Slow Mist Cosine Update Venus Security Incident: Stolen Whale Under Targeted Attack, Related Wallet Extension Replaced

ChainCatcher message, SlowMist's YuXian updated the Venus security incident on platform X as follows: In this whale theft incident, both the Venus protocol and the frontend should be fine. Currently, the analysis from SlowMist's partners leans towards the whale being targeted in a specific attack. Although the whale used a hardware wallet, the relevant wallet extension in the computer (used in combination with the hardware wallet) was replaced. When the user performed a normal redeemUnderlying operation, it was replaced with an updateDelegate operation, ultimately leading to the theft of assets in Venus.

The hacker funding for this targeted attack on the whale came from Gas exchanged from the privacy token Monero (XMR). Other related funds trace back to eXch, which is the previously sanctioned darknet trading platform, also a trading platform favored by North Korean hackers in the past.