risks

The slow fog余弦 social media stated that the high-risk iOS attack framework DarkSword has been publicly leaked on channels such as GitHub and is being used for large-scale espionage attacks targeting cryptocurrency wallet holders.This attack program targets devices running iOS versions 18.4 to 18.7, utilizing vulnerabilities in the Safari browser through malicious web pages to achieve remote code execution, thereby stealing users' sensitive data. Attackers launch attacks using bait web pages that impersonate pornographic live streams, Tron energy stations, refund processes, and more.iPhone users running older versions of iOS, once they access such web pages using the Safari browser (even if they do not close the page), may have sensitive information such as plaintext private keys and mnemonic phrases stolen by malicious JavaScript code when unlocking the wallet app, which is then transmitted in real-time through channels like Telegram bots.

The cryptocurrency research institution Delphi Digital released the latest report "How Far Can Saylor Stretch It," which systematically analyzes the Bitcoin (BTC) funding expansion mechanism of Strategy, pointing out that its financing structure is transitioning from "low-cost accumulation" to the "diminishing marginal efficiency" stage. The report shows that in the current asset accumulation system centered around Bitcoin, STRC has become the core financing tool for Strategy's continuous purchase of BTC. Initially, it relied on a significant premium in MSTR's stock price (mNAV far exceeding BTC's net value) to achieve a positive cycle of "issuance leads to accumulation," but as the valuation has fallen back to about 1.24 times the EV-based mNAV, the BTC per share enhancement effect from common stock issuance is nearing breakeven.At the same time, while convertible bond tools have played an important role historically, they have accumulated about $8.2 billion in principal and will face concentrated repayment pressure after September 2027, putting long-term sustainability of the financing structure under pressure. STRC provides a continuous financing source for Strategy by offering approximately 11.5% annualized monthly dividends to income-oriented investors, to maintain the pace of BTC purchases. However, this mechanism also introduces ongoing cash flow obligations, meaning that each round of financing increases BTC assets while simultaneously accumulating future dividend burdens.The report emphasizes key risk scenarios: if BTC prices remain stagnant and MSTR's premium fails to recover, then the "STRC financing purchase gain" may be gradually offset by "common stock dilution and dividend obligations." Although the company's approximately $2.25 billion cash reserves can cover about $1 billion in redemption pressure in 2027, larger-scale debt and dividend structures in 2028 still need to be addressed. Additionally, the current authorized issuance limit of about $28.3 billion for STRC becomes a critical constraint point. Once the limit is reached, the ability to purchase new BTC may slow down, but existing dividend obligations will continue to exist, thus altering the overall BTC per share dynamic growth path.

According to Jinshi reports, ECB Governing Council member Nagel stated on Friday that due to the Iran war, the European Central Bank is "highly vigilant" about rising inflation risks and will take action as needed to prevent rising energy costs from spreading more broadly to prices. Nagel emphasized that although the medium-term impact of the conflict on inflation is "still difficult to assess," policymakers are prepared to respond to ensure that energy-driven price increases do not spread and become entrenched.

According to market news, Coinbase, Kraken, and Gemini submitted revisions to the U.S. Senate Agriculture Committee, requesting the removal of the provision in the digital asset bill that requires trading platforms to list only tokens that are "not readily susceptible to manipulation."The three companies believe that this provision will increase the difficulty of listing small-cap, low-liquidity tokens and could be used by future CFTC chairs as a tool for tightening regulation. The current draft aims to grant the CFTC broader powers over the spot markets for "digital commodities" such as Bitcoin and Ethereum. The Senate Agriculture Committee has already passed the relevant sections along party lines, and further significant modifications will be made to gain support from the Democrats.

Bitcoin fell below the $80,000 mark this week, following a five-day streak of net inflows into spot ETFs, as the market's rebound momentum from February's lows showed signs of cooling. The U.S. April non-farm payroll data added 115,000 jobs, exceeding the expected 62,000, while the unemployment rate remained at 4.3%. Although the overall data was relatively strong, it did not significantly alleviate market concerns about macroeconomic uncertainty; instead, it reinforced expectations that "energy-driven inflation limits the space for interest rate cuts."In terms of capital flow, the spot Bitcoin ETF saw a net outflow of $277 million on Thursday, ending a previous cumulative inflow of $1.69 billion; the Ethereum ETF also recorded a net outflow of $104 million on the same day, indicating a short-term cooling of institutional risk appetite. On the geopolitical front, tensions between Iran and the U.S. have escalated again, prompting the market to reprice the risks in the Strait of Hormuz, leading to a rebound in oil prices, which partially offset the support that previous risk assets received from the decline in oil prices.The derivatives market shows a more long-term hawkish outlook, with interest rate futures pricing in over a 50% probability of rate hikes beyond 2027, suggesting that the easing cycle may be delayed until 2028. On-chain data indicates that the current rise in Bitcoin is primarily driven by institutional spot buying and short covering, with retail participation remaining relatively low, and funding rates maintaining a moderate level, resulting in a weak market momentum structure. Analysts believe that if retail funds do not return, BTC may still face the risk of testing the support range of $75,000 to $78,000.

According to Bloomberg, ECB President Lagarde stated that even euro-denominated stablecoins pose risks to financial stability and the transmission of monetary policy, questioning the necessity of introducing such tools.She pointed out that while euro stablecoins could lower financing costs in the euro area and enhance the global appeal of the euro, the costs are significant and outweigh short-term benefits. Lagarde emphasized that if the goal is to enhance the international appeal of the euro, stablecoins are not an effective means. She referenced a working paper from the ECB in March, which warned that the widespread adoption of stablecoins would pose significant risks to euro area banks and monetary sovereignty. She stated that Europe's task is not to "replicate tools developed elsewhere" and continues to push for the introduction of a digital euro.

According to market news, LayerZero Labs co-founder and CEO Bryan Pellegrino had a heated debate with security researchers today in the ETHSecurity Community Telegram group. The core controversy includes: since LayerZero Labs can immediately upgrade a default library contract without a time limit to forge messages (similar to the case where rsETH was hacked), the LZ OFT, valued at over $3 billion, is recently at risk of being stolen; researcher Banteg pointed out that mainstream projects like Ethena and EtherFi were still using this default library contract weeks ago, and currently, there is still $178 million worth exposed to risk, with these funds coming from projects that are still using the default library.On-chain data shows that LayerZero Labs multi-signature signers participated in non-multi-signature activities such as meme coin trading, DEX exchanges, and cross-chain bridging, which means that the multi-signature keys in the formal environment were connected to websites, increasing phishing risks. Regarding the multi-signature signers of LayerZero using production environment keys for trading activities, Bryan confirmed that the related transactions were completed by members of the multi-signature team, but denied that it was "meme coin trading," explaining it as "testing PEPE on the LZ OFT token standard," and stated that the involved member has been removed. Bryan also suggested that project parties "directly fix configurations" instead of using default configurations to reduce risks. Banteg subsequently tagged a long list of LayerZero users still using the default library contract, pointing out that these projects should migrate to fixed configurations as soon as possible.

According to Jinshi reports, Federal Reserve's Goolsbee stated that the longer oil prices remain high, the more likely people will incorporate higher inflation expectations into their considerations, which will be an "extremely tricky" situation for the central bank.

According to Jinshi News, St. Louis Fed President Bullard stated that there is significant uncertainty regarding the outlook for the U.S. economy and monetary policy. He believes that the risks associated with current inflation are rising compared to employment risks. Bullard pointed out that inflation is significantly above the 2% target level, and the risks are more tilted towards inflation rather than employment.He mentioned that the Fed's benchmark policy rate is currently at a neutral level, possibly slightly leaning towards easing, and there is a reasonable scenario for maintaining the current policy rate, but further rate cuts or increases may also be necessary.

According to Jinshi reports, Federal Reserve's Williams stated that the risks to the Federal Reserve's dual mandate have increased, and the economy is facing unusual circumstances.

According to market news, Binance has announced the launch of a user-controlled "Withdraw Protection" feature, aimed at preventing offline coercion attacks (commonly known as "wrench attacks") against cryptocurrency holders. This feature allows users to actively lock their account withdrawal permissions for 1 to 7 days and provides a stricter "lock mode," which cannot be lifted early during the set period.Binance stated that this locking mechanism cannot be overridden by platform customer service but is controlled by internal policy, not an on-chain cryptographic lock. Binance's Chief Security Officer, Jimmy Su, indicated that this move stems from the risk trends observed on the platform, including cases where some users in high-risk areas have been forced to transfer funds. By setting a withdrawal delay, it can buy users time to respond and recover in extreme situations.Data shows that incidents of offline coercion against cryptocurrency users are significantly rising in 2025, with related attacks often bypassing traditional account security mechanisms, as the actions are completed by the users themselves under pressure. Industry insiders believe that the time-lock mechanism can change this risk model to some extent. Binance emphasizes that this feature does not affect law enforcement agencies' ability to act in accordance with the law, while also advising users to strengthen API key management and privacy protection to reduce the risk of being targeted.

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has noted Iran's threats to shipping and its demands for "tolls" to ensure safe passage through the Strait of Hormuz. These demands may include various payment methods, such as fiat currency, digital assets, offset arrangements, informal swaps, or other physical forms of payment, such as nominal charitable donations to the Iranian Red Crescent Society, the Bonyad Mostazafan Foundation, or accounts of Iranian embassies.OFAC issued this warning to remind U.S. and non-U.S. entities that making payments to the Iranian regime or seeking passage guarantees carries sanctions risks, regardless of the payment method. Under U.S. sanctions regulations, U.S. entities and their foreign entities that are owned or controlled are generally prohibited from engaging in transactions with the Iranian government, including providing or receiving services, unless exempted or authorized. Additionally, U.S. entities are also prohibited from engaging in transactions with the Islamic Revolutionary Guard Corps (IRGC), which is listed on multiple sanctions lists and designated as a foreign terrorist organization.U.S. entities are also generally prohibited from trading with Iranian digital asset trading platforms, which are considered sanctioned Iranian financial institutions. Furthermore, non-U.S. entities that engage in unauthorized transactions with the Iranian government or IRGC may also face sanctions risks, including "secondary sanctions" on relevant financial institutions, restricting their access to the U.S. financial system. Conducting business with sanctioned Iranian digital asset trading platforms may also be viewed as supporting Iran's sanctioned financial system and could lead to sanctions. If relevant transactions result in U.S. entities (such as insurance companies, reinsurance firms, or financial institutions) violating sanctions regulations, non-U.S. entities may also face civil or criminal liability.

According to Jinshi reports, Federal Reserve official Kashkari disagreed at the Federal Open Market Committee meeting, believing that the uncertainty in the Strait of Hormuz means the Federal Reserve should acknowledge the risks of interest rate hikes in its statement.

According to Jinshi News, ING analyst Carsten Brzeski stated in a report that ECB President Lagarde's remarks at the press conference indicate that a rate hike in June is one step closer. Lagarde emphasized that the risks on both growth and inflation are intensifying, although the decision to keep interest rates unchanged was unanimous. Brzeski pointed out that the ECB has introduced a clear inclination towards rate hikes in its wait-and-see stance.

According to Jinshi reports, Federal Reserve Chairman Powell stated that the current dual mandate of the Federal Reserve is at risk.

According to Jinshi News, Derek Halpern, a bank analyst at Mitsubishi UFJ Financial Group, stated in a report that if the Federal Reserve acknowledges that the Iran war driving up energy prices could lead to rising inflation, the dollar may strengthen. He pointed out that this interest rate decision could be the last meeting during Chairman Powell's tenure, and it may emphasize that the risks to price stability are accumulating. This could lead to a sharp rise in the front end of the U.S. yield curve and reinforce initial signs of improving dollar demand.

According to The Block, cryptocurrency mining company MARA's CEO Peter Thiel announced the establishment of a nonprofit organization, the MARA Foundation, dedicated to the long-term health, resilience, and adoption of the Bitcoin protocol. The foundation will support the development of anti-quantum tools (such as PQ wallets and the BIP 360 proposal), believing that while quantum computing is not an immediate threat to Bitcoin, network upgrades take time, and early preparation is crucial.The foundation will also allocate resources to ensure Bitcoin's security budget, support the development of a robust and healthy Bitcoin transaction fee market, and launch a global multilingual education program, expand access to self-custody tools, and engage in advocacy work aimed at policymakers and activists.

Aave has released the latest developments regarding the rsETH security incident on platform X, disclosing that operations related to rsETH reserves have been suspended on the Ethereum mainnet and networks such as Arbitrum, Base, Mantle, and Linea, in order to prevent excess aETH rsETH from being withdrawn, thereby pushing the position closer to the 95% liquidation threshold.This measure aims to preserve as much capital as possible during the asset recovery plan process and reduce systemic risk. Aave stated that further developments and disposal plans will continue to be disclosed to the community.

The Bank for International Settlements (BIS) released a report indicating that cryptocurrency exchanges are gradually providing bank-like services, such as lending and earn products, but lack the regulation and deposit protection found in traditional financial systems, posing systemic risks.The report states that these high-yield products are essentially closer to "unsecured loans," where user assets are often used by the platform for high-risk operations such as lending, trading, or market making, and users only hold a creditor position against the platform. If the platform encounters problems, users will be directly exposed to repayment risks. The BIS also noted that leading cryptocurrency platforms have evolved from single exchanges into "multi-functional intermediaries," integrating the functions of banks, brokerages, and exchanges, but lacking transparency and risk isolation mechanisms. The previous collapses of Celsius Network and FTX are typical cases of such structural risks. Additionally, the report mentioned that the flash crash in the cryptocurrency market in October 2025 triggered approximately $19 billion in forced liquidations, highlighting the chain reaction risks under high leverage and opaque structures.