security

According to CCTV News, recently, the head of a major cross-border gambling and fraud crime group, Chen Zhi, was legally escorted back to the country from Cambodia. Chen Zhi's criminal group is suspected of multiple crimes including fraud, operating casinos, illegal business operations, and concealing criminal proceeds. The case is currently under investigation. In order to implement a criminal policy that balances leniency and severity, and to legally punish gambling and fraud crimes while providing an opportunity for fugitives to reform and seek leniency, the following announcement is made in accordance with relevant legal provisions:From the date of this announcement until February 15, 2026, if criminal suspects voluntarily surrender to the public security organs and truthfully confess their crimes, they may receive a lighter or reduced punishment according to the law. Those who threaten, retaliate against, or obstruct suspects intending to surrender will be held criminally responsible according to the law. The public security organs urge relevant criminal suspects to recognize the situation, cherish the opportunity, and promptly surrender to the public security organs at their place of household registration to seek leniency. Those who refuse to surrender will be publicly wanted, and efforts will be made to capture them and punish them according to the law.

According to market news, the South Korean National Assembly has voted to pass amendments to the Capital Markets Act and the Electronic Securities Act, marking the formal establishment of a framework for the issuance and circulation of security tokens (STOs) in the country, about three years after the financial regulatory authorities released relevant guidelines. The core content of the amendments includes the introduction of the concept of distributed ledger technology, allowing eligible issuers to directly issue and manage tokenized securities through electronic registration, while also establishing a "Issuance Account Management Institution."In addition, non-typical securities such as investment contract securities will also be included under the regulation of the Capital Markets Act, and their circulation in the over-the-counter market will be permitted through the newly established over-the-counter brokerage business. The amendments to the Capital Markets Act will take effect from the date of publication. However, provisions related to investment solicitation guidelines will take effect six months after publication, while provisions related to over-the-counter trading will take effect one year after publication.

The blockchain security agency BlockSec stated that the FutureSwap protocol deployed on Arbitrum was attacked again by hackers exploiting a reentrancy vulnerability, just four days after its first attack, resulting in a loss of approximately $74,000.The attacker first over-minted LP tokens using the reentrancy function 0x5308fcb1 three days ago, and after the cooldown period ended, redeemed the excess collateral to realize profits.

Helius CEO Mert stated on the X platform that AI has given Solana a significant competitive advantage in development. Solana's program model is more secure for AI compared to the interface model of EVM. On Solana, most operations (especially core functions like token creation, exchange, and movement) do not require writing new contracts, which means developers can reuse existing pipelines on the client side without needing new security audits, thus enhancing development speed.Developers can integrate existing pipelines, exchanges, and Token Hooks with a small set of prompts. Furthermore, the previous disadvantage of Solana, where the low abstraction level of the Rust language made contract writing more difficult, has been effectively mitigated by AI. It is expected that several startups valued between $1 billion and $10 billion will emerge on Solana this year.

According to the official announcement, Gate has released the latest reserve report, showing significant improvements in various data. As of January 6, 2026, the total reserve ratio of Gate has increased from 124% to 125%, with a total reserve value of $9.478 billion, covering nearly 500 types of user assets. Gate consistently ensures the safety of user assets through a verifiable mechanism.As of now, Gate's core assets maintain sufficient reserves. Currently, the total number of BTC users is 17,640, with a reserve of 24,817 BTC, and the excess reserve ratio has increased from 33.96% to 40.69%. The total number of ETH users is 337,565, with the reserve increasing from 419,096 ETH to 419,320 ETH, resulting in an excess reserve ratio of 24.22%. The total number of USDT users has grown from 1.333 billion to 1.385 billion, with Gate's reserve amounting to 1.516 billion USDT. Gate's latest reserve report shows that the core asset reserves are sufficient, effectively ensuring the safety and stability of user assets.

According to CoinDesk, Robinhood's head of crypto business, Johann Kerbrat, stated that the company chose to build its Ethereum Layer-2 network on Arbitrum rather than launching an independent Layer-1, primarily to directly benefit from Ethereum's security, decentralization, and EVM ecosystem liquidity, allowing them to focus on core products like tokenized stocks.Robinhood's own L2 is currently still in the private testnet phase, with tokenized stocks already deployed on Arbitrum One, allowing for seamless migration of assets and liquidity when the new chain goes live. So far, the number of tokenized stocks at Robinhood has expanded from the initial approximately 200 to over 2000.

According to BlockSec monitoring, a suspicious transaction occurred on the Arbitrum chain involving the FutureSwapX contract, with an estimated loss of approximately $395,000.BlockSec stated that they have attempted to contact the team but have not yet received a response. It appears that the attacker stole funds through multiple changePosition operations, ultimately withdrawing USDC. Since the contract is not open source, the exact root cause still requires further investigation. Based on on-chain behavior, it is suspected that this incident may be related to unexpected fluctuations in stable balances during early position updates, which led to the release of USDC when positions were reduced or closed.

The scene of the repatriation of Chen Zhi, the head of the Prince Group, has been exposed. On January 7, the Ministry of Public Security of China dispatched a working group to successfully escort Chen Zhi (a Chinese national), the leader of a major cross-border gambling and fraud crime group, back to China from Phnom Penh, Cambodia.Investigations revealed that Chen Zhi's criminal group is suspected of multiple crimes, including operating casinos, fraud, illegal business operations, and concealing and disguising criminal proceeds. Chen Zhi has currently been subjected to compulsory measures in accordance with the law, and related cases are under further investigation. A relevant official from the Ministry of Public Security of China stated that the police will soon publicly announce the wanted list of the first batch of core members of Chen Zhi's criminal group and will resolutely capture the fugitives.Chen Zhi, the founder of the Cambodian telecom fraud crime group "Prince Group," was born on December 16, 1987, in Lianjiang County, Fuzhou City, Fujian Province, China. He dropped out of school after completing the second year of junior high and previously worked in internet-related jobs in China. In 2011, he went to Cambodia to invest in real estate and obtained Cambodian nationality through investment immigration in 2014 (later renouncing his Chinese nationality). In 2015, he founded Prince Holding Group (referred to as Prince Group), suspected of operating a large multinational fraud gang. In mid-October 2025, the United States and the United Kingdom announced lawsuits against Chen Zhi and confiscated approximately $15 billion worth of Bitcoin that he held.

Multiple executives in the cryptocurrency industry and advocacy organizations have warned that modifying the stablecoin regulatory framework under the banking lobby's request, as outlined in the GENIUS Act, to restrict third parties from providing yields to stablecoin holders could undermine the United States' competitiveness in the global financial system and even pose a "national security trap."Pro-crypto lawyer John Deaton stated that banning stablecoin yield mechanisms might actually drive the market towards China's interest-bearing digital yuan, thereby weakening the dollar's position. The cryptocurrency industry organization Blockchain Association pointed out that there is currently no evidence that the development of stablecoins would disrupt the traditional banking system, and such modifications seem more like competitive blocking actions by large banks after achieving bipartisan consensus.Alexander Grieve, Vice President of Government Affairs at Paradigm, also warned that overturning existing reward arrangements would waste the progress made in legislation. Meanwhile, Mike Novogratz, CEO of Galaxy Digital, bluntly stated that it would be a wrong choice for the U.S. to roll back related rules due to industry pressure.

Multiple executives in the cryptocurrency industry and advocacy organizations have warned that modifying the stablecoin regulatory framework under the banking lobby's demands in the GENIUS Act, which restricts providing yields to stablecoin holders through third parties, could undermine the United States' competitiveness in the global financial system and even pose a "national security trap."Pro-crypto lawyer John Deaton stated that banning stablecoin yield mechanisms might instead drive the market towards China's interest-bearing digital yuan, thereby weakening the dollar's position. The cryptocurrency industry organization Blockchain Association pointed out that there is currently no evidence that the development of stablecoins would disrupt the traditional banking system, and such modifications seem more like competitive obstruction by large banks after achieving bipartisan consensus.Alexander Grieve, Vice President of Government Affairs at Paradigm, also warned that overturning existing reward arrangements would waste the legislative progress made. Meanwhile, Mike Novogratz, CEO of Galaxy Digital, bluntly stated that it would be a wrong choice for the U.S. to roll back related rules due to industry pressure.

Fusion Releases Security Update: The IPOR USDC Fusion Optimizer has a vulnerability in the Arbitrum Vault. The IPOR team has been notified of a vulnerability that resulted in a loss of $336,000 USDC.The vulnerability targets a specific outdated Fusion Vault. Due to its unique configuration, this is the only vault that is susceptible to this particular attack vector. The loss accounts for less than 1% of the total funds guaranteed by Fusion. They are working with the Security Alliance to track and recover the funds. The IPOR DAO will cover the funding gap from the treasury. All affected depositors will be fully compensated.

Flow network has encountered an attack targeting the Cadence virtual machine type confusion vulnerability, resulting in illegal token issuance. The attacker exploited a complex "three-part vulnerability chain" to bypass resource linearity guarantees, disguising resource objects as structs for duplication. The incident caused approximately $3.9 million in actual economic losses, with funds flowing out through cross-chain bridges such as Celer and deBridge.According to Flow monitoring, the attacker created a total of 87.96 billion FLOW and various tokens, of which 1.094 billion FLOW were transferred to centralized exchanges. Thanks to timely shutdowns by validators and cooperation with OKX, Gate.io, MEXC, and others, about 98.7% of the illegal assets have been frozen on-chain or at exchanges, and approximately 484 million FLOW have been destroyed. The network has recovered on December 29 through an "isolation recovery plan," and a comprehensive patch covering parameter validation, runtime checks, and contract deployment logic has been deployed.

Web3 AI security infrastructure Block Security Arena (BSA) announced the completion of its seed round financing with a valuation of $30 million, with participation from Hotcoin Labs, Starbase, Onebit Ventures, and Apus Capital.It is reported that BSA aims to build a "closed-loop" security ecosystem by combining AI-driven tools with a gamified education system. Its core business covers four dimensions: an AI academy based on RAG technology, a Docker-based attack simulation sandbox, an AI auditing assistant for developers, and a token risk radar. BSA's long-term vision is to evolve into a decentralized security response center, connecting project parties and white-hat hackers through a dual incentive mechanism to address the talent gap in Web3 security and the risks associated with smart contracts.

The Chief Information Security Officer of Slow Fog Technology @im23pds posted on the X platform, stating that a new type of "2FA security verification" scam has emerged with MetaMask, reminding users to be cautious.