 BitGo、ビットコイン・ウォレット向けに量子プロテクションを提供 | BTCセキュリティの未来? BitGoは量子対応のビットコイン・セキュリティへ一歩踏み出す BitGoは、機関投資家のビットコイン保有者が潜在的なリスクを特定し、UTXOへのエクスポージャーを監視し、ウォレットのセキュリティを強化できるよう、新たな量子プロテクション・ツールを導入します。 ビットコイン自体は変わりませんが、量子コンピューティングの進展に伴って、予防的なセキュリティ対策の重要性がますます高まる可能性があります。 暗号において量子耐性のあるセキュリティは必須になると思いますか? #BTC #QuantumComputing #CryptoSecurity #BinanceSquare $BTC $SPCXB $ETH
#WarshNamesLeadersForFiveFedTaskForces
🚨 BitGo、ビットコイン・ウォレット向けに量子プロテクションを提供 | BTCセキュリティの未来?

BitGoは量子対応のビットコイン・セキュリティへ一歩踏み出す

BitGoは、機関投資家のビットコイン保有者が潜在的なリスクを特定し、UTXOへのエクスポージャーを監視し、ウォレットのセキュリティを強化できるよう、新たな量子プロテクション・ツールを導入します。

ビットコイン自体は変わりませんが、量子コンピューティングの進展に伴って、予防的なセキュリティ対策の重要性がますます高まる可能性があります。

暗号において量子耐性のあるセキュリティは必須になると思いますか?

#BTC #QuantumComputing #CryptoSecurity #BinanceSquare $BTC $SPCXB $ETH
記事
翻訳参照
A $3,000 Server Nearly Exposed $70 Billion in Crypto — Here's How It Was StoppedA $3,000 Server Nearly Exposed $70 Billion in Crypto — Here's How It Was Stopped A team of ethical hackers spent a few thousand dollars on server hardware and found a flaw that could have put tens of billions of dollars in digital assets at systemic risk — before anyone with bad intentions found it first. Security firm Hexens discovered a vulnerability in a major layer-1 blockchain that, if exploited, could have exposed up to $70 billion in digital assets across stablecoins, cross-chain bridges, and DeFi protocols. Researchers simulated the attack with a success rate above 90% under real network conditions, using infrastructure that cost roughly $3,000 to build. The flaw was reported through emergency channels and patched within days — before any funds were lost. ◆ The proof-of-concept required no insider access or special permissions, only a well-provisioned server simulating about a third of the validator network ◆ An independent reviewer, the CTO of a major layer-2 network, confirmed the exploit logic held up under scrutiny ◆ A separate verification firm calculated that roughly $250 million in native total value locked was directly at risk, apart from broader cross-chain exposure ◆ Direct protocol exposure was assessed in the low single-digit billions, though the theoretical worst case involved minting a very large amount of a major stablecoin and moving it across chains ◆ This discovery lands in a year that has already seen over $840 million drained from DeFi protocols across 50-plus separate incidents — a 70% increase year-over-year ◆ Blockchain analytics firm Chainalysis attributes approximately 76% of global crypto hack losses in 2026 to a single state-linked hacking group, whose cumulative crypto theft now exceeds $6 billion since 2017 ◆ Just days after this disclosure, a separate live exploit hit a DeFi yield platform, draining roughly $6 million through a flash loan attack that manipulated vault asset accounting What makes 2026 different from earlier hack cycles isn't just the dollar figures — it's where the attacks are increasingly coming from. Security researchers note that several of this year's largest incidents didn't involve broken code at all; smart contracts executed exactly as programmed, following instructions from attackers who had obtained access they shouldn't have had. Code audits and bug bounty programs address vulnerabilities in logic, but they don't fully address compromised credentials, social engineering, or infrastructure-level manipulation. The $70 billion near-miss is being treated as a best-case outcome: a vulnerability found by researchers who reported it responsibly, rather than by someone who exploited it. Not every story this year has ended that way. Does this kind of responsible disclosure change how much trust you place in blockchain infrastructure, or does it reveal how fragile the entire system still is? #CryptoSecurity #blockchain #defi #CyberSecurity #CryptoNews

A $3,000 Server Nearly Exposed $70 Billion in Crypto — Here's How It Was Stopped

A $3,000 Server Nearly Exposed $70 Billion in Crypto — Here's How It Was Stopped
A team of ethical hackers spent a few thousand dollars on server hardware and found a flaw that could have put tens of billions of dollars in digital assets at systemic risk — before anyone with bad intentions found it first.
Security firm Hexens discovered a vulnerability in a major layer-1 blockchain that, if exploited, could have exposed up to $70 billion in digital assets across stablecoins, cross-chain bridges, and DeFi protocols. Researchers simulated the attack with a success rate above 90% under real network conditions, using infrastructure that cost roughly $3,000 to build. The flaw was reported through emergency channels and patched within days — before any funds were lost.
◆ The proof-of-concept required no insider access or special permissions, only a well-provisioned server simulating about a third of the validator network
◆ An independent reviewer, the CTO of a major layer-2 network, confirmed the exploit logic held up under scrutiny
◆ A separate verification firm calculated that roughly $250 million in native total value locked was directly at risk, apart from broader cross-chain exposure
◆ Direct protocol exposure was assessed in the low single-digit billions, though the theoretical worst case involved minting a very large amount of a major stablecoin and moving it across chains
◆ This discovery lands in a year that has already seen over $840 million drained from DeFi protocols across 50-plus separate incidents — a 70% increase year-over-year
◆ Blockchain analytics firm Chainalysis attributes approximately 76% of global crypto hack losses in 2026 to a single state-linked hacking group, whose cumulative crypto theft now exceeds $6 billion since 2017
◆ Just days after this disclosure, a separate live exploit hit a DeFi yield platform, draining roughly $6 million through a flash loan attack that manipulated vault asset accounting
What makes 2026 different from earlier hack cycles isn't just the dollar figures — it's where the attacks are increasingly coming from. Security researchers note that several of this year's largest incidents didn't involve broken code at all; smart contracts executed exactly as programmed, following instructions from attackers who had obtained access they shouldn't have had. Code audits and bug bounty programs address vulnerabilities in logic, but they don't fully address compromised credentials, social engineering, or infrastructure-level manipulation.
The $70 billion near-miss is being treated as a best-case outcome: a vulnerability found by researchers who reported it responsibly, rather than by someone who exploited it. Not every story this year has ended that way.
Does this kind of responsible disclosure change how much trust you place in blockchain infrastructure, or does it reveal how fragile the entire system still is?
#CryptoSecurity #blockchain #defi #CyberSecurity #CryptoNews
イーサリアム財団は、AI支援によるセキュリティ研究が進展していると述べていますが、検証が最大の課題であり続けています。AIエージェントは潜在的な脆弱性を浮かび上がらせることはできますが、どの報告が本物なのかを証明することは、ブロックチェーンのセキュリティチームにとっていまだ難しいのが現状です。 #Ethereum #AI #CryptoSecurity #Blockchain #ETH
イーサリアム財団は、AI支援によるセキュリティ研究が進展していると述べていますが、検証が最大の課題であり続けています。AIエージェントは潜在的な脆弱性を浮かび上がらせることはできますが、どの報告が本物なのかを証明することは、ブロックチェーンのセキュリティチームにとっていまだ難しいのが現状です。

#Ethereum #AI #CryptoSecurity #Blockchain #ETH
翻訳参照
AI Agents Could Be Turned Into Botnets Through AI Agents Could Be Turned Into Botnets Through is drawing attention across the crypto community today. Researchers warn AI agents could be tricked into downloading malicious code by exploiting the same hallucinations that cause chatbots to make mistakes. Market participants are weighing what this means for the broader trend. Some see it as a sign of maturing infrastructure, while others caution that the full impact will only become clear over the coming weeks. Analysts note that sentiment remains sensitive to macro conditions and regulatory signals. Liquidity, on-chain activity, and exchange flows will be key indicators to watch as the situation develops. What's your take - is this a turning point or just noise? Share your view 👇 #ArtificialIntelligence #CryptoSecurity #DigitalAssets
AI Agents Could Be Turned Into Botnets Through

AI Agents Could Be Turned Into Botnets Through is drawing attention across the crypto community today. Researchers warn AI agents could be tricked into downloading malicious code by exploiting the same hallucinations that cause chatbots to make mistakes.

Market participants are weighing what this means for the broader trend. Some see it as a sign of maturing infrastructure, while others caution that the full impact will only become clear over the coming weeks.

Analysts note that sentiment remains sensitive to macro conditions and regulatory signals. Liquidity, on-chain activity, and exchange flows will be key indicators to watch as the situation develops.

What's your take - is this a turning point or just noise? Share your view 👇

#ArtificialIntelligence #CryptoSecurity #DigitalAssets
記事
翻訳参照
🚨 ALERTA DE SEGURIDAD: EL MITO DE LA INMUNIDAD EN MAC SE ROMPE EN EL ECOSISTEMA CRIPTO 🚨Por años ha existido el mito de que los usuarios de macOS están a salvo de los hackeos, pero las últimas investigaciones de firmas como Microsoft y Malwarebytes acaban de revelar una dura realidad. Oleadas de malware avanzado (como PamStealer, MacSync o clones falsos de monederos populares) están logrando saltarse las barreras de Apple para vaciar por completo las wallets de los usuarios despistados. Moonlock Los atacantes ya no rompen el sistema operativo; usan ingeniería social de alta precisión para que seas tú mismo quien les dé las llaves de tu capital. Malwarebytes 🛑 ¿Cómo operan estos nuevos ataques en macOS? Falsas páginas oficiales (Typosquatting): Crean portales web idénticos a los de wallets legítimas (como campañas recientes imitando a BlueWallet o Ledger). Si descargas la app desde ahí, te guían de forma muy convincente para ejecutar comandos o "scripts" manuales que saltan los filtros de verificación de Apple. Moonlock La trampa de la "Actualización de Seguridad": El malware actúa de manera silenciosa en segundo plano bajo nombres falsos como System Settings o GoogleUpdate. Una vez instalado, solicita tus credenciales del sistema, lee tu portapapeles y rastrea tus carpetas en busca de extensiones como .wallet, .txt, o .seed. Moonlock Reemplazo de aplicaciones reales: Lo más peligroso detectado este año es que variantes del software malicioso buscan si tienes instaladas las versiones oficiales de Ledger Live, Trezor Suiteo Exodus, las eliminan y las sustituyen por versiones troyanizadas. Cuando abres tu app de siempre, esta simula un error de conexión y te pide "restaurar" introduciendo tus 24 palabras. Si lo haces, tus fondos desaparecen al instante. Kaspersky 🛡️ Escudo de Defensa: ¿Cómo proteger tus activos si usas Mac? 1️⃣ Semilla Intocable: Jamás, bajo ninguna circunstancia, escribas tus 12 o 24 palabras de recuperación en el teclado de tu computadora. Si usas una wallet fría (hardware wallet), la frase de respaldo solo se introduce físicamente en los botones del dispositivo físico, nunca en una app o sitio web. 2️⃣ Cuidado con la Terminal: Una táctica muy común conocida como ClickFix te pide copiar y pegar códigos extraños en la Terminal de tu Mac para "solucionar un error". Ejecutar un comando curl desconocido abre las puertas traseras para que descarguen el virus en segundos. 3️⃣ Verificación estricta de fuentes: Descarga software únicamente desde los enlaces directos de las páginas oficiales o de la Mac App Store, validando siempre el desarrollador, las reseñas y los counters de descarga (incluso en tiendas oficiales se han llegado a colar clones maliciosos por breves periodos). Kaspersky+ 1 Perspectiva de Mercado: La seguridad en la Web3 no depende del dispositivo que uses, depende de tu disciplina operativa. En este ciclo de mercado, tus datos locales son el objetivo principal de los ciberdelincuentes. Mantener tus copias de seguridad en papel o placas de metal fuera de la red y desconfiar de cualquier error inusual en tus interfaces habituales es la única forma de blindar tu patrimonio. ¿Suelen almacenar contraseñas o archivos con frases semilla dentro de su computadora, o aplican una autocustodia 100% analógica? 👇 ¡Los leo en los comentarios! #CryptoSecurity #MacOS #Malware #phishing #Ledger

🚨 ALERTA DE SEGURIDAD: EL MITO DE LA INMUNIDAD EN MAC SE ROMPE EN EL ECOSISTEMA CRIPTO 🚨

Por años ha existido el mito de que los usuarios de macOS están a salvo de los hackeos, pero las últimas investigaciones de firmas como Microsoft y Malwarebytes acaban de revelar una dura realidad. Oleadas de malware avanzado (como PamStealer, MacSync o clones falsos de monederos populares) están logrando saltarse las barreras de Apple para vaciar por completo las wallets de los usuarios despistados.
Moonlock
Los atacantes ya no rompen el sistema operativo; usan ingeniería social de alta precisión para que seas tú mismo quien les dé las llaves de tu capital.
Malwarebytes
🛑 ¿Cómo operan estos nuevos ataques en macOS?
Falsas páginas oficiales (Typosquatting): Crean portales web idénticos a los de wallets legítimas (como campañas recientes imitando a BlueWallet o Ledger). Si descargas la app desde ahí, te guían de forma muy convincente para ejecutar comandos o "scripts" manuales que saltan los filtros de verificación de Apple.
Moonlock
La trampa de la "Actualización de Seguridad": El malware actúa de manera silenciosa en segundo plano bajo nombres falsos como System Settings o GoogleUpdate. Una vez instalado, solicita tus credenciales del sistema, lee tu portapapeles y rastrea tus carpetas en busca de extensiones como .wallet, .txt, o .seed.
Moonlock
Reemplazo de aplicaciones reales: Lo más peligroso detectado este año es que variantes del software malicioso buscan si tienes instaladas las versiones oficiales de Ledger Live, Trezor Suiteo Exodus, las eliminan y las sustituyen por versiones troyanizadas. Cuando abres tu app de siempre, esta simula un error de conexión y te pide "restaurar" introduciendo tus 24 palabras. Si lo haces, tus fondos desaparecen al instante.
Kaspersky
🛡️ Escudo de Defensa: ¿Cómo proteger tus activos si usas Mac?
1️⃣ Semilla Intocable: Jamás, bajo ninguna circunstancia, escribas tus 12 o 24 palabras de recuperación en el teclado de tu computadora. Si usas una wallet fría (hardware wallet), la frase de respaldo solo se introduce físicamente en los botones del dispositivo físico, nunca en una app o sitio web.
2️⃣ Cuidado con la Terminal: Una táctica muy común conocida como ClickFix te pide copiar y pegar códigos extraños en la Terminal de tu Mac para "solucionar un error". Ejecutar un comando curl desconocido abre las puertas traseras para que descarguen el virus en segundos.
3️⃣ Verificación estricta de fuentes: Descarga software únicamente desde los enlaces directos de las páginas oficiales o de la Mac App Store, validando siempre el desarrollador, las reseñas y los counters de descarga (incluso en tiendas oficiales se han llegado a colar clones maliciosos por breves periodos).
Kaspersky+ 1
Perspectiva de Mercado: La seguridad en la Web3 no depende del dispositivo que uses, depende de tu disciplina operativa. En este ciclo de mercado, tus datos locales son el objetivo principal de los ciberdelincuentes. Mantener tus copias de seguridad en papel o placas de metal fuera de la red y desconfiar de cualquier error inusual en tus interfaces habituales es la única forma de blindar tu patrimonio.
¿Suelen almacenar contraseñas o archivos con frases semilla dentro de su computadora, o aplican una autocustodia 100% analógica? 👇 ¡Los leo en los comentarios!
#CryptoSecurity #MacOS #Malware #phishing #Ledger
記事
翻訳参照
A $3,000 Server Exposed a Flaw That Could Have Risked $70 Billion in CryptoA $3,000 Server Exposed a Flaw That Could Have Risked $70 Billion in Crypto Ethical hackers spent $3,000 on a server. What they found could have put $70 billion in digital assets at systemic risk. Security researchers at Hexens discovered a critical flaw in a major blockchain network's virtual machine — and it's just one data point in a year defined by a strange split: fewer catastrophic losses, but more attacks than ever before. ◆ Security firm Hexens simulated an attack with over 90% success under real network conditions, using hardware costing just $3,000 to model roughly one-third of the validator network ◆ The flaw was patched within days of being reported through emergency channels — no funds were ultimately lost ◆ TRM Labs recorded 207 separate crypto hacks in the first half of 2026, the highest count the firm has ever tracked in a six-month period ◆ Despite the record incident count, total losses fell to $972 million — less than half of the $2.3 billion stolen in the same period a year earlier ◆ The median hack size was about $219,000, while the mean was $4.7 million, showing how a handful of large incidents dominate total losses ◆ Smart-contract exploits accounted for 125 of the 207 incidents, but the largest dollar losses increasingly came from compromised keys, custody systems, and approval infrastructure — not the code itself The pattern researchers are flagging matters for anyone holding digital assets: the attack surface isn't shrinking, it's shifting. Smart contract audits remain essential, but the systems that decide who can move funds and how signatures get approved are now where the biggest damage happens. This is educational security information, not financial advice. Where do you think the industry needs to invest more — smart contract audits, or operational security around keys and custody? #CryptoSecurity #Web3Safety #BlockchainNews #DigitalAssets #CyberSecurity

A $3,000 Server Exposed a Flaw That Could Have Risked $70 Billion in Crypto

A $3,000 Server Exposed a Flaw That Could Have Risked $70 Billion in Crypto
Ethical hackers spent $3,000 on a server. What they found could have put $70 billion in digital assets at systemic risk.
Security researchers at Hexens discovered a critical flaw in a major blockchain network's virtual machine — and it's just one data point in a year defined by a strange split: fewer catastrophic losses, but more attacks than ever before.
◆ Security firm Hexens simulated an attack with over 90% success under real network conditions, using hardware costing just $3,000 to model roughly one-third of the validator network
◆ The flaw was patched within days of being reported through emergency channels — no funds were ultimately lost
◆ TRM Labs recorded 207 separate crypto hacks in the first half of 2026, the highest count the firm has ever tracked in a six-month period
◆ Despite the record incident count, total losses fell to $972 million — less than half of the $2.3 billion stolen in the same period a year earlier
◆ The median hack size was about $219,000, while the mean was $4.7 million, showing how a handful of large incidents dominate total losses
◆ Smart-contract exploits accounted for 125 of the 207 incidents, but the largest dollar losses increasingly came from compromised keys, custody systems, and approval infrastructure — not the code itself
The pattern researchers are flagging matters for anyone holding digital assets: the attack surface isn't shrinking, it's shifting. Smart contract audits remain essential, but the systems that decide who can move funds and how signatures get approved are now where the biggest damage happens.
This is educational security information, not financial advice.
Where do you think the industry needs to invest more — smart contract audits, or operational security around keys and custody?
#CryptoSecurity #Web3Safety #BlockchainNews #DigitalAssets #CyberSecurity
翻訳参照
Hot Wallet နှင့် Cold Wallet ဘာကွာလဲ? 🔐 Crypto လောကမှာ မိမိ Crypto တွေကို သိမ်းဆည်းတဲ့နေရာမှာ Wallet အမျိုးအစား (၂) မျိုး ရှိပါတယ်။ 🔹 Hot Wallet (Online Wallet): Internet နဲ့ အမြဲချိတ်ဆက်ထားတဲ့ Wallet မျိုးပါ။ (ဥပမာ- Trust Wallet, MetaMask သို့မဟုတ် Exchange Wallet) အားသာချက်: Trading လုပ်ရတာ မြန်တယ်၊ သုံးရလွယ်တယ်။ အားနည်းချက်: Cyber Attack နဲ့ Hack ခံရနိုင်ခြေ ပိုရှိတယ်။ 🔹 Cold Wallet (Offline Wallet): Internet နဲ့ ချိတ်ဆက်မထားတဲ့ Hardware ပစ္စည်းလေးတွေပါ။ (ဥပမာ- Ledger, Trezor) အားသာချက်: အွန်လိုင်းကနေ Hack လို့မရလို့ အလွန်လုံခြုံတယ်။ အားနည်းချက်: ဝယ်ယူရတဲ့ ကုန်ကျစရိတ်ရှိပြီး အသုံးပြုရတာ အနည်းငယ် ရှုပ်ထွေးတယ်။ 💡 အကြံပြုချက်: ရေတို Trade မယ့်ပမာဏကို Exchange/Hot Wallet မှာထားပြီး၊ ရေရှည်စုမယ့် (HODL) အမာခံတွေကိုတော့ Cold Wallet မှာ သိမ်းတာ အကောင်းဆုံးပါ။ #CryptoSecurity #HotWallet #ColdWallet #Binance
Hot Wallet နှင့် Cold Wallet ဘာကွာလဲ? 🔐
Crypto လောကမှာ မိမိ Crypto တွေကို သိမ်းဆည်းတဲ့နေရာမှာ Wallet အမျိုးအစား (၂) မျိုး ရှိပါတယ်။
🔹 Hot Wallet (Online Wallet):
Internet နဲ့ အမြဲချိတ်ဆက်ထားတဲ့ Wallet မျိုးပါ။ (ဥပမာ- Trust Wallet, MetaMask သို့မဟုတ် Exchange Wallet)
အားသာချက်: Trading လုပ်ရတာ မြန်တယ်၊ သုံးရလွယ်တယ်။
အားနည်းချက်: Cyber Attack နဲ့ Hack ခံရနိုင်ခြေ ပိုရှိတယ်။
🔹 Cold Wallet (Offline Wallet):
Internet နဲ့ ချိတ်ဆက်မထားတဲ့ Hardware ပစ္စည်းလေးတွေပါ။ (ဥပမာ- Ledger, Trezor)
အားသာချက်: အွန်လိုင်းကနေ Hack လို့မရလို့ အလွန်လုံခြုံတယ်။
အားနည်းချက်: ဝယ်ယူရတဲ့ ကုန်ကျစရိတ်ရှိပြီး အသုံးပြုရတာ အနည်းငယ် ရှုပ်ထွေးတယ်။
💡 အကြံပြုချက်: ရေတို Trade မယ့်ပမာဏကို Exchange/Hot Wallet မှာထားပြီး၊ ရေရှည်စုမယ့် (HODL) အမာခံတွေကိုတော့ Cold Wallet မှာ သိမ်းတာ အကောင်းဆုံးပါ။
#CryptoSecurity #HotWallet #ColdWallet #Binance
ログインして、さらにコンテンツを読む
厳選トピックで世界の暗号資産トレーダーの仲間入り
⚡️ 暗号資産に関する最新かつ有益な情報が見つかります。
💬 世界最大の暗号資産取引所から信頼されています。
👍 認証を受けたクリエイターから、有益なインサイトを得られます。
メール / 電話番号