ChainThink report, March 17: According to a disclosure from the official account "Cyber Intelligence Research Institute," a Chinese hacking group has experienced internal conflict over profit distribution. A team member publicly revealed that they previously conducted supply chain attacks to steal approximately $7 million in cryptocurrency assets, targeting platforms including the encrypted wallet Trust Wallet.
According to the leaked information, the group operated under the guise of a cybersecurity company named "Wuhan Anxun Technology," publicly offering services such as vulnerability mining, network penetration testing, and security consulting. However, internally, the team was engaged in illicit activities involving cryptocurrency theft and other gray-market operations. The members stated they exploited Electron client supply chain vulnerabilities, performed plugin reverse engineering, and utilized automated tools to mass-extract mnemonic phrases and scan multi-chain assets across networks including Ethereum, BNB Chain, and Arbitrum.
The whistleblower claimed the team developed automated tools to scan mnemonic-based assets at scale, used remote access programs to exfiltrate wallet data, and subsequently transferred and fragmented the stolen funds. The attacks reportedly targeted 37 different tokens across multiple blockchain networks.
The incident was triggered by an internal dispute over profit sharing. The leaker stated that disagreements over unfair revenue distribution led to a rift with the team leader, and after their severance compensation remained unfulfilled, they decided to disclose evidence publicly and plan to surrender to law enforcement authorities.
As of now, these allegations have not been officially verified, and further investigation is required to confirm the full details. Industry experts note this case underscores ongoing risks related to cryptocurrency wallet supply chain security and plugin integrity, as well as the rising trend of targeted attacks against high-value users.
Disclaimer: Contains third-party opinions, does not constitute financial advice
One pip install steals all keys: Karpathy calls LiteLLM poisoning "the scariest thing in software"
03-25
SlowMist CISO: LiteLLM Suffers PyPI Supply Chain Attack, Exposing Sensitive Information Including Cryptocurrency Wallets and Cloud Credentials
03-25
The South Korean National Tax Service plans to select private virtual asset custodian service providers this year in the first half
03-20
Binance: Multiple recent incidents within the community have been caused by device environment issues leading to asset security breaches. Users should pay attention to safeguarding their private keys / mnemonic phrases.
03-19
OKX Star Clarification: The Wuhan Ansun Technology Attack Incident Was Not Due to a Security Vulnerability in OKX Web3 Wallet
03-15
CZ: Block explorers should filter out spam transactions to reduce address poisoning risks
03-14
MIIT of China Issues "Six Musts and Six Must-Nots" Recommendations on OpenClaw Security Risks
03-11







Key AI Events, Outlook on Industry Trends
ETH,BNB,SOL Hot Memes
As the 2026 crypto bear market deepens, exit scams and project blowups are becoming increasingly fre
Stock, Commodity & Bond Tokenization
BTC/ETH, Major Cryptocurrencies, and Hot Altcoins Price Trends
Follow new prediction market trends, insight real event expectations.
This column focuses on the real progress of Agents: technological evolution, application implementat
Tracking on-chain movements of the smart money and institutions
Spotlight on Frontier, trending projects, and breaking events
American Crypto Act – timely interpretations of policies worldwide