GoPlus Security Team Case Study

The GoPlus security team has accumulated rich experience in handling user security incidents. Here are two typical cases we share:

Case 1: Successfully preventing a hacker poisoning attack

A user from the GoPlus community reported that his EVM address was attacked by a hacker poisoning method. The hacker sent a small amount of tokens to the user's wallet and forged the address information, trying to induce the user to transfer funds to the address controlled by the hacker. However, because the user adopted our on-chain protection and monitoring services, we successfully prevented a loss of more than 20K US dollars.

When the incident occurred, our security monitoring service quickly detected the suspicious poisoning address and blacklisted it. Although the user tried to transfer part of the funds to the forged address, our on-chain interception service intervened in time and successfully blocked the transaction. The system automatically issued an alarm to notify the user of the potential risk, ultimately helping the user avoid financial losses.

Case 2: Successfully saving assets using Front Running

Another user discovered that his EVM private key had been stolen, and the hacker had transferred his ETH to other wallets and set up an automated monitoring program to try to transfer the user's Gas
Faced with this situation, the user promptly took advantage of our preemptive service and successfully transferred the remaining NFT and Token assets to a secure new address, avoiding more than 10K
Loss of U.S. dollar assets.

Through these two cases, we can see that when facing security threats, the rational use of security tools and services is the key to timely reducing financial losses and resisting risks.

OKX Web3 Wallet Security Team Case Sharing

The OKX Web3 wallet security team has performed well in handling security incidents such as user phishing and private key leakage. Here are a few typical cases we share:

Case 1: Successfully rescued the remaining assets of users

User A accidentally entered his private key on a phishing website, resulting in the theft of ETH. Fortunately, other ERC 20 tokens such as USDC have not been stolen. After receiving the user's request for help, we quickly organized a team to assist and successfully rescued the user's remaining assets through Flashbots transaction bundling technology.

Case 2: Successfully intercepting risky authorization requests

When searching for airdrop information, user B mistakenly entered a phishing website and was asked to authorize a known risky address. The OKX Web3 wallet security service promptly identified that the address was on the blacklist and successfully intercepted the authorization request, avoiding potential asset risks.

Case 3: Effectively avoiding greater losses

A certain protocol C was attacked, and all addresses authorized to the protocol were at risk of asset losses. We responded quickly, listed the contract involved in the vulnerability as a risky address, and reminded users when they authorized it, effectively avoiding a wider range of losses.

These cases show that users need to remain vigilant and take effective measures to prevent security threats such as phishing and private key leakage. At the same time, it is also very important to use professional security tools and services and seek help from professional teams. Most importantly, users need to learn how to protect their wallets and assets from themselves.

First: it must be a new currency issued in 2022-2023; many friends do not understand why it is a new currency rather than an old currency. There is game theory involved. For an old project that has experienced a bull market and then a bear market, it is a huge blow to the confidence and faith of the currency holders. If you put yourself in the shoes of the project party, the capital cost of pulling up an old project is far greater than the capital cost of issuing a new project, and the new project has a new narrative logic; it is easier to pull up without a locked-in position, so the probability of success is higher if you choose the right new currency; and it also needs to go through a long period of bottoming out, and the bottom monthly line level must have a large-scale pull-up with signs of major funds absorbing funds.

Second: It is best to have unlimited imagination space to change the production and lifestyle of all mankind; disruptive and innovative technological revolution, such projects can gather strong consensus. For example, ChatGPT launched by OpenAI in 2023 brings disruptive and innovative applications of artificial intelligence. In short, it needs the capital support of the world's top investment institutions; institutions have better comprehensive judgment ability on technological revolution than ordinary people, and are more likely to form a herd effect.

Third: A market value of less than 100 million US dollars is the most suitable. A small market value is a prerequisite. The probability of a market value of more than 500 million US dollars is very small. Secondly, the fundamentals must have the investment background of a core well-known institution in the circle and the empowerment of top IP traffic. (Refer to Musk's empowerment of DOGE Dog B)

Fourth: Timing is very important. First of all, a good environment is needed. It should be at the end of the bear market and the beginning of the bull market. How to judge whether it is a bear market or an early bull market? The reference standard is the monetary policy of the Federal Reserve. If the interest rate hike is coming to an end, the market may bottom out in advance and start a new round of market. At present, the Federal Reserve interest rate has reached a high level, and it is imminent to stop raising interest rates. As for when to enter the interest rate cut cycle, it mainly depends on whether inflation has dropped to 2%. For the medium and long-term layout of 100 times B, the time should be at the end of 2023.

Fifth: During this period, focus on high-quality projects with high market attention and investment from well-known institutions. For example, the Ethereum Layer 2 network in the market is a sector that major investment institutions focus on, such as the AI ​​sector, L2/metaverse applications, games, defi, and Hong Kong sectors. Select ten projects for in-depth exploration, sort out the founding team of the project, which investment institutions are behind it, and deeply analyze how the upstream and downstream of the project are applied. It is best to experience the process of the project yourself. Generally, good projects have interactive airdrop rewards.

Sixth: As the saying goes, good projects bring their own traffic, and all major exchanges must be vying to list their coins, so it depends on whether the project is listed on the world's largest exchanges, including B Security, Coinbase, OKX
etc.; the exchange is the traffic entrance; those who are not on it are not considered. Because even more professional institutions than us have not discovered good projects, we
There is no need to waste time. Not to mention the copycat projects, especially the Chinese projects. There are too many IQ tax fraud projects in the currency circle. The project owners package it in a exaggerated way, which is hard to guard against. Many people cannot distinguish. If ordinary people want to dig deeper into the founding team and investment institutions behind it, they can go through
The chatgpt software should first complete the background investigation of the project before considering whether to invest, how much to invest, and other issues.

Seventh: The iron rule of making money in the cryptocurrency circle is to speculate on new things instead of old ones. In essence, it is a new storyline and a new narrative. The team's early creativity and cohesion are also the best period. The shortcomings of the project are not exposed, which easily opens people's imagination. Of course, it is not that old projects will not bloom, but the probability is very small. This is true for companies and people.

After we screen out projects with 100x potential, it is best to build a self-selected pool of no more than 10. Note that you should not buy in full immediately, but observe market sentiment and buy in multiple times when the B price adjusts. Remember not to put it in the exchange so that you cannot hold it. After buying, transfer it to your wallet. It is best not to use this wallet frequently, which is conducive to management and not easy to be stolen. Those who can do the above have basically experienced more than 2 rounds of bull and bear in the B circle. Old leeks understand that what the author said is from the heart. Those who make millions of dollars in the currency circle do not need to read various news every day. They can work and travel. It is best not to even look at the market; invest in B with 100x potential in a bear market; sell in a bull market; people say that keeping B is harder than being a widow. The difficulty lies in our high attention, which makes it easy to lose the 100x or 1000x returns.

Judging from the market capitalization ranking, in March 2020, among the top 600 B types by market capitalization, 61 100x Bs were born (secondary market).

Among the top 100 B-type coins by market capitalization, there are 11 coins that have increased 100 times, accounting for 18%, namely #BNB, #LINK, #ADA, #DOGE, #VET,
#SNX, #SOL,#THETA,#HOT, #ENJ, #LUNA, the old B has a new narrative, and it is also a new growth explosion point. For example, BNB and BSC
The chain has broken away from the single exchange generation. Among the top 100-300 Bs by market value, 21 100-fold Bs were born, accounting for 34.4%.
Among the B types, 22 were born, accounting for 36%.

Based on the above judgment, there are only a few Bs that meet the conditions. The author lists several FET, SSV, RNDR, CFX, etc. for attention and observation. Friends who are not good at timing, please like, collect and follow