Focus on the Black Swan Event of Meme: Massive Theft Incident on DEXX Decentralized Exchange | TrendX Research Institute

As of November 17th, the TrendX platform's data statistics for BTC, ETH, and TON are as follows:

The discussion volume of BTC last week was 18.23K, a decrease of 13.67% from the previous week; the price on last Sunday was $91,956, a 13.2% increase from the previous Sunday.

The discussion volume of ETH last week was 4.27K, a decrease of 26.98% from the previous week; the price on last Sunday was $3,134, a 2% decrease from the previous Sunday.

The discussion volume of TON last week was 777, a decrease of 3.63% from the previous week; the price on last Sunday was $5.52, a 0.2% increase from the previous Sunday.

In the late night of November 16th, the decentralized exchange DEXX suffered a major network attack, resulting in the illegal transfer of assets for many users. According to the reactions of the affected users, DEXX may have suffered losses of tens of millions of dollars due to this attack, and the specific amount is still being calculated, estimated to be over a hundred million dollars. Yu Xian, the founder of Web3 security expert and SlowMist Technology, pointed out that users' private key information has been leaked, but the specific leakage method is still under further investigation. The trust of the on-chain market in the DEXX platform has plummeted, even suspecting self-theft. Despite the murky truth, this massive fund theft incident on DEXX has dealt a major blow to the recently active on-chain Meme market, and has once again reminded people to pay attention to the security of on-chain assets.

Is DEXX Engaging in Self-Theft? Latest Developments of the Incident

DEXX holds an important position in the Meme world, as it is a decentralized exchange specifically designed for trading and providing liquidity for Meme tokens, and also supports the launch, staking, and lending services of Meme projects, forming a complete Meme financial ecosystem. DEXX's daily trading volume has long been ranked at the forefront of DEXs, being hailed as the "Binance" of the on-chain Meme market. Regarding the issue of user private key theft, DEXX operates through smart contracts, and users are supposed to have control over their asset private keys, theoretically making it more secure. So where did the problem arise?

According to Bituniverse's system monitoring, through preliminary investigation, it has been confirmed that a large-scale user asset theft incident occurred on the DEXX trading platform, with the confirmed stolen funds reaching over a hundred million dollars, and hackers are still actively transferring user assets. Through in-depth technical analysis, the DEXX trading platform has the following serious security issues:

• Private key storage: The platform, as a non-custodial platform, records user private keys, once the system is attacked, hackers can easily obtain user private keys and steal user assets.

• Plain text transmission of private keys: When users export private keys, no encryption measures are taken, resulting in the private keys being exposed in plain text during transmission, making it easy for hackers to intercept.

Official statement from DEXX:

The latest news on November 17th, DEXX founder Roy responded to the suspicion of being missing on the X platform, stating: "Due to special reasons, we cannot currently synchronize the recent situation. Give us some more time to handle it satisfactorily." The previous day, the DEXX official stated that the team is working hard to resolve the issue, and there is no rug pull, and subsequent progress will be synchronized in a timely manner. In response, Roy stated that they will compensate and have isolated some users.

Market response:

However, as the stolen amount continues to increase, will DEXX really compensate users for their losses? Most users are skeptical and do not believe that Roy will compensate for user losses, believing that this is a case of self-theft by the platform, completely eroding trust in the DEXX platform.

Some users have expressed that DEXX and various trading bots are all exposed in terms of security. The community has discovered that according to the export_wallet request information in the developer tools, when exporting DEXX private keys, the private keys are presented in plain text, meaning that user private keys are actually on the official server. If communication is not encrypted, attackers may intercept user private keys during transmission, and even if HTTPS transmission is used, direct transmission of private keys may still lead to privacy data leakage due to browser vulnerabilities or other security issues. Therefore, some users jokingly say that "DEXX has redefined non-custodial wallets."

In addition, the wallet application OneKey stated that DEXX has repeatedly requested "upload user clipboard content" permission, which may have uploaded user clipboard content, stating "If you have copied private key mnemonics on your phone, transfer your assets as soon as possible."

Which Meme Tokens are at Risk of Being Dumped? What are the Implications for the Future Market?

According to GMGN market data on the 16th, affected by the DEXX theft, Meme tokens such as BAN, LUCE, and PNUT have experienced varying degrees of decline, including:

· BAN has dropped by about 30% since the incident occurred

· LUCE has dropped by about 20% since the incident occurred

· PNUT has dropped by as much as 12.5% since the incident occurred

Key Emphasis One:

This hacker theft incident is not over! If the DEXX security team cannot resolve the issue in a timely manner, the hacker will continue to steal assets from DEXX users. As for the stolen amount, as of the 17th, based on the information of over 500 victims they have collected, it can be roughly confirmed that at least $13 million has been stolen. But this is only the number as of the 17th, the stolen funds may be far more than this, because in addition to stablecoin USDT, a large number of recently popular Meme tokens, such as $BAN, $Pnut, $BITCAT, and SOL, have been stolen. We remind you that especially on-chain Meme tokens and Meme tokens with poor liquidity are high-risk assets.

Key Emphasis Two:

Regarding the funds already stolen by the hacker, the Web3 security team Beosin Alert released a statement on the 16th, stating that the hacker has not yet transferred the funds. They have collected about 2,800 victim addresses and analyzed over 9,000 transactions of stolen funds. According to their analysis, the stolen funds are still stored in addresses controlled by the hacker, with no signs of being transferred.

This means that the hacker has not yet revealed their "ultimate goal," like a hanging sword, no one knows if these Meme tokens will suddenly be sold off by the hacker, coupled with the common FOMO sentiment in the Meme world... So this incident will have incalculable implications for the Meme world, and even the entire crypto market, it may cause many Meme tokens to go to zero, and dampen the recent momentum of the hot Meme field, thereby affecting the vitality and confidence of the entire crypto market.

How to Safely Custody Funds?

In the current bull market, the Meme field is undoubtedly a hot spot for creating wealth, and on-chain trading and the use of various automation tools (especially bots) have become the new norm for users. Considering that projects such as Bananagun and Unibot have suffered theft incidents in the past, and the DEXX incident will not be the last. Therefore, the industry needs to remain highly vigilant about security issues, and we as investors must always remain vigilant to ensure the security of our assets.

When custodying funds, users can take the following measures to ensure the security of their funds:

• Use a hardware wallet to store assets

A hardware wallet is a type of cold wallet that is not connected to the internet, thus avoiding most online attacks. It is recommended that users choose mainstream hardware wallets such as Ledger and Trezor. It is important to ensure that the wallet firmware is the latest version. Safeguard the mnemonic phrase properly and avoid digitally storing the mnemonic phrase (such as taking photos or saving it in the cloud).

• Diversify asset storage

Avoid "single point of failure" by storing funds in multiple wallets, not concentrated in a single address or exchange. It is recommended to store the main assets in a cold wallet and a small amount of trading funds in a hot wallet.

• Choose decentralized custody solutions

It is recommended that users choose verified and genuine decentralized custody solutions to avoid the risks of exchange centralization. Solutions such as multi-signature wallets require approval from multiple signatories for transactions, further enhancing security.

• Review the security of exchanges or platforms

Confirm whether the exchange regularly undergoes third-party security audits, and whether the platform makes corrections and improvements based on the recommendations of third-party security audits to further protect users' account assets. For users with certain conditions, it is best to understand the platform's fund custody mechanism (such as the ratio of cold and hot wallets, multi-signature protection, etc.).

• Purchase insurance or participate in decentralized risk hedging

In addition to the above actions, you can also purchase encryption insurance against hacker attacks (such as InsurAce, Bridge Mutual).

Here are some security tips we have prepared for you:

• Be cautious about recommendations: Before trusting others' recommendations, thoroughly research the product mechanism, and recommend using automation tools (such as bots) that do not store private keys on servers.

• Choose reputable tools: Prioritize tools (such as bots) that have been in operation for a long time, have a strong team, and have no history of security issues.

• Beware of online scams: On any social platform, such as Telegram groups, do not click on unknown links or respond to unsolicited private messages.

• Protect large transactions: Regardless of the tool used, after completing large fund transactions, it is recommended to transfer the funds to a wallet under your control.

Additionally, we also recommend reading or rereading the "Blockchain Dark Forest Self-Rescue Manual" by Yu Xian, the founder of SlowMist Technology, to navigate the dark forest of blockchain, safety first.

Research Report

Follow Us

TrendX: TrendX-No.1 Web3 investment opportunities and platform, relying on industry-leading AI analysis technology and on-chain and off-chain trend tracking technology, real-time analysis of dynamic data of billions, capturing investment opportunities, providing investment advice through intuitive interaction, adhering to the concept of "change is opportunity," and committed to becoming the preferred Web3 investment platform for users.

Website: https://app.trendx.tech/

Twitter: https://twitter.com/TrendX_tech

Investment carries risks, projects are for reference only, please bear the risks on your own.