According to Foresight News, the founder of SlowMist, Yu Xian, published an article about "a crypto startup project being stolen of hundreds of thousands of USDT". After preliminary investigation, the current situation is: 1. As shown in the image, the malicious owner address (blurred 0xb58) was implanted through the variable name crvTokenAddress, but under the Cursor + Claude 3.7 model, the AI-completed address is not 0xb58, so 0xb58 is highly likely to be manually implanted; 2. Since 0xb58 has owner permissions, it can initiate withdrawal operations, causing the project's own funds to be completely stolen; 3. 0xb58 has too many on-chain traces and is quite cunning. In short, at least the possibility of AI being the main culprit has been ruled out, and human malicious intent is more likely.
According to @0xCat_Crypto, his friend's crypto startup friend was stolen of hundreds of thousands of USDT, with employees being the primary suspects. Currently, the police are not filing a case and have transferred it to the Hangzhou West Lake Cyber Police. The employee in question has already returned home.
