TokenPocket responds to incidents of user assets being collected and stolen by hackers: reminds users to immediately stop using unofficial, unverified third-party tools

The digital asset wallet TokenPocket posted on the X platform that in response to the incident of user assets being collected and stolen by hackers on February 14th, the team has been keeping an eye on it for the first time and working closely with the security team to systematically organize and conduct in-depth on chain analysis of recent user security related feedback, striving to quickly identify the problem and take effective countermeasures. Maintain close contact with affected users through methods such as questionnaire surveys and one-on-one communication, assist in collecting relevant information, and provide support for traceability and security warnings. Through technical analysis, it was found that the user had downloaded the third-party mining software "Bom", which had malicious behavior of unauthorized access to the user's photo album and uploading data. This can lead to the leakage of users' mnemonic words or private keys, thereby triggering asset security risks. Remind users to immediately stop using unofficial and unverified third-party tools (such as "mining" and "airdrop" software), which may contain malicious code to steal privacy; Do not save mnemonic words/private keys through screenshots, social media platforms (including "only visible to oneself"), cloud storage, etc. Attackers may use Trojan horses or cloud vulnerabilities to obtain information.