Artículos Relacionados con Exploit

El Centro de Noticias de HTX ofrece los artículos más recientes y un análisis profundo sobre "Exploit", cubriendo tendencias del mercado, actualizaciones de proyectos, desarrollos tecnológicos y políticas regulatorias en la industria de cripto.

“Uncle Injured by Lobster” Scam Leads to $440,000 Loss: Are AI Agents Really This Easy to Exploit?

On February 22, 2026, Lobstar Wilde, an autonomous AI trading agent on Solana, mistakenly transferred 52.4 million LOBSTAR tokens (worth approximately $440,000) to a stranger’s wallet after a user’s social media plea: “My uncle got tetanus from a lobster bite and needs 4 SOL for treatment.” The agent, created by an OpenAI employee three days earlier with $50,000 in SOL, intended to send only 52,439 tokens—equivalent to 4 SOL—but misread decimal places, resulting in a transfer three orders of magnitude larger. The incident exposed critical vulnerabilities in AI agents managing on-chain assets: irreversible execution, susceptibility to social engineering, and flawed state management. After a session restart due to a tool error, the agent reconstructed its identity from logs but failed to verify its actual wallet balance, leading to the erroneous transaction. This case highlights broader risks as AI agents gain autonomy in Web3 and Web4.0 ecosystems: lack of rollback mechanisms, near-zero-cost attack surfaces, and internal state synchronization failures. Proposals to improve safety include multi-signature approvals for large transfers, mandatory state verification after resets, and human oversight layers. The event underscores the need for robust infrastructure before AI agents can safely participate in decentralized economies.

marsbitHace 12 hora(s)

“Uncle Injured by Lobster” Scam Leads to $440,000 Loss: Are AI Agents Really This Easy to Exploit?

marsbitHace 12 hora(s)

Wondering What’s Going On With Solana? Projects Are Taking Massive Hit As Price Plunges

Solana projects Step Finance, along with its sister platforms SolanaFloor and Remora Markets, are winding down all operations following a $40 million treasury hack last month. Despite exploring financing and acquisition options, the team found no viable path forward. The STEP token has plunged over 40% in a week and is down 99% from its all-time high. Remora Markets is working on a redemption process for token holders, while media outlet SolanaFloor will archive existing content but cease new publications. Solflare wallet will pause its news section due to the shutdown. Despite these setbacks, Solana’s price saw an 8% increase in 24 hours, trading around $89.

bitcoinistAyer 22:02

Wondering What’s Going On With Solana? Projects Are Taking Massive Hit As Price Plunges

bitcoinistAyer 22:02

When Depth Becomes an Illusion: Polymarket Faces 'Order Attack' Stress Test

A sophisticated "order attack" is exploiting a critical vulnerability in Polymarket's hybrid off-chain matching/on-chain settlement system. For less than $0.10 in gas fees on Polygon, an attacker can initiate a trade and then, in the brief window before on-chain execution, drain their wallet via a high-gas transfer. This causes the initial trade to fail on-chain due to insufficient funds. However, Polymarket's off-chain system responds by forcibly removing all the legitimate market maker orders that were matched with the failed transaction. This attack has two primary profit methods. First, attackers clear the order book of competitors, create a liquidity vacuum, and then place their own orders with artificially wide spreads to monopolize trading. Second, they "hunt" automated trading bots: after a trade is matched off-chain, a bot hedges its new position, but the attacker then forces the original trade to fail on-chain. This leaves the bot with an unhedged, risky position, which the attacker exploits for profit. One identified attacker address, created in February 2026, reportedly profited over $16,000 in a single day by targeting just 7 markets. The attack severely undermines market maker confidence, threatens the platform's liquidity, and exposes a fundamental design flaw. While the community has developed monitoring tools, Polymarket team has not yet issued an official fix.

比推Ayer 04:52

When Depth Becomes an Illusion: Polymarket Faces 'Order Attack' Stress Test

比推Ayer 04:52

Solana Hit Hard: $27 Million Exploit Triggers Wave Of Shutdowns

Step Finance, a DeFi analytics platform on Solana, has announced a complete shutdown of all services following a major security breach. The incident resulted in an unrecoverable loss of approximately 261,854 SOL (worth around $27 million) from the project's treasury. This direct attack on its reserves forced the team to wind down operations, including its main dashboard and linked businesses like SolanaFloor and Remora Markets. A token buyback based on a pre-hack snapshot is planned for STEP holders, while Remora rToken owners will have a separate redemption process. The news caused STEP's price and liquidity to collapse. This event highlights the severe impact of security failures and contributes to a broader decline in activity and value within the Solana DeFi ecosystem.

bitcoinistHace 2 días 03:02

Solana Hit Hard: $27 Million Exploit Triggers Wave Of Shutdowns

bitcoinistHace 2 días 03:02

Australian Official Sold Cyber Tools for $1.26M in Crypto

An Australian official, Peter Williams, pleaded guilty to selling sensitive cyber tools, including zero-day exploits, to a Russian broker for over $1.26 million in cryptocurrency. The tools, developed for the U.S. intelligence community and shared with Five Eyes allies, compromised national security. Williams continued selling the exploits even after learning of an FBI investigation. He used anonymized crypto transactions to launder proceeds, spending over $715,000 on luxury items and property. Prosecutors are seeking a nine-year prison sentence, $35 million in restitution, and a $250,000 fine. The case highlights the growing role of cryptocurrency in espionage and national security breaches.

TheNewsCrypto02/20 06:34

Australian Official Sold Cyber Tools for $1.26M in Crypto

TheNewsCrypto02/20 06:34

OpenAI’s latest paper exposes the risks of AI in smart contracts

OpenAI's latest research paper highlights the dual role of AI in smart contract security, both as a tool for identifying vulnerabilities and as a potential threat capable of exploiting them. As smart contracts now manage over $400 billion in assets, their immutable nature makes security critical. To evaluate AI's capabilities, researchers developed EVMbench, a benchmark using 120 real vulnerabilities from 40 blockchain projects. The study found that frontier AI agents can successfully discover and exploit vulnerabilities end-to-end, with exploit success rates jumping from 31.9% to 72.2% in just six months. However, a recent incident involving Claude Opus 4.6 demonstrated significant risks when AI-generated code contained critical errors, leading to $1.78 million in losses. EVMbench has limitations, including a limited dataset, false positives, and an inability to fully replicate real-world conditions like cross-chain activity. The paper underscores the need for responsible AI development as smart contracts increasingly become tools for both innovation and cybercrime.

ambcrypto02/19 20:02

OpenAI’s latest paper exposes the risks of AI in smart contracts

ambcrypto02/19 20:02

Shiba Inu SOU Recovery System Goes Live After Shibarium Hack

Shiba Inu has launched its SOU (Shib Owes You) recovery system to compensate users affected by the 2025 Shibarium bridge exploit. The on-chain NFT-based framework allows users to claim verifiable records of their losses, which are tradable, mergeable, and splittable on Ethereum. The system distinguishes between principal repayments and bonus rewards, funded through ecosystem revenues and community donations. It aims to provide transparency and liquidity options, enabling affected participants to either wait for full reimbursement or sell their claims on secondary markets.

bitcoinist02/17 13:02

Shiba Inu SOU Recovery System Goes Live After Shibarium Hack

bitcoinist02/17 13:02

Infini Exploiter Hackers Resurface to Buy the $ETH Dip: How $BMIC Adds Security for the Future

Infini Exploiter hackers have resurfaced, using approximately $13 million in stolen funds to buy the $ETH dip, highlighting persistent vulnerabilities in legacy blockchain security. This event underscores a critical failure in current architecture, where compromised funds can be monitored but not frozen, revealing the ecosystem's fragility. In response, the article highlights $BMIC as a next-generation solution deploying a quantum-secure finance stack. It uses post-quantum cryptography and a Zero Public-Key Exposure model to prevent 'Harvest Now, Decrypt Later' attacks, making wallet exploits mathematically impossible. The $BMIC presale has raised over $444K, signaling strong market demand for AI-enhanced, quantum-proof financial tools that offer protection against evolving threats and future quantum computing risks.

bitcoinist02/09 16:32

Infini Exploiter Hackers Resurface to Buy the $ETH Dip: How $BMIC Adds Security for the Future

bitcoinist02/09 16:32

Crypto Hacker Behind Infini Exploit Returns, Moves $32M ETH in Fresh Transfers

A cryptocurrency wallet linked to the 2025 Infini exploit has resumed activity after 200 days, moving $32 million worth of Ethereum. According to Lookonchain, the wallet purchased 6,316 ETH at an average price of $2,109 during the recent market dip and immediately transferred the entire amount to the privacy service Tornado Cash. This activity, confirmed by security firms PeckShield and CertiK, follows a pattern of the entity accumulating ETH near market lows and moving funds through mixers to obscure tracing. The wallet was originally funded from the Infini hack, which lost $49.5 million in digital assets. Recovery remains difficult once funds enter mixing services like Tornado Cash.

TheNewsCrypto02/09 14:58

Crypto Hacker Behind Infini Exploit Returns, Moves $32M ETH in Fresh Transfers

TheNewsCrypto02/09 14:58

Aperture Finance Loses $3.67M in Exploit, Hacker Deposits Funds Through Tornado Cash

Aperture Finance suffered a security breach on January 25, 2026, resulting in a loss of approximately $3.67 million. The exploit targeted specific versions of its smart contracts (V3 and V4), allowing the hacker to steal funds by exploiting vulnerabilities in contract approvals and function calls. The attacker subsequently deposited 1,242.7 ETH (worth around $2.4 million) into Tornado Cash, likely to obscure the transaction trail. In response, Aperture Finance disabled affected web app functions, released a security analysis, and urged users to revoke all related ERC-20 and ERC-721 approvals connected to the compromised addresses.

TheNewsCrypto02/05 15:14

Aperture Finance Loses $3.67M in Exploit, Hacker Deposits Funds Through Tornado Cash

TheNewsCrypto02/05 15:14

活动图片

Industry News

Technology Trends