mat

According to official news, the CoW Swap attack incident review report states that its domain cow.fi suffered a supply chain attack on April 14, 2026. The attackers infiltrated the .fi domain registration process through social engineering techniques and hijacked DNS resolution, causing users to be directed to a phishing website when accessing swap.cow.fi within a few hours.During the affected period, the attackers deployed a counterfeit trading interface and attempted to lure users into connecting their wallets and signing malicious transactions. The report indicates that this incident did not affect the on-chain contracts of the CoW Protocol, backend systems, or the safety of user funds; the core infrastructure and services such as AWS / Vercel were not compromised. The attack occurred during the domain registration and transfer phase, where the attackers gained control through forged identity documents and vulnerabilities in the registration process, briefly modifying the domain's pointing.The team confirmed the anomaly within 19 minutes and initiated an emergency response, subsequently migrating to cow.finance and completing the domain recovery in about 26 hours. The CoW team stated that the affected users were mainly those who visited the official website during the domain hijacking, with preliminary estimated losses of approximately $1.2 million. Currently, cow.fi has been reactivated and security measures such as RegistryLock have been added. Meanwhile, the team has initiated external security audits, legal accountability, and potential user compensation plans. The official emphasized that the vulnerability has been fixed and plans to enhance the security of domain infrastructure through governance and industry collaboration.

According to monitoring by an on-chain analysis platform, a mysterious whale has withdrawn 31.55 million SIREN from Binance Alpha in the past two weeks, worth approximately 64.67 million USD.Meanwhile, the price of SIREN has risen by over 150% today.

According to crypto analyst Ai Yi @ai_9684xtpa, "ETH 1CO 1 million ETH whale" transferred 2,000 ETH to a multi-signature address 8 hours ago, worth approximately 4.63 million USD.On-chain data shows that this receiving address has historically transferred ETH to OKX multiple times, which is considered its common withdrawal path. The source address of this transfer has frequent interactions with block builders BuilderNet and Titan Build.

According to Onchain Lens monitoring, BlackRock withdrew 3,899 bitcoins (worth $289.88 million) and 839 ethers (worth $1.95 million) from the Coinbase platform 7 hours ago.

According to CertiK monitoring, the DeFi protocol Rhea Finance was attacked, with attackers extracting at least $7.6 million in total.The attackers misled the oracle and validation layer to complete the attack by creating fake token contracts and injecting liquidity into newly created funding pools.

According to on-chain analysis platform Lookonchain, the U.S. government deposited 8.2 BTC (approximately $606,000) into Coinbase Prime, with the funds originating from previously seized assets related to the Bitfinex hack.

The UK's Financial Conduct Authority (FCA) has released the final draft of the crypto asset framework. This new regulation is set to bring most crypto activities under the regulation of the Financial Services and Markets Act by October 25, 2027.According to the proposal, any institution that holds customer crypto assets for more than 24 hours or has the ability to revoke customer permissions will be considered a regulated custodian and must hold a full safeguarding license. Validators and node operators that provide value-added features such as yield or reward reinvestment will lose their technical exemptions. In addition, stablecoin issuers within the UK must control the entire lifecycle from issuance to redemption. Relevant institutions must submit authorization applications between September 30, 2026, and February 28, 2027.

According to on-chain analyst Onchain Lens (@OnchainLens), a newly created wallet withdrew 1,470 BTC from Binance, worth approximately $109 million.

According to Hyperbridge's official disclosure, the loss from the Token Gateway vulnerability incident has been revised from an initial estimate of $237,000 to approximately $2.5 million, with the increase mainly coming from losses in incentive pools on Ethereum, Base, BNB Chain, and Arbitrum.The attacker extracted about 245 ETH from the relevant contracts and then bypassed the MMR proof verification mechanism by forging cross-chain messages, minting 1 billion bridged DOT and selling them into a thinly traded market. Currently, some of the stolen funds have been traced on-chain to Binance, and Hyperbridge is collaborating with Binance's compliance team and law enforcement agencies for an investigation.Native DOT of Polkadot and products like Intent Gateway are unaffected, while the Token Gateway and the bridged DOT contracts on the four affected EVM chains remain suspended. The MMR verification logic patch is undergoing external audit, and the bridging functionality will be restored after the audit is completed.

Web3 asset data platform RootData issued a daily transparency alert on Twitter (X), noting that information such as teams, key calendar events, and token data for projects like LeverUp, Flash.Trade, PRDT, f(x) Protocol, and Tectonic is missing. It calls on project teams to submit/update their information on RootData to improve their transparency scores. Additionally, RootData stated that it will continue to monitor and expose "black box" projects that lack core information.It is reported that the RootData transparency score is used to measure the integrity and timeliness of projects, aiming to reflect the information disclosure status of projects and urging project teams to immediately claim their projects. The transparency score is divided into five levels from A to F, with lower scores indicating less complete information disclosure and higher risks of wrongdoing, requiring investors to exercise high caution.

According to token unlocking data from the Crypto asset data platform RootData, Zora (ZORA) will unlock approximately 16.667 million tokens at 21:00 Beijing time on April 23, worth about 2.4 million dollars.

According to token unlock data from the crypto asset data platform RootData, Spacecoin (SPACE) will unlock approximately 93.771 million tokens on April 23 at 20:00 Beijing time, worth about 4.99 million USD.

According to Lookonchain monitoring, three newly created wallet addresses have withdrawn 1,600 BTC from Binance and BitGo in the past 5 hours, worth approximately 120 million dollars.

According to token unlocking data from the crypto asset data platform RootData, SOON (SOON) will unlock approximately 21.88 million tokens at 1 PM Beijing time on April 23, worth about 3.13 million USD.

According to token unlock data from the Crypto asset data platform RootData, aPriori (APR) will unlock approximately 54.34 million tokens at 0:00 Beijing time on April 23, worth about 12.63 million USD.

According to on-chain data analysis, SIREN dropped from about $2 to $0.13 at the beginning of the month. Since April 5, a batch of addresses has been continuously withdrawing tokens from the Binance Alpha wallet, accumulating approximately 30.07 million SIREN, worth about $25.09 million. During this period, the price of SIREN rebounded from $0.13 to about $0.83.Previous on-chain statistics showed that the holding ratio of related addresses was already high.

According to on-chain analyst Yu Jin's monitoring, the last whale trader on Hyperliquid has completely closed a long position in ETH and BTC worth approximately $398 million, with a total profit of about $68.47 million.This trader opened long positions of 120,000 ETH and 1,500 BTC through four addresses between February and March, and began to take profits in batches after a significant rebound in the crypto market. The opening range for ETH was approximately $2,000 to $2,150, with profits taken around $2,390; the opening price for BTC was around $68,420, with profits taken around $74,700.

According to Onchain Lens monitoring, BlackRock withdrew 3,446 BTC from Coinbase in the past 8 hours, worth approximately $255.2 million.

According to on-chain analyst Yu Jin's monitoring, the suspected Binance Life controller has once again extracted 30 million $ Binance Life from Binance through 3 wallets to the on-chain in the past half hour, worth approximately 11.4 million USD.In the past 3 days, influenced by the continuous large accumulation from this address set, the price of $ Binance Life has increased by a total of 112% ($ 0.17 → $ 0.36). Currently, the suspected controlling address set holds a total of 227 million $ Binance Life on-chain, accounting for 22.7% of the total supply, worth approximately 81.55 million USD.

According to Arkham monitoring, about 55 minutes ago, BlackRock transferred a total of 15,101 ETH, worth $35,110,000, to the Coinbase Prime address through its Ethereum exchange-traded fund ETHA; subsequently, it transferred a total of 566.753 BTC, worth $41,850,000, to the Coinbase Prime address through its Bitcoin exchange-traded fund IBIT.