ChainCatcher news, according to Chainwire, the DeFi platform R0AR has announced the implementation of a regular buyback plan in response to a previous staking contract security incident. The platform will repurchase $1R0R tokens through weekly open market purchases, aiming to maintain token liquidity.ChainCatcher previously reported that SlowMist issued a security alert, stating that the root cause of The R0AR (@th3r0ar) vulnerability was a backdoor in the contract. During the deployment process, the R0ARStaking contract tampered with the balance of a specified address (user.amount) by directly modifying the storage slot. Subsequently, the attacker extracted all funds from the contract through an emergency withdrawal function.

ChainCatcher message, according to Jinshi reports, recently, the Japanese security team CSIRT revealed a security vulnerability in WinRAR that can bypass Microsoft's Windows Mark of the Web (MoTW) security mechanism, potentially allowing users to unknowingly execute malicious programs from the internet, posing serious security risks. This vulnerability is numbered CVE-2025-31334.To actively respond to the cybersecurity challenges posed by the WinRAR security vulnerability to our critical infrastructure, it is recommended to take the following measures from a technical perspective: first, conduct a comprehensive inspection of network devices in WinRAR user environments that are affected by this vulnerability and promptly install the latest version. Second, perform a reset of WinRAR client configurations. Third, it is advised that WinRAR users avoid connecting to untrusted networks when handling sensitive data.

ChainCatcher news, according to the official announcement from KiloEx, the platform has successfully recovered all stolen assets from this security incident, involving an amount of approximately 5.5 million USD. They are currently cooperating with judicial authorities and third-party experts to advance the formal case closure process.At the same time, a 10% bounty will be awarded to the white hat hackers as per the agreement. KiloEx stated that it will not pursue further legal responsibilities and is committed to continuously strengthening the platform's security construction.

ChainCatcher news, ZKsync founder and Matter Labs CEO Alex Gluchowski posted on social media, reiterating that there have been no incidents of code, contract, or operator key leaks, and stated that ZKsync has withstood the test precisely because it has an ultimate security architecture (Endgame). The team is still investigating the related security incident, and a detailed explanation will be released once the investigation and recovery work are completed.Alex stated that he initiated the investigation immediately after receiving feedback from the community. He added that although most Layer 2 project token prices have been under pressure recently, ZKsync has performed relatively steadily, but the team still has an unbreakable, legally binding commitment to investors, partners, and members.

ChainCatcher news, according to official information, the RWA lending protocol Zoth has released the latest progress on the security incident investigation.Zoth stated that there have been no significant changes to the involved funds, and the team is closely collaborating with intelligence agencies and ecosystem partners to continuously track and investigate the attackers' related activities.The official said that their current key tasks include:Real-time monitoring of the fund flows of relevant wallets;Collaborating with on-chain analysis teams to trace the attackers' digital footprints;Coordinating with law enforcement agencies and legal teams to formulate the next steps.

ChainCatcher news, blockchain security company PeckShield has released the latest data showing that the loss amount from the GMX and MIM Spell security vulnerability incidents has increased to approximately 6260 ETH, equivalent to about 13 million USD at current market prices.

ChainCatcher message, AdsPower officially stated on social media that its security team transparently disclosed an intrusion incident on January 24. Hackers spread malicious code, tampering with some third-party cryptocurrency wallet plugins in the AdsPower fingerprint browser. AdsPower has fixed the vulnerabilities and strengthened system security, while also reporting to the authorities in Singapore and actively cooperating with the police investigation.Internal investigations show that the attackers exploited vulnerabilities in third-party technology service systems to upload and spread a malicious version of the MetaMask plugin, which may have led to the leakage of cached information from users' wallet plugins. Currently, AdsPower has upgraded the plugin download mode in the application center and will further enhance network security, emergency response, and supply chain security management in the future. Affected users can receive exclusive value-added service plans in the AdsPower client.

ChainCatcher news, according to Slow Mist monitoring, the losses from Web3 security incidents in February 2025 are estimated to total $1.681 billion. The Slow Mist blockchain hacker archive has recorded a total of 15 hacking incidents, resulting in approximately $1.676 billion in losses, of which $52.45 million has been frozen or recovered.In addition, according to data from the Web3 anti-fraud platform Scam Sniffer, there were a total of 7,442 victims of phishing attacks this month, with total losses reaching $5.32 million. The majority of incidents were caused by smart contract vulnerabilities, social engineering, account intrusions, and private key leaks.

ChainCatcher news, Cobo co-founder and CEO Shen Yu posted on platform X, stating that the Bybit $1.5 billion security incident and multiple cases of Safe owner tampering have exposed three major pain points in current blockchain security:Front-end/plugins are easily tampered with, and users cannot verify signed data;The environment of multi-signature key holders lacks independence and has no mandatory review mechanism;Hardware wallet transaction parsing capabilities are weak, essentially in a blind signing state;

According to ChainCatcher's message and data statistics from the hacker section of the DefiLlama website, the theft of over $1.4 billion in assets from Bybit is the largest security incident in cryptocurrency history, accounting for about 15% of the total stolen amount from all security incidents in cryptocurrency history.The panel data shows that the cumulative amount stolen in cryptocurrency history exceeds $10.62 billion, with DeFi-related stolen assets reaching as high as $6.31 billion, and stolen assets from various bridging projects amounting to $2.87 billion.

ChainCatcher message, Ethena Labs posted updates related to the Bybit security incident on X:All spot assets supporting USDe are held in an off-chain custody solution, including those held by ByBit through Copper Clearloop. No exchange, including Bybit, has spot value.The total unrealized PNL (profit and loss) related to Bybit hedge positions is less than $30 million, which is less than half of the reserves.Currently, USDe is still over-collateralized.All USDe redemptions are proceeding normally, and the liquid stablecoin value supported by USDe is $2 billion, which can be redeemed at any time if users need.At the same time, Ethena Labs stated that they stand with Bybit and are ready to provide assistance.

ChainCatcher news, according to official sources, regarding the Bybit incident, HashKey has expressed support for Bybit on their official Twitter, strongly condemning the illegal actions of the hackers, and believes that Bybit's security incident will be properly handled and overcome.HashKey stated that its exchange business, HashKey Exchange and HashKey Global, uses data centers that comply with the physical security standards for financial institutions in Hong Kong, and employs a completely offline signing hardware wallet management mechanism, which does not involve the risks associated with MPC multi-signature wallet technology. Additionally, based on the continuous strengthening of security system construction, licensing, compliance, and regulation are essential to truly ensure the healthy and sustainable development of the industry.

ChainCatcher message, the mETH Protocol under Mantle, which has a deep binding relationship with Bybit, has indicated that it is aware of a recent security incident involving certain mETH and cmETH transactions on Bybit, including a withdrawal request for 15,000 cmETH.To support the ongoing investigation, cmETH withdrawals on the platform have been suspended, while deposit and staking services continue as usual. User funds on the mETH Protocol remain safe and unaffected, and the protocol is still protected by the highest security standards. The community will be notified immediately once withdrawals are restored.

ChainCatcher news, according to Arkham monitoring, on-chain detective ZachXBT submitted conclusive evidence at 3:09 AM Beijing time, confirming that the attack on Bybit was carried out by the North Korean hacker group Lazarus Group.ZachXBT's analysis report includes detailed information such as test transactions before the attack, associated wallet analysis, multiple forensic charts, and timeline analysis. The report has been submitted to the Bybit team to assist in their investigation.

ChainCatcher news, according to official news from JuCoin, in response to the recent security incident at Bybit, JuCoin announced the provision of 1000 BTC as an industry co-construction fund, and will offer advanced security technology services for free, including threat detection, smart contract auditing, cold and hot wallet management, and multi-signature technology implementation, to fully ensure the safety of user assets and the stable operation of the platform.As a well-established exchange with 13 years of experience in the digital asset field, JuCoin has always prioritized the safety of user assets, maintaining a record of zero security incidents. JuCoin calls on industry peers to work together to enhance security standards and build a more reliable crypto ecosystem.

ChainCatcher news, ZachXBT posted on his personal Telegram channel stating that my sources confirm Bybit's fund outflow is a security incident.In addition, ZachXBT reminded relevant personnel from major exchanges: it is recommended to blacklist the following EVM addresses.0x47666fab8bd0ac7003bce3f5c3585383f09486e20xa4b2fd68593b6f34e51cb9edb66e71c1b4ab449e0x36ed3c0213565530c35115d93a80f9c04d94e4cb0x1542368a03ad1f03d96D51B414f4738961Cf4443Previously, on-chain detective ZachXBT posted on his personal Telegram channel stating that he detected over $1.46 billion in suspicious fund outflows from Bybit, and further information will be updated later. mETH & stETH are currently being exchanged for ETH on DEX.

ChainCatcher message, according to the official announcement from zkLend, the protocol is currently experiencing a security incident. The team is investigating the specific reasons and has suspended withdrawals. The official call to users is to refrain from making deposits or repayments until further notice.