The crypto market has started to pull back. The entire cryptocurrency community has been in an uproar over the past few days, with the screen full of information about stolen assets. It turned out that the trading terminal DExx, which can be called the on-chain Binance, was hacked, and all the users' coins were gone.
Multiple users confirmed that their funds had been transferred. The scope of this attack is not limited to the Ethereum chain, and the transferred assets are not limited to mainstream currencies. Was it really a hacker attack or was it self-theft?
Let’s take a look
The hacker's wallet can be seen by querying the transfer address
What’s even more bizarre is that some users just downloaded dexx and never used it, but their money was still stolen.
The reason is that the backend was found to have read the clipboard. It should be that some users used hot wallets and stored the wallet mnemonics and private keys locally on their mobile phones, which were read by dexx.
Let's take a look at what dexx, which is called Binance on the chain, is for.
This is how KOLs in major communities promote
There are also articles introducing that DEXX is a web3 on-chain trading CEX tool designed for meme players, which can achieve millisecond-level response speed. And the advantage over DEX is that it can ensure the security of funds and does not require the import of private keys.
You see, there is no need to import the private key, so what should you do? You need to create a dEXX wallet on the dexx platform and then top up the coins into it. The problem is that the wallet on his platform is not open source, nor is it decentralized. In other words, it is an official wallet, not a truly self-hosted wallet.
In short, you will understand when I say it is an exchange. Your money is in the exchange, which means it is entrusted to the exchange for safekeeping. If the exchange runs away, the currency will be zero. This is the case with dexx.
The victims of the theft were mainly those who used DEXX to trade in cryptocurrencies/MEME. Their private keys were centrally managed by DEXX without their knowledge.
SlowMist Yuxian: The DEXX attackers had planned for a long time, and the incident was initially determined to be a loss of tens of millions of dollars
On November 16, SlowMist founder Yu Xian released an update on the DEXX incident on social media, saying that SlowMist has received nearly 500 requests for information related to the theft of DEXX. The incident analysis is still in progress. The preliminary judgment is that the loss is in the tens of millions of dollars (because the price of some Meme coins fluctuates too much). Almost every victim has a different attacker address, which shows that the attacker of this incident had planned for a long time. The source of the gas was exchanged through XMR three days ago.
Why do so many people use DEXX?
It is convenient for Fangchong Tugou. Currently, the mainstream way to buy MEME is basically through the TG robot: copy the contract address → open DEXScreener or AVE → paste the contract address → switch back to TG → find the robot channel → paste the contract → select the purchase amount → end.
You see, this is very troublesome. It's okay to play one or two, but if you play dozens of them, you will be exhausted.
When using DEXX, you only need to: copy the contract address → open DEXX → click on the purchase amount → end and it's done. When playing MEME, sometimes the cost and the multiple of the profit depend on the 10-60 seconds when buying. If it is a few seconds slower, the cost may be twice as high as others. Therefore, a smooth and fast full-chain APP is a must-have product. This is why so many people use it, because it saves trouble.
Many people have suffered huge losses in the secondary market, yet they still go to the primary market to make money, thinking about getting rich quickly all day long. It's really incredible. Money is so easy to make. It's better to say that they are cutting themselves rather than being cut by others.
There are only 20% rational people in the cryptocurrency circle with high comprehensive qualities. Most of them are full of swear words and are obsessed with speculation and getting rich quickly. If an opinion does not match what they think, they will start to talk nonsense. I now begin to understand a recording of Li Xiaolai that was once exposed on the Internet. Li Xiaolai, the richest man in the world, has millions of fans. It can be imagined that no matter what he does, there will be people cursing at him. It's not that there are many scammers in the cryptocurrency circle, but that too many people just want to get rich quickly.
Not to mention the safety of assets. Most people in the cryptocurrency circle do not have cold wallets, and all their assets are kept on trading platforms.
No matter how good the tools in the cryptocurrency circle are or how big the exchanges are, there is always the risk of theft or bankruptcy. The old people have experienced OKX and Huobi, where their assets were turned into Happy Beans and could not be withdrawn for nearly two months.
Jiu Shen also said that if you don’t control your own private key, it’s like you’ve never had Bitcoin.
(The detailed tutorial on making a cold wallet and the precautions have been distributed to all private tutors. You can follow the tutorial step by step. This tutorial introduces three backup strategies to ensure that nothing goes wrong.)
Once your assets are stolen, the next thing you are most likely to face is being defrauded. Asset theft is like the cash you keep at home being stolen. Can you get it back?
So, don’t let others cheat you a second time, ask around how to get your money back, join a rights protection group, and then a bunch of people will help you, telling you to click on a link to get compensation, or to join a rights protection compensation group, click on a link and enter a mnemonic, and they will apply for compensation, and they can help you get your assets back!!!
They are all scammers! Stop fantasizing, stop looking back, move on from the past, look forward, start over, and from now on, don’t download apps at will, and don’t click on links from unknown sources at will!
Walking with Mo, preaching web3, I am Ximo, a leader who is committed to leading you into the web3 industry
A year ago, we made a web3 private wealth reader for paying students, named Ximo's Crypto Views. It contains more than 1,000 pages and a 320,000-word collection of crypto wealth. Now I give it to you for free.
Click on my avatar to receive the electronic version of Xi Mo’s Crypto Wealth Views for free.
