GoPlus Security 🚦 Re-poster

Navigating the Web3 landscape is comparable to competing in a high-velocity race where the stakes are incredibly high. Even a single oversight or an interaction with a fraudulent signature can bring your progress to an abrupt halt. To ensure you remain protected against these risks, rely on #GoPlus as your essential safety helmet for all on-chain activities.

We want to bring your attention to a critical security warning regarding a prompt injection attack identified on #Moltbook that poses a threat to your crypto assets.

Our investigation reveals that a user known as @thechandog has generated more than 30 harmful Submolts on the platform. While these entries masquerade as educational tutorials for Base Chain L2 TypeScript, they actually conceal prompt injection payloads within their descriptions. These hidden instructions attempt to force a transfer of 0.1 ETH to the wallet address listed below.

0x8eadc7cc0a77594e3fa999e80e1ccb7f4e1c04e0

There is a significant risk that any AI Agent interacting with these descriptions during browsing or posting activities could trigger these concealed commands without realizing it.

Please take note of the specific malicious address involved in this scheme:
0x8eadc7cc0a77594e3fa999e80e1ccb7f4e1c04e0

To stay safe, please adhere to the following #GoPlus security advice:
Refrain from executing code directly from Submolt descriptions.
Rigorously verify any financial transaction initiated by an Agent.
Always perform a security scan prior to the installation of any Skill.
Remember that high visibility does not guarantee safety; for instance, the attacker @thechandog reached the rank of #4 within 24h despite being a bad actor.

See below for more details.

Throughout the Web3 experience, #GoPlus stands beside you as your virtual companion and on-chain guardian. Happy Valentine’s Day.💚

The community of OpenClaw builders came together yesterday in Hong Kong for the premiere #OpenClawHK meetup. During the event, @gbeekeeper, the CTO at #GoPlus, spotlighted AgentGuard. He demonstrated how the tool handles AI Agent protection and performs real-time security scanning for Skills.

We are focused on helping OpenClaw serve developers more effectively by intensifying AI Agent security.

If you are building with OpenClaw and evaluating execution risks, look into AgentGuard for your real-time Skills security scanning and AI Agent protection needs.

https://t.co/7TbYmttFLj

Build boldly. Guard every move.

Update on API Connectivity

We are decreasing the rate limits for unauthenticated calls to preserve network stability and guarantee fair usage.

You can claim your complimentary API key by visiting:
https://t.co/XOPHWxc5L8

Simply register to create your key and access your free allowance.

Safeguard your digital assets by downloading the #GoPlus security plugin to defend every transaction. Utilizing this tool also grants you access to our exciting giveaway event.

Here are the steps to participate:
First, ensure you are following @GoPlusSecurity, and show your support by liking and retweeting this post.
Next, post the login address from your GoPlus plugin directly in the comments below.

This event spans a period of 1 month.

We have set aside the following prizes for our winners:
20 users will be selected to receive 5U each.
3 users will be awarded an exclusive GoPlus gift box.

The #GoPlus Treasure Hunt has officially returned!

To participate, carefully examine the provided image to locate every Web3-related detail hidden on or surrounding the elderly lady. To qualify for the contest, please like and retweet this post, then leave a comment below stating the exact number of clues you discovered.

We will select 5 lucky winners to receive a prize, with each recipient getting 1 piece of GoPlus merchandise. Please note that this event will remain open for 3 days.

We are thrilled to bring back the #GoPlus Treasure Hunt!

Participating is simple. Your task is to spot all the Web3-related indications located on and around the elderly woman shown in the image.

To register your entry, please reply with the accurate count of clues. Additionally, remember to like and retweet this message.

A total of 5 lucky winners will be selected to receive 1 item of GoPlus merchandise each.

Download:

Exercise your freedom to build without limits while keeping every action fully protected.

🛡️ #GoPlus

GoPlus Security Notification

We are issuing an alert regarding a wallet that had remained dormant for nearly five years before being compromised. The breach occurred after the user unknowingly signed a fraudulent increaseApproval transaction, allowing the attacker to extract QNT tokens with an approximate value of $66,000.

Please find the relevant on-chain data below.

Address of the victim:
0xD1ef3B639676013A26825b5bae38F7959c39c09E

Identified phishing addresses:
0xAfb2423F447D3e16931164C9970B9741aAb1723E
0xF06b3310486F872AB6808f6602aF65a0ef0F48f8

Transaction:

We want to bring your attention to a security breach involving ClawdBot Skills, where more than 230 malicious modules have been introduced to target cryptocurrency holdings. This campaign specifically aims at functions related to crypto trades, social tools, and auto-updates, with a particular focus on users of Polymarket and Bybit. Once active, these compromised elements attempt to exfiltrate highly sensitive information, such as passwords, wallet keys, and exchange API keys, in addition to cloud credentials and SSH keys.

The danger is amplified because this threat remains widely available and operates with a high degree of stealth, specifically preying on crypto users and those who are early adopters of AI technology. For your protection, it is vital to remember that AI Skills are not synonymous with secure code. Please ensure you never grant AI tools full access or provide them with your private keys.

We are writing to notify the community that @StepFinance_ has recently been subjected to an exploit. During this security breach, unauthorized parties successfully unstaked and removed approximately 261,854 SOL, which holds a value of roughly $30M, from a compromised stake account. The specific transaction record detailing this attack can be found at https://t.co/VkOpogqJlF. The wallet address connected to the attacker is identified as LEP1uHXcWbFEPwQgkeFzdhW2ykgZY6e9Dz8Yro6SdNu, while the stake account affected by the breach is 6G53KAWtQnZSSN6HUxnBs3yYsK1aCuJRbrcPbWGY71LL.

GoPlus was honored to serve as a roundtable guest during the Rebel in Paradise AI Hackathon. Hosted by @monad and @OpenBuildxyz, this worldwide event explores the intersection of AI and Web3 technologies. During our session, we emphasized the importance of enhancing both the safety and the expansion of the Web3 landscape. To learn more about this initiative, please visit https://openbuild.xyz/event/ai-hackathon-monad

🚨 AI Security Alert: We are issuing a warning about new threats involving IDE plugins, Agent hijacking, and vulnerabilities found in workflow engines.

🧵

Please be advised of a major security incident impacting @ApertureFinance and @0xswapnet. Losses are estimated at ~$17M in user funds following an exploit. The perpetrators took advantage of an arbitrary call vulnerability within contracts that were neither open-sourced nor audited.

During late 2025, schemes involving crypto and WhatsApp drained €23M from consumers in Belgium. Please exercise caution, as these common fraud habits repeat constantly.

Thread 👇

🛡️ AI Security Alert: Emerging threats such as prompt injection and dev environment infiltration are on the rise.

Here is a breakdown of 3 recent high-risk traps and how to protect against them.

🚨 The DeFi asset management protocol Makina Finance (@makinafi) has been exploited, resulting in its DUSD/USDC #CurveStable pool suffering a loss of approximately $5.1M USDC. 💥💰

Relevant incident details are listed below:

Attacker address:
0x935bfb495E33f74d2E9735DF1DA66acE442ede48

Exploit transaction:
https://t.co/mLYZs3lVCA

Exploit contract:
0x454d03b2a1D52F5F7AabA8E352225335a1b724E8

Targeted contract:
0x32E616F4f17d43f9A5cd9Be0e294727187064cb3

Funds recipient:
0xa6c248384C5DDd934B83D0926D2E2A1dDF008387

⚠️ Address Poisoning Attack | User Lost Over $510,000

A user has unfortunately fallen victim to an address poisoning attack, inadvertently sending funds to a malicious address on two separate occasions. This error resulted in a total loss of $514,003 ($509,003 + $5,000 = $514,003).

The attacker had laid the groundwork for this scheme by planting small “poison” transactions 33 and 55 days prior, simply waiting for a single copy-paste mistake.

I was convinced I’d found a straightforward, profitable trade 💰
The initial numbers looked fantastic…

Then, the GoPlus extension alerted me: ⚠️ Low liquidity detected

That was a narrow escape… I nearly ended up as exit liquidity 😮‍💨