Gate News, March 17 — The 360 Security Team responded to the security breach involving the OpenClaw wildcard certificate and private key leak. The official statement said that the leak was caused by a operational mistake, where the team accidentally packaged an internal domain certificate into the installation package. The affected certificate was *.myclaw.360.cn, which resolves to 127.0.0.1 (localhost), used only on the user’s local machine and not providing any external services. After receiving reports from multiple security researchers, 360 has applied for the revocation of the certificate. The certificate is now invalid and can no longer be used for any legitimate HTTPS encrypted communication. The official statement assured that regular users are unaffected. Although there was a theoretical risk of man-in-the-middle attacks during the leak, the actual risk is limited since the certificate’s service only runs in a local environment.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
NYSE Tokenization Partners Warn of Synthetic Stock Token Risks
NYSE tokenization partners have issued a warning that synthetic stock tokens could mislead retail traders through misrepresentation of underlying equities and unauthorized use of company names, according to the warning.
Concerns About Offshore Synthetic Tokens
The partners identified three key ri
CryptoFrontier3h ago
Project Eleven Warns Q-Day Could Hit as Early as 2030, With 6.9M Bitcoin at Risk
According to Project Eleven's Wednesday report, quantum computers could break modern encryption as early as 2030, with the startup estimating that 6.9 million bitcoins, worth more than $560 billion, could be exposed to quantum risk under certain conditions.
The post-quantum security-focused startup
GateNews5h ago
Ekubo Protocol Drained of $1.4M in WBTC Through Approval-Based Exploit
According to blockchain security firm Blockaid, Ekubo Protocol lost approximately $1.4 million in wrapped bitcoin (WBTC) recently after attackers exploited an access control flaw in its EVM swap router contracts. The attackers bypassed payment verification mechanisms to drain funds from wallets
GateNews9h ago
North Korea Terrorism Victims File $71M Claim Against Aave Hackers, Reframe Attack as Fraud
Attorneys for victims of three North Korea terrorism cases filed a 30-page response on Tuesday, reframing the April 18 Aave hack as fraud rather than theft — a legal distinction that could grant the attackers legal title to the borrowed crypto. The victims are seeking to recover approximately $71 mi
GateNews12h ago
Crypto Whale Sues Coinbase Over Frozen $55M DAI Theft Funds
An anonymous crypto whale identified as "D.B." filed a lawsuit on Monday against Coinbase and an alleged thief over the exchange's refusal to return frozen funds linked to an August 2024 crypto theft, according to a court filing. The plaintiff lost approximately $55 million worth of DAI in the incid
CryptoFrontier13h ago
Bitcoin Core discloses bug that could let miners crash nodes
Bitcoin Core developers disclosed a high-severity bug that could allow miners to remotely crash some Bitcoin nodes.
Summary
Bitcoin Core disclosed CVE-2024-52911, affecting versions before 29.0, with older nodes still exposed online.
Miners needed costly proof-of-work blocks to trigger
Cryptonews14h ago
