On December 8th, decentralized exchange Velodrome on X platform stated that today the OpenZeppelin team disclosed detailed information about Thirdweb related vulnerabilities to their team. Velodrome has identified that certain functions in the Relay contract may be compromised, so Relay will be temporarily disabled until necessary adjustments are made. It should be noted that these issues will not put any user funds or veNFT at risk, and the core contracts have not been affected by the identified vulnerabilities.

Recently, the Shanghai Yangpu Public Security Bureau successfully dismantled a criminal gang that used digital currency to disguise and conceal criminal proceeds for overseas telecommunications network fraud, gambling, and other crimes, and arrested 11 criminal suspects, involving an amount of more than 10 million yuan.

The decentralized exchange Velodrome has received specific information from the OpenZeppelin team regarding the Thirdweb vulnerability and has confirmed potential security risks in the Relay contract.<br>To protect user funds and veNFT, Velodrome has decided to temporarily suspend the use of Relay and make necessary adjustments.<br>It should be noted that these issues will not put any user funds or veNFT at risk because the core contract has not been affected by the identified vulnerabilities.

On December 8th, Web3 anti-fraud platform Scam Sniffer stated that there appear to be 515 tokens on the mainnet affected by the Thirdweb related vulnerability, with 3 of them being attacked. The attacker made a profit of approximately $218,000.

The Xiachuan County Procuratorate in Henan Province recently handled a virtual currency pyramid scheme involving an amount of 120 million yuan. The suspect Wang commissioned a high-tech company to customize software, set up the "Red Bull Decentralized Exchange" website, publicly issue "NB Coins (Bull Coins)" online, develop a corresponding Red Bull Coin Trading App, and conduct pyramid schemes in the name of "virtual currency" and "blockchain", and established the "Red Bull Business School Lecturer Team" to promote offline. In just one year, the gang involved developed 2,128 members and cheated more than 120 million yuan.<br>According to the appraisal of the judicial appraisal agency, the user hierarchical relationship information of "Red Bull Decentralized Exchange" totaled 1,322,474, and users recharged with virtual currencies such as USDT and BTC, of which the amount of USDT was 201,819,88.4840085 (valued at approximately 120 million yuan). On July 14th of this year, the Intermediate People's Court of Nanyang City revoked the first-instance judgment against Wang and sentenced him to five years and nine months in prison for organizing and leading pyramid schemes, and fined him 500,000 yuan.

On November 30th, Cyvers Alerts AI system detected that two hot wallets of the Iranian cryptocurrency exchange Nobitex may have been attacked. The system detected multiple suspicious transactions involving about $12.5 million in digital assets. It is currently unclear whether these transactions were authorized or involved asset migration.

The Ministry of Public Security announced the measures and overall effectiveness of the nationwide public security organs' crackdown on hacker-related illegal crimes today, and released ten typical cases. The report shows that the modus operandi of hacker criminals is constantly upgrading, and new situations such as using blockchain smart contract vulnerabilities to issue "virtual currency" to defraud others' property are emerging one after another. The Sichuan police cracked a case of issuing virtual currency under the guise of disaster relief and implemented fraud, and found that the hacker group used the name of earthquake relief to release the so-called "Sichuan Refueling Coin" to lure netizens to buy it, and then used the preset backdoor to increase and cash out in large quantities. The amount involved reached 12 million yuan. Shi You, deputy director of the Network Security Protection Bureau of the Ministry of Public Security, said that the average age of hacker criminals is decreasing year by year, and even elementary school students have been found to be proficient in using hacker tools.

Decentralized auction platform Bounce Finance stated that it suffered a distributed denial-of-service (DDoS) attack during the public token sale earlier today and is currently working on system improvements.

On November 29th, Velodrome and its forked protocol Aerodrome's frontend were attacked. Please do not interact with it.

Indexed DAO was hacked and lost $16 million in 2021. In recent days, the attacker tried to hijack the remaining funds of the protocol twice, but Indexed DAO successfully escaped. Control of Indexed DAO will return to the hands of its founder, who plans to allocate the remaining funds to the victims of the 2021 hack.