GoPlus Security 🚦

📢AgentGuard Checkup is Live 🚀 #AgentGuard has been protecting your agent in the background — blocking dangerous commands and scanning suspicious skills. 👉But one question remains: How secure is your agent right now? #Checkup gives you the answer — a full security report in 30 seconds: • 6-dimension scoring: code, credentials, runtime, Web3, config, trust • Severity levels + actionable fixes for every risk • Visual HTML report with Tier rating • Built-in Web3 rules: wallet drain, unlimited approvals, and more Run a check. Know your score 👇 github.com/GoPlusSecurity…

@slightlysw21612 @ManicTrade @SonicSVM We will announce the rewards after the holiday.❤️

@GoPlusSecurity @ManicTrade @SonicSVM 还不公布结果么

Glad to see #GoPlusSecurity AI security capabilities #AgentGuard powering SMART Benchmark 🚀 SMART Benchmark is a standardized evaluation framework for AI trading agents, co-hosted by @ManicTrade and @SonicSVM, built on real trading scenarios and scored across 5 key dimensions to help users better assess agent trading decision-making. 🎯 Participate in the evaluation & win rewards 1️⃣ Leaderboard rewards •Test your AI Agent and get ranked: benchmark.manic.trade 🏆 Compete for the Top 100 share of a $2,000 prize pool 2️⃣ Engagement rewards • Follow @GoPlusSecurity and @ManicTrade • Tag 2 friends • Post your score screenshot under this tweet 🏆 Reward rules (25 winners total, $5U each) • Top 10 highest scores • Top 10 lowest scores • 5 randomly selected participants 📅 Deadline: April 30 (Rewards via X within 7 working days)

1️⃣3️⃣ hours. 5️⃣7️⃣4️⃣ wallets. $760K mysteriously drained. What’s unusual: 84 wallets had been dormant for 5–7 years, about half had activity within the past 12 months, and some were even active just hours before the theft. No signatures. No approvals. Funds were silently wiped. 🕵️ There is only one explanation — private key compromise. According to @the_smart_ape, possible vectors include LastPass database leakage, fake wallets, and malicious trading/sniping bots. 🔐In response to the above risks, #GoPlus provides the following security recommendations: (1) Private keys or mnemonics should NEVER be exposed to any online environment and must be stored offline only (2) If a tool or scenario requires inputting a private key or mnemonic, use a newly created isolated wallet and test with small amounts of funds only

📢 #GoPlus Service Notice Due to a partner node upgrade, GoPlus transaction_simulation API and GSM service may experience partial data anomalies. Our team is actively monitoring the impact and working with the partner to maintain service stability. We will provide further updates once the affected services are fully stabilized. Thank you for your understanding.

🧵2/2 In the AI era, the traditional “one-time audit” model is no longer sufficient to safeguard smart contract security. The industry urgently needs to shift toward a new paradigm: AI-based continuous and routine auditing, protecting smart contracts across their full lifecycle with higher efficiency and lower cost. DeepScan is a next-generation AI-driven smart contract vulnerability discovery engine launched by GoPlus Security. Built for project teams, developers, and security teams, it provides AI-based continuous and routine auditing to protect smart contract security across the full lifecycle with higher efficiency and lower cost. ✅ DeepScan V1 is now live. Try it here: deepscan.gopluslabs.io ✅ The vulnerable ZetaChain contract from this incident has also been added to the GoPlus AI Auditing Benchmark, an AI smart contract auditing benchmark dataset based on real-world attack incidents: github.com/GoPlusSecurity…

🧵1/2 AI Audit Field Test! In just 5 minutes, GoPlus #DeepScan identified the ZetaChain contract vulnerability! On April 26, 2026, @ZetaChain was exploited due to a smart contract vulnerability, resulting in a loss of approximately $300,000. In a field test, GoPlus DeepScan was able to detect this contract vulnerability within 5 minutes. Partial detection results are shown below:

9 seconds❗️A highly anticipated AI assistant personally wiped out all production data that this small business and hundreds of its customers depended on to survive... PocketOS, a U.S. car rental SaaS platform, suffered a devastating technical disaster. It was not caused by a hacker attack, nor by a code logic error, but by a systemic collapse triggered by an AI Agent. 🚒 Incident Reconstruction Founder Jer Crane attempted to use Cursor’s AI agent to fix a credential mismatch issue in the Staging environment. He was using a top-tier industry setup: the Cursor editor + Anthropic’s flagship model, Claude 4.6 Opus. 1. “Deep digging” into permissions During the attempted fix, the AI showed an extremely high level of “autonomy.” It scanned the entire project repository through RAG (Retrieval-Augmented Generation) and “sniffed out” a Railway API Token in a file completely unrelated to the current task. This Token was originally only used to manage custom domains. Railway’s Token mechanism lacked RBAC (Role-Based Access Control). This meant that a CLI Token used for domain management effectively had the highest-level permission to delete the entire production Volume. 2. “Brute-force dismantling” of logic The AI fell into a typical “task-oriented hallucination.” It decided that instead of finding the root cause of the configuration error, it would be more “efficient” to directly delete and rebuild the storage volume. It then constructed a GraphQL API request. Railway’s API lacked any secondary confirmation mechanism for destructive operations such as deletion, such as requiring users to type DELETE for confirmation. 3. “Collateral annihilation” of backups This is the most controversial part of the incident. Railway claimed to provide volume-level backups, but its actual architecture stored backups inside the same volume. When the volume was deleted, all related live snapshots and backups disappeared at the same time. PocketOS eventually discovered that the most recent recoverable backup they could find was already three months old. PocketOS’ experience proves that the current AI industry is moving much faster in promoting agent integration than in building secure architectures. AI can be the most efficient programmer, but without guardrails, it can also become the most terrifying insider threat to a company’s assets. It can amplify your development speed by 10x — and amplify your mistakes by 10,000x. 🛡️ #GoPlus Security Recommendations 1️⃣ Never give an Agent admin access to production environments — its permissions must be stricter than those of any human employee. 2️⃣ All destructive operations must require independent human approval and a cooling-off period — no exceptions, and no “it should be fine this time.” 3️⃣ Real backups must be offsite, offline, and immutable — regularly test recovery procedures, and do not blindly trust “automatic backups.” 4️⃣ Plan Mode does not equal safety — AI creativity will always exceed your imagination, and it can always find unexpected ways to cause damage. 5️⃣ Slow is truly fast — the review time you save today may take months or even years to repay. 6️⃣ Use GoPlus #AgentGuard — a three-layer protection architecture covering all threat entry points 👉 github.com/GoPlusSecurity… #AgentGuard is a real-time security guard layer built specifically for AI Agent users, and it is currently the first true AI Agent runtime security product on the market. In this risk scenario, its core mission can be summarized in one sentence: Your AI Agent has full access to terminals, files, and secrets — and AgentGuard can stop those permissions from being abused.

💣 4 contract exploits in 48 hours! AI + hackers have entered the “countdown-by-the-second” era. Can your contracts still hold up❓ Over the past 48 hours, 4 smart contract attacks have occurred one after another on the #ETH mainnet, with total losses exceeding $1.5M! 1️⃣ Onchain aggregator contract exploited, nearly $1M lost Loss: $983K (384 yvWETH → 429 ETH) Root cause: Missing access control in the execute function + unlimited yvWETH approval from the victim Tx: etherscan.io/tx/0xebaaab69b… 2️⃣ Unauthorized third-party vault contract related to TradingProtocol exploited, nearly $400K lost Loss: $398K Root cause: Missing permission checks Tx: etherscan.io/tx/0x6b04344d5… 3️⃣ BCB contract exploited due to a reentrancy vulnerability Loss: $39.8K Root cause: The all-too-familiar reentrancy vulnerability Tx: etherscan.io/tx/0x879b365b1… 4️⃣ Arbitrary call vulnerability led to QNT asset losses Loss: $124.9K Root cause: EIP-7702 mechanism abuse + missing permission checks in BatchCall → arbitrary call vulnerability Tx: etherscan.io/tx/0x4f31f68df… With #AI entering the battlefield, hackers’ attacks are becoming more precise and faster than ever, compressing vulnerability discovery from “days” to “seconds.” In the face of rapidly evolving smart contract security offense and defense, perhaps the most effective security measure is: Fight magic with magic — AI vs AI ❗️ That is exactly why GoPlus Security launched #DeepScan, a next-generation AI-driven smart contract vulnerability discovery engine. Built for project teams, developers, and security teams, DeepScan provides AI-based continuous and normalized auditing, protecting contract security across the full lifecycle with higher efficiency and lower cost. 📢 Project teams, developers, and security teams — in this countdown-by-the-second security battle, have you started using #DeepScan yet? 👇 deepscan.gopluslabs.io

🧵6/6 Related Transactions Attacker address: 0x00467f5921f1A343b96B9bF71Ae7e9054aE72eA4 Attack contract (ZetaChain): 0xd9dbEec028C12D2dA09a05C9d26709c0Ec722BC1 Vulnerable contract addresses: 0xfEDD7A6e3Ef1cC470fbfbF955a22D793dDC0F44E (ZetaChain GatewayZEVM Proxy) 0xEf195bf421658EA31dbA4Cbf598aF7f9D8791202 (ZetaChain GatewayZEVM Implementation) 0x48b9aacc350b20147001f88821d31731ba4c30ed (Ethereum GatewayEVM Proxy) 0x1fff55ccf855212f6b5530c468b44f9a5246572e (Ethereum GatewayEVM Implementation) Example attack transactions: zetascan.com/tx/0x202581baf… etherscan.io/tx/0x40bcbd603…

🧵5/6 The execute() function here also lacked validation of the data parameter, which allowed the malicious transaction above to be executed.

🧵1/ 6 🚨 GoPlus Security Alert: ZetaChain Exploited — Revoke Permissions to the Vulnerable Contract Immediately! On April 26, 2026, the call() function in @ZetaChain’s contract on #ZetaChain lacked access control and failed to validate the message parameter. Meanwhile, the execute() function in its contract on #Ethereum lacked validation of the data parameter. The attacker exploited this vulnerability and, through an attack contract, stole USDC that victim EOA addresses had approved to the vulnerable contract 0x48b9 (Ethereum GatewayEVM Proxy). Please immediately revoke token approvals granted to the vulnerable contract 0x48b9aacc350b20147001f88821d31731ba4c30ed (Ethereum GatewayEVM Proxy) to prevent your tokens from being stolen!

4/4 📌 Related transactions Attacker address: 0xd8010aca201f6113160200b8a521F35BE9f94C24 Exploited contract addresses: 0x217214bbf25f02a8019d42ea315ab192540ada13 0x81D5D25ea81b72E546fC71B5bAa8B059eF0dA702 Attack transaction: mega.etherscan.io/tx/0xf9b5365e8…

3/4 The transaction in which the attacker was granted BRIDGE_ROLE permission is as follows: mega.etherscan.io/tx/0xb96cff9cb… The grantRole function call here requires permission from an adminRole account. Therefore, it is suspected that the adminRole account with administrative privileges in the ACLManager contract had already been compromised beforehand.

1/4 ⚠️ Vulnerability Analysis: Purrlend Exploit Incident Analysis On April 25, 2026, the lending protocol @purrlend was exploited through its contracts on #MegaETH and #HyperEVM, resulting in a total loss of approximately $1.5M. Root cause: The Purrlend admin account with adminRole is suspected to have been compromised, which allowed the attacker address to obtain BRIDGE_ROLE permissions, pass the _onlyBridge() security check, and carry out the attack.

Yesterday, #Bankless co-founder @TrustlessState revealed that his friend also became a victim of a fake #Ledger wallet listed on the Apple Store. Fortunately, his friend’s $450K worth of #ETH was staked on Figment, and since unstaking required a queue, they worked with white hats and successfully front-ran the attacker via Flashbots to recover all the assets. But not everyone will be that lucky. Since last autumn, 26 malicious apps impersonating major wallets including Bitpie, Coinbase, imToken, Ledger, MetaMask, TokenPocket, and Trust Wallet have been listed on the Apple Store. These fake wallets have now been removed from the Apple Store, but this trend will inevitably continue, including on Google Play. For Chinese users in particular, almost all wallet-related results across Chinese-market search engines and app stores are fake wallets. Therefore, Web3 apps such as wallets and exchanges should only be downloaded through their official website entry points, and the correctness of the official website URL must be carefully verified. thehackernews.com/2026/04/26-fak…