Trade
Basic
Futures
Futures
Hundreds of contracts settled in USDT or BTC
Options
HOT
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Futures Kickoff
Get prepared for your futures trading
Futures Events
Participate in events to win generous rewards
Demo Trading
Use virtual funds to experience risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
NEW
Trade on-chain assets and enjoy airdrop rewards!
Futures Points
NEW
Earn futures points and claim airdrop rewards
Investment
Simple Earn
Earn interests with idle tokens
Auto-Invest
Auto-invest on a regular basis
Dual Investment
Buy low and sell high to take profits from price fluctuations
Soft Staking
Earn rewards with flexible staking
Crypto Loan
0 Fees
Pledge one crypto to borrow another
Lending Center
One-stop lending hub
VIP Wealth Hub
Customized wealth management empowers your assets growth
Private Wealth Management
Customized asset management to grow your digital assets
Quant Fund
Top asset management team helps you profit without hassle
Staking
Stake cryptos to earn in PoS products
Smart Leverage
NEW
No forced liquidation before maturity, worry-free leveraged gains
GUSD Minting
Use USDT/USDC to mint GUSD for treasury-level yields
More
## ARB: $1.5 million stolen through a vulnerability in the upgradeable contracts protocol
The Arbitrum (ARB) network experienced a serious security incident resulting in the theft of $1.5 million. The attack, detected by Cyvers on January 5, 2026, exploited a critical weakness in the proxy contracts used by the TLP and USDGambit projects. The exploit demonstrated how even well-established blockchain ecosystems remain vulnerable to sophisticated governance manipulation techniques.
## How the attack happened: manipulation of ProxyAdmin
The attacker operated by exploiting the centralized control of the ProxyAdmin structure, a fundamental layer of governance in upgradeable contracts. Using the address "0x763…12661", the malicious actor targeted a TransparentUpgradeableProxy and subsequently bypassed conventional access restrictions.
According to forensic analysis, the main deployer of the involved projects had lost access to their administrative privileges, allowing the attacker to take full control. The criminal then modified the ProxyAdmin permissions and began illicitly transferring funds. The transfer was made to the address "0x67a…e1cb4" in the form of $USDT, with the total amount reaching $1.5 million.
## From theft to laundering: the path of the funds
Once the theft on the ARB network was completed, the attacker quickly transferred the stolen assets to the Ethereum ecosystem, where transfers were not recorded on the network with the same traceability. Subsequently, the funds were deposited into Tornado Cash, a decentralized protocol specialized in privacy operations, to completely obscure the traces of the illegitimate transactions.
This multi-step strategy significantly complicated recovery efforts and highlighted how attackers use multiple layers of decentralized infrastructure to cover their tracks.
## Security lessons: endemic vulnerabilities of centralized governance
The incident on the ARB network serves as an important wake-up call for the entire DeFi ecosystem. Although proxy contracts are now standard in Layer 2 solutions, centralized management of administrative privileges continues to be a critical weak point. Manipulation of the ProxyAdmin structure has demonstrated how a single compromise can put millions of dollars in assets at risk.
Advanced monitoring of anomalous behaviors, verification of suspicious transactions, and prompt identification of abnormal recipients are essential. The blockchain ecosystem must adopt multi-sig governance solutions and access control systems based on decentralization to significantly reduce the risk of similar exploits.