debot

DeBot official released an update on the theft incident. The cause of the accident was the expansion and migration of the server room, which led to the leakage of some users' wallet information. The team has taken emergency isolation measures for the affected users' assets, but some users continue to use their previous wallet addresses. Hackers successfully cracked the leaked data and began transferring assets, resulting in a total loss of approximately $250,000. Compensation applications have been fully distributed.

DeBot has released a compensation registration form, which affected users can fill out by logging into the DeBot official website (PC or mobile version), and the registration form will remain valid for a long time. DeBot stated that verification will be completed within 72 hours after submission, and 100% full compensation will be provided to confirmed affected users, with the compensation funds being directly issued to the DeBot secure wallet address.

OKX founder and CEO Star responded to the DeBot security incident on the X platform, stating: "The theft of wallets is due to several common situations. The centralized risk of private keys in DEX Bot-like products involves related products uploading user private keys to servers, stored in plaintext or decryptable forms. Once a hacker intrusion occurs, the risk level is effectively equivalent to that of an exchange, so the security standards for such products must meet exchange-level standards; otherwise, the risk is extremely high. There are also risks from code vulnerabilities in self-custody wallets or malicious intent, user terminal devices being compromised or data leaks, and structural reliance of automated strategies on private key custody."Star further stated that the correct evolution direction for wallet security is that the security of private keys and usability are not opposing relationships.

OKX CEO Star posted on the X platform in response to the DeBot security incident, stating: "There are several common scenarios for wallet theft. The centralized risk of private keys in DEX Bot-like products involves related products uploading user private keys to servers, storing them in plaintext or in a decryptable form. Once a hacker intrusion occurs, the risk level is effectively equivalent to that of an exchange, so the security standards for such products must meet exchange-level standards; otherwise, the risk is extremely high. Risks from code vulnerabilities in self-custody wallets or malicious intent, user terminal devices being compromised or data leaks, and the structural dependence of automated strategies on private key custody."Star further stated that the correct evolution direction for wallet security is that the security of private keys and usability are not opposing relationships.

For the security incidents that have occurred, DeBot stated on X that users can now quickly transfer assets from risk wallets to secure wallet addresses. Quick transfer steps: 1. Go to the DeBot asset management page; 2. Click the "Transfer" button to move the balance to the secure wallet address provided by the official.For affected users, DeBot stated that they will handle and compensate appropriately after the statistics are completed.

The founder of Slow Fog, Yu Xian, posted on the X platform stating that they are following up on the DeBot incident, monitoring the on-chain situation. The private keys related to DeBot have been stolen, and the hacker has currently profited $255,000 in assets, with ongoing thefts. If you are using DeBot and the private key is assigned by DeBot, then this private key is at risk.

In response to some community users claiming that the DeBot wallet may have been hacked and stolen, the DeBot official account posted on the X platform stating that the secure wallet address is operating normally and has not been affected. They have noted the relevant situation of certain addresses and are actively following up and handling it properly.

AI DeFi platform Debot disclosed on platform X that Debot has detected signs of a security attack in the Japanese data center and is currently investigating the cause. User assets have not been affected.Due to the triggering of risk control mechanisms, funds from users in the Japanese data center have been urgently transferred to Debot's secure wallet in Singapore. The newly built secure wallet operates in a completely isolated data center in Singapore, providing greater security and stability. All functions are normal, and the rebate relationship remains unaffected. It is not recommended to continue using the old wallet until the official investigation results are announced. For Token assets already purchased in the old wallet, it is advised to sell or transfer them to the newly created Debot wallet as soon as possible. The new secure wallet can be viewed in the user wallet list, and transactions can be conducted normally by selecting that wallet.

ChainCatcher message, Slow Mist Technology's Chief Information Security Officer 23pds disclosed on social media that the popular trading tool Debot has a security risk of exposing private keys in plaintext within data packets. It is recommended that the Debot development team enhance the product's security level to protect user asset safety.