SlowMist Cosine: GMGN hacker siphoned user funds through Pi Xiu scam pool exit, profiting over $700,000
Jinse Finance reported that SlowMist's Cosine posted on X, stating: "After reviewing dozens of theft reports related to GMGN submitted to us, the commonality is that users' private keys were not leaked, but both SOL and BNB were bought into 'Pixiu' pools (which can only be bought, not sold). The hacker mainly profited by removing liquidity from these Pixiu pools, making over $700,000. The cause of this situation (not due to private key leakage) is most likely a more advanced phishing method. Since GMGN has already fixed the related issue, it is not easy to reproduce. It is speculated to be related to GMGN's account model. When users visit phishing websites, the phishing site obtains the login signature information of the user's GMGN account model, such as access_token and refresh_token values, thereby taking over the user's account permissions. However, without the user's 2FA, the attacker cannot directly export the private key or withdraw funds, so they use the Pixiu pool to carry out a 'wash trading' attack on the user's funds, indirectly stealing user assets."
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Data: If ETH falls below $3,924, the total long liquidation volume on major CEXs will reach $1.641 billions
Western Union will issue a stablecoin on the Solana blockchain in 2026
Western Union plans to launch a stablecoin on Solana in 2026
Data: 100% win rate, whales resume accumulation, SOL long positions exceed $21 million
Trending news
MoreCrypto prices
More
