ChainCatcher news, according to official sources, the Web3 phishing attack simulation platform "Unphishable," jointly developed by SlowMist Team, DeFiHackLabs, and ScamSniffer, will officially launch on July 1. This platform is designed to provide users with a realistic phishing attack simulation experience, helping users enhance their fraud prevention skills in a safe and gamified environment.Unphishable is completely browser-based, supporting English, Simplified Chinese, and Traditional Chinese, and operates on the MetaMask test network to ensure the safety of user assets. The platform will offer over 30 phishing simulation levels, covering common attack types from beginners to advanced users, including fake airdrops, mnemonic phrase phishing, and malicious authorizations.

ChainCatcher news, according to official sources, the on-chain derivatives trading platform Sphinx has announced the completion of a $2 million Pre-Seed round of financing, led by Eckhardt Capital, with participation from Big Brain Holdings, Blockchain Founders Fund, Blizzard, TRIVE Ventures, Cosmos Hub, London Real Ventures, GS Futures, as well as Andrew Durgee, Stefan Rust, Zachary Keats, and others.Sphinx is building an energy commodity derivatives exchange based on its self-developed permissioned Layer 1, supporting futures and perpetual contracts for markets such as oil and gas. The funds will be used for the mainnet launch and institutional partnership expansion.

ChainCatcher news, according to official sources, hardware wallet manufacturer Trezor has issued a security warning indicating that attackers are abusing its contact form to send phishing emails disguised as official support replies, luring users into disclosing their wallet backup information.The official statement emphasizes that Trezor will never ask users for their wallet backups, and this information should always remain offline and private. This issue has been contained, but security is an ongoing process, urging users to remain vigilant.

ChainCatcher news, according to Cointelegraph, cryptocurrency venture capital firm Hypersphere's investment partner Mehdi Farooq stated that after falling victim to a fake Zoom call phishing attack, funds from his 6 wallets were stolen, resulting in the loss of years of savings.Mehdi Farooq revealed that the attack began with a message from Alex Lin, whom he knew, on Telegram. The two had interacted before, so this contact seemed routine. The latter shared a meeting link, and after joining the scheduled Zoom meeting, he found there was no audio. Shortly after running an update, his system was compromised, and hackers "drained his years of savings" in just a few minutes.

ChainCatcher news, according to a report by Delphi Digital, the supply of stablecoins has exceeded $250 billion for the first time. Among them, yield-bearing stablecoins are growing rapidly, with Ethena reaching nearly $6 billion since its launch;Tether and Circle still dominate the market, accounting for 86% of the circulating supply combined; the diversity of issuers has increased, with more than 10 stablecoins having a circulation of over $100 million; over $120 billion in U.S. Treasury bonds are locked in stablecoins, creating a liquidity pool outside of traditional markets.

ChainCatcher news, Ant International has released its first sustainability report, which discloses the main business composition and various business data. This includes Ant International's increased investment in AI, blockchain, and cryptocurrency applications over the past two years. In the scenario finance business, the platform's technology department has made breakthroughs with AI foreign exchange models and blockchain settlement technology, processing over $1 trillion in global transactions last year, of which one-third (over $300 billion) was handled by its blockchain-based Whale platform. Ant International has completed cross-bank blockchain test transactions denominated in Hong Kong dollars under the Hong Kong Monetary Authority's Ensemble project sandbox framework.

ChainCatcher message, Bitcoin mempool and blockchain explorer Mempool officially announced that the project does not provide any so-called "crypto recovery services." Any phishing emails using its logo and claiming to be from "mempool recovery" are scams. The community is reminded to stay vigilant and not to interact with unverified links.

ChainCatcher news, according to official information, GoPlus Security has issued a security alert. Recently, new phishing attacks targeting EIP-7702 smart accounts have re-emerged on the Ethereum mainnet, BNB Chain, and Base chain. In just 3 days since its launch, thousands of addresses have fallen victim, with losses exceeding $10,000 in crypto assets. The attackers use one address for authorization phishing; once the user authorizes, that address can automatically transfer the BNB or other tokens that the user subsequently deposits.The GoPlus security team reminds users: do not transfer or authorize to unknown addresses. The current 7702 scam is leveraging historically leaked private key addresses for large-scale phishing attacks, so please remain vigilant.

ChainCatcher message, SlowMist issued a warning stating that the team recently discovered a suspicious tool while assisting users, claiming that their wallets had "risk authorization" and诱导用户粘贴私钥以解决问题. After investigation, the website signature[.]land was confirmed to be a phishing platform and has been marked as a malicious site by the Web3 anti-fraud platform ScamSniffer.The investigation found that the website's UI mimics a legitimate Revoke tool, with risk results being fabricated, and all user inputs are directly sent to abpulimali@gmail.com. The operator Titan uses various deceptive tactics, including impersonating SlowMist employees, using Zachxbt's avatar on Telegram, and commenting under crypto user posts with an X account that has 74,000 followers, falsely claiming that wallets are at risk and directing users to phishing links.

ChainCatcher News, the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) stated on May 29 that Funnull Technology is linked to most cryptocurrency scam websites reported to the FBI, with victims' losses exceeding $200 million.According to OFAC, Funnull purchased IP addresses in bulk from cloud service providers and sold them to scammers, allowing them to host and operate clone versions of legitimate investment platforms, deceiving victims and stealing their cryptocurrency.OFAC stated that in a 2024 case, Funnull purchased a code repository used by web developers and modified the code to redirect visitors of legitimate websites to scam sites and online gambling sites.

ChainCatcher news, according to Beincrypto, the blockchain security platform Scam Sniffer has disclosed that the notorious phishing organization Inferno Drainer has recently launched a new type of attack utilizing the upcoming EIP-7702 feature in Ethereum, resulting in individual user losses of up to $150,000.EIP-7702 is a proposal in the Ethereum Pectra upgrade that allows external accounts (EOA) to temporarily act as smart contract wallets during transactions. Attackers exploit this by using authorized MetaMask wallets to batch transfer user assets, rather than directly controlling wallet permissions.Yuxian, the founder of Slow Mist Technology, stated that such attacks have evolved from traditional private key theft to utilizing the "execute" command to perform malicious authorizations in the background. Security experts recommend that users regularly check their token authorization status and use tools like Etherscan to identify abnormal delegation behaviors to mitigate potential risks.

ChainCatcher news, GoPlus Security today warned that with the Pectra upgrade, thousands of users enabling EIP-7702 smart accounts have encountered a dangerous phishing scam.Analysis of the contract code revealed that the malicious Delegator address (0x930fcc37d6042c79211ee18a02857cb1fd7f0d0b), once authorized, will automatically redirect ETH from user accounts to the scammer's wallet.Security experts remind users: only authorize the 7702 feature through official wallet applications, never click on "upgrade" options in external links or emails, and always verify the contract source code.

ChainCatcher news, Slow Mist founder Yu Xian stated that the "fake Ledger" scam has reemerged recently, with attackers mailing counterfeit Ledger devices to users, accompanied by fake manuals, guiding them to input the mnemonic phrases from their real Ledger into a fake application, resulting in asset theft. This attack method had cases as early as 2021, and there are also variants that commit fraud by pre-setting mnemonic phrases or tampering with random number generators.Experts remind that although such physical-layer phishing attacks may seem rare, their success rate is not low, and the targets are often high-net-worth users.

ChainCatcher message, Zhao Changpeng released several security tips to prevent phishing attacks:Never disclose your password to anyone claiming to be "customer service." Real customer service representatives will never ask users for their passwords.Do not click on links received in emails; always log into your accounts by manually entering the website URL or using bookmarks. Before entering any password, make sure to triple-check that the website is not a phishing site.Do not use the same password across multiple sites. Use a password manager to set a unique and strong password for each site, and the password manager will not match your passwords on phishing site domains.Use hardware two-factor authentication (2FA) devices like Yubikey, which can prevent most phishing attacks.