BlockBeats News, February 20 — Co-founder of SlowMist, Yu Xian, reposted a security alert. Currently, OpenClaw’s ClawHub marketplace has identified 1,184 malicious skills that can steal SSH keys, crypto wallets, browser passwords, and open reverse shells. A single attacker has uploaded 677 packages. The top-ranked skill contains 9 vulnerabilities and has been downloaded thousands of times.
Yu Xian warned users that text is no longer just text, but instructions. It is recommended to use AI tools in a separate environment, as many OpenClaw skills pose potential risks. Additionally, in Web3 security, smart contracts are only part of the picture; the true causes of incidents have long gone beyond just the contracts. A few days ago, Moonwell was hacked for $1.78 million, with the flawed code originating from Co-Authored-By: Claude Opus 4.6.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Resolv USR Exploit Triggers 50M Mint and Sharp Depeg
Resolv Labs faced a security breach where attackers minted 50M unbacked USR tokens, causing a rapid sell-off that depegged USR. Recovery efforts are ongoing, with losses estimated at $25M, while protocol operations remain paused.
CryptoFrontNews17m ago
Resolv Stablecoin Collapses 80% After $23M Exploit
Resolv Labs’ stablecoin USR has crashed hard. The token lost about 80% of its value after a major exploit. The attack took place on March 22. Within hours, USR dropped from near $1 to as low as $0.20. At one point, it even fell lower on some platforms. The attacker used a small amount of funds to
Coinfomania1h ago
Stablecoin USR Suddenly Crashes and Depegs! Resolv Reveals "Minting Vulnerability" Exploited by Hackers, Who Steal $25 Million
DeFi protocol Resolv exploited by hackers who used a vulnerability to mint 80 million unbacked stablecoin USR at low cost, cashing out approximately $25 million and triggering stablecoin depegging and lending market turmoil. Although officials claimed the collateral pool remained intact, experts criticized weak permission controls and lack of effective security safeguards. This incident reveals potential risks of stablecoins and the impact of supply inflation on markets.
区块客2h ago
Husband accuses wife of stealing over 2,000 bitcoins! Judge: The plaintiff has a very high chance of winning.
The UK High Court recently heard a Bitcoin theft case in which plaintiff Ping Fai Yuen accused his separated wife Fun Yung Li of stealing Bitcoin from his hardware wallet through secret surveillance, valued at approximately $176 million. Audio recordings and search warrant evidence supported the plaintiff's claims. The court maintained the asset freeze order but rejected certain claims. The judge found the plaintiff had an extremely high likelihood of success and recommended expediting the trial date.
区块客2h ago
PancakeSwap BCE-USDT liquidity pool was attacked, resulting in a loss of approximately $679,000.
Gate News reported that on March 23, according to BlockSec monitoring, the PancakeSwap BCE-USDT liquidity pool on the BSC chain was attacked a few hours ago, resulting in losses of approximately $679,000. The attack was caused by a defective burn mechanism in the BCE token. The attacker deployed two malicious contracts that successfully bypassed buy-sell restrictions and triggered token burning within the pool, causing the pool's reserve ratio to become unbalanced, ultimately draining approximately $679,000 in funds from the BCE-USDT pool.
GateNews3h ago
