- 话题
22 热度
27k 热度
13k 热度
20k 热度
10k 热度
716 热度
5k 热度
4k 热度
11k 热度
152k 热度
- 置顶
- 📢 #Gate观点任务# 第一期精彩启程!调研 Palio (PAL) 项目,在Gate广场发布您的看法观点,瓜分 $300 PAL!
💰️ 选取15名优质发帖用户,每人轻松赢取 $20 PAL!
👉 参与方式:
1. 调研$PAL项目,发表你对项目的见解。
2. 带上$PAL交易链接。
3. 推广$PAL生态周系列活动:
为庆祝PAL上线Gate交易,平台特推出HODLer Airdrop、CandyDrop、VIP Airdrop、Alpha及余币宝等多项PAL专属活动,回馈广大用户。请在帖文中积极宣传本次系列活动,详情:https://www.gate.com/announcements/article/45976
建议项目调研的主题:
🔹 Palio 是什么?
🔹 $PAL 代币经济模型如何运作?
🔹 如何参与 $PAL生态周系列活动?
您可以选择以上一个或多个方向发表看法,也可以跳出框架,分享主题以外的独到见解。
注意:帖子不得包含除 #Gate观点任务# 和 #PAL# 之外的其他标签,并确保你的帖子至少有 60 字,并获得至少 3 个点赞,否则将无法获得奖励。
⚠️ 重复内容的帖子将不会被选取,请分享属于你独特的观点。
⏰ 活动时间:截止至 2025年7月11日 24:00(UTC+8)
- 📢 #Gate广场征文活动第一期# 正式启动!
分享你对 CROSS 项目的独特观点, $500 等值 CROSS 奖励等你来赢!
💰 奖励:
一等奖(1名): $150 等值 CROSS
二等奖(3名): 每人 $50 等值 CROSS
三等奖(10名): 每人 $20 等值 CROSS
👉 参与方式:
1.在 Gate广场发布你对 CROSS 项目的独到见解贴文
2.在贴文中添加标签: #Gate广场征文活动第一期# ,贴文字数不低于300字
3.将你的文章或观点同步到X,加上标签:Gate Square 和 CROSS
4.征文内容涵盖但不限于以下创作方向:
CROSS 项目概述:作为链游领域的专属公链,它带来了哪些创新?
解析 CROSS 的模块化基础设施,如何推动链游开发?
CROSS 的代币经济模型:如何实现长期价值?
玩家/开发者如何看待 CROSS 的使用体验?
参与 Gate 的 Gate Alpha CROSS 活动:交易体验和 Alpha 积分机制如何帮助用户?
你也可以选择其他方向,提出独到见解。
⚠️ 活动要求:
原创内容,至少 300 字
必须使用标签: #Gate广场征文活动第一期#
每篇文章必须获得 至少3个点赞,否则无法获得奖励
鼓励图文并茂、深度分析,观点独到。
⏰ 活动时间:2025年7月7日 17:00 - 2025年7月11日 23:59
- 如果你每一季也有关注 Gate 销毁 GT 的公告,那也请记住这篇文章。在币圈这个行业里,从来不缺反复横跳、承诺落空的项目方与代币经济学。只有那些能坚守初心、兑现承诺的平台,才能真正与社群走得长远。
- 🚀 Gate 广场内容创作者集合!
报名参加 Gate 2025 年中盛典,冲击顶级创作者榜单!
赢 Gate x 红牛联名周边、1000美元合约券、VIP+1 还有粉丝专属福利!
马上报名 👉 www.gate.com/activities/community-vote
#GateSquare# #内容达人#
5 ‘insidious’ crypto scams to watch out for this year
Crypto users faced a rise in “psychologically manipulative” attacks in the second quarter as hackers dreamt up advanced and creative ways to try and steal crypto, according to blockchain security firm SlowMist.
SlowMist’s head of operations, Lisa, said in the firm’s Q2 MistTrack Stolen Fund Analysis report that while it didn’t see an advancement in hacking techniques, the scams have become more sophisticated, with a rise in fake browser extensions, tampered hardware wallets and social engineering attacks.
“Looking back on Q2, one trend stands out: attackers’ methods may not be getting technically more advanced, but they are becoming more psychologically manipulative.”
“We’re seeing a clear shift from purely onchain attacks to offchain entry points — browser extensions, social media accounts, authentication flows, and user behavior are all becoming common attack surfaces,” said Lisa
Malicious browser extensions pretend to be security plugins
Ironically, one emerging attack vector involved browser extensions masquerading as security plugins, such as the “Osiris” Chrome extension, which claimed to detect phishing links and suspicious websites
Instead, the extension intercepts all downloads of .exe. .dmg and .zip files, replacing those files with malicious programs
“Even more insidiously, attackers would guide users to visit well-known, commonly used websites like Notion or Zoom,” said Lisa
“When the user attempted to download software from these official sites, the files delivered had already been maliciously replaced — yet the browser still displayed the download as originating from the legitimate source, making it nearly impossible for users to spot anything suspicious.”
These programs would then collect sensitive information from the user’s computer, including Chrome browser data and macOS Keychain credentials, giving an attacker access to seed phrases, private keys or login credentials
SlowMist said another attack method focused on tricking crypto investors into adopting tampered hardware wallets.
In some cases, hackers would send users a compromised cold wallet, telling their victims they had won a free device under a “lottery draw” or telling them their existing device was compromised and they needed to transfer their assets
In Q2, one victim reportedly lost $6.5 million by purchasing a tampered cold wallet that they saw on TikTok, according to Lisa
Social engineering with fake revoker website
SlowMist said it was also contacted in Q2 by a user who could not revoke a “risky authorization” in their wallet.
Related: US sanctions crypto wallet tied to ransomware, infostealer host
Upon investigation, SlowMist said the website that the user was using to try to revoke the smart contract’s permission was “a near-perfect clone of the popular Revoke Cash interface,” which asked users to input their private key to “check for risky signatures.”
“Upon analyzing the front end code, we confirmed that this phishing website used EmailJS to send users’ input — including private keys and addresses — to an attacker’s email inbox.”
“Attackers know that phrases like ‘risky signature detected’ can trigger panic, prompting users to take hasty actions. Once that emotional state is triggered, it’s much easier to manipulate them into doing things they normally wouldn’t — like clicking links or sharing sensitive information.”
Attacks exploit Pectra upgrade, WeChat friends
Other attacks included phishing techniques that exploited EIP-7702, introduced in Ethereum’s latest Pectra upgrade, while another targeted several WeChat users by gaining control of their accounts
Cointelegraph Magazine recently reported that the attackers utilized WeChat’s account recovery system to gain control of an account, impersonating the real owner to scam their contacts with discounted Tether (USDT)
SlowMist’s Q2 data came from 429 stolen fund reports submitted to the firm during the second quarter.
The firm said it froze and recovered around $12 million from 11 victims who reported having crypto stolen in Q2.
Magazine: North Korea crypto hackers tap ChatGPT, Malaysia road money siphoned: Asia Express