ChainCatcher reports that, according to GoPlus monitoring, the account abstraction solution Holdstation has been targeted in a supply chain attack. The attacker stole developer session tokens, bypassed two-factor authentication, and injected malicious code into application updates, resulting in user funds being stolen.
The attack caused a total loss of 462,000 USDT. The attacker’s address is 0xcbfA60B39cfAeaE475f649fB6705bD477219bF8d. The Holdstation team has suspended services, pledged to fully compensate affected users, and is working with security teams to investigate the incident. They also posted a message on-chain, hoping to encourage the attacker to return the funds through a bug bounty program.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Crypto wallet Phantom crashes big time! During the airdrop, prices got mixed up, sparking a wave of user claims
Phantom Wallet experienced a malfunction during the airdrop period, causing abnormal token prices and account balances to display. Although users’ assets were safe, they suffered transaction losses, leading to compensation demands and a trust crisis. The incident also heightened concerns about blockchain security, as some malicious actors may take advantage of the confusion to launch phishing attacks. While the technical issue has been fixed, improvements are still needed to the user experience and system stability.
CryptoCity15m ago
Crypto investment scams are rampant! FBI report: Americans were scammed out of $11.4 billion last year, up 22% year over year
A U.S. FBI report shows that in 2025, losses from cryptocurrency scams reached $11.4 billion, up 22% from the previous year. The scams are sophisticated, mainly controlled by criminal groups in Southeast Asia, and they use human trafficking to force victims into labor. The number of victims increased to 181,565 cases, with an average loss of more than $62,000; many people lost their lifetime savings.
区块客1h ago
ZachXBT discloses internal payment server data from North Korean IT workers, involving a $3.5 million flow of funds
On-chain detective ZachXBT revealed that an anonymous source shared stolen data from North Korea’s internal payment servers, involving 390 accounts and encrypted transaction information. More than $3.5 million in funds vanished, and it is connected to a sanctioned company. ZachXBT has compiled a detailed organizational chart.
GateNews2h ago
Adam Back: Bitcoin’s quantum threat is still far off, but the migration window has already opened
Blockstream CEO Adam Back said in an interview that quantum computers have not yet threatened the Bitcoin network, but the industry needs to prepare in advance by migrating keys to a quantum-resistant format. He mentioned that his research team is pushing forward on related work; post-quantum cryptography has already entered the implementation stage. The challenge faced is how to complete the migration in an orderly way.
GateNews2h ago
South Korea takes away exchange discretion in a major anti-phishing crackdown
South Korea's financial regulators have mandated that all domestic crypto exchanges implement a uniform withdrawal delay system to combat voice phishing scams. This decision removes prior flexibility for platforms in managing withdrawal exceptions, aiming to give victims time to reconsider transactions.
CoinDesk5h ago
Is there a connection between it and the Crown Prince Group? While the cryptocurrency resort project in Timor-Leste is moving forward, the construction site is empty and contains nothing.
Timor-Leste’s “cryptocurrency resort” project is believed to be connected to a Cambodian prince group scam network that is subject to U.S. sanctions. On-site investigation found the location to be an empty lot. The prince group has been accused of carrying out large-scale online fraud, with victims worldwide. The investigation prompted concern from the Timor-Leste government, which said the country faces the risk of transnational crime.
CryptoCity5h ago
