Here’s a proposal for the phishing victim support program for ZEROBASE users:
On December 12, 2025, we identified external phishing activity resulting from a compromised third-party service provider. This allowed scammers to deploy phishing authorization prompts across multiple websites (not wallet sites), including the ZEROBASE website. Some of the ZEROBASE users are among the victims.
Incident Review:
Scammers compromised a npm package maintained and distributed by an independent third party, tampering the dependency chain. This manipulation affected the presentation of transaction contexts. Consequently, some users interacting with the ZEROBASE website encountered abnormal authorization requests. After the user confirmed the authorization, scammers utilized the permissions to drain USDT assets from the users’ wallets. This supply chain compromising threat existed regardless of the access methods or entry points used by users.
Upon detecting the phishing activity, our team immediately notified users to revoke the malicious phishing authorizations, suspended website access, and advised all users to revoke phishing authorizations in their wallets. Simultaneously, we took measures to isolate and remove the affected dependencies. However, because interactions happened in a self-custodian environment, some users still got phished.
The team has taken legal actions and will collaborate fully with exchanges and law enforcement to pursue the hackers.
Funds held within ZEROBASE Vaults and smart contracts remain completely secure and unaffected.
We extend our deepest concern and regret for the inconvenience caused to our family of users who suffered losses due to this phishing activity. ZEROBASE DAO will provide relief assistance to impacted users, with the hope that everyone can continue to enjoy a safe and fulfilling crypto experience.
We will distribute USDT relief assistance to eligible affected users.
Eligibility Criteria:
-
Incident Period: December 9, 2025, 00:00 – December 12, 2025, 23:59 (UTC+8).
-
Conditions:
-
Interacted with the ZEROBASE website.
-
Granted malicious authorization to the malicious contract.
-
Funds were transferred to the malicious contract.
-
Application Details:
-
Application Period: From today until December 19, 2025, 23:59 (UTC+8).
-
Distribution Details: Relief assistance will be distributed based on the amount of loss, capped at 1,000 USDT. Funds will be uniformly distributed to eligible wallet addresses by ZEROBASE DAO before December 20, 23:59 (UTC+8).
-
Application Method: All affected users should contact our dedicated account manager Jacky (Telegram: @Jacky9992). We will prioritize your requests.
This storm will pass. ZEROBASE appreciates your trust and support. We are committed to protecting our users through concrete actions and growing together with you.
We urge all users to remain vigilant against social engineering and phishing attempts. Always verify contract addresses through official channels before signing transactions.
本帖子是关于ZEROBASE DAO启动被钓鱼用户补贴计划的方案
2025年12月12日,由于第三方供应链服务遭遇黑客攻击,导致黑客在包括ZEROBASE网站在内的多个页面(非合作钱包)放置了钓鱼授权,被钓鱼用户向黑客提供恶意授权后,黑客可以转走用户授权账户内的USDT。截止本文发表时,已经有一些ZEROBASE用户遭受了经济损失。
具体事件回顾:
诈骗者通过入侵独立第三方维护并推送分发的 npm 包,篡改了该依赖链中的上游组件,影响了交易上下文的解析。部分用户与ZEROBASE网站交互会遭遇异常授权请求,用户在确认授权后,诈骗者随即利用获取的权限将用户钱包中的USDT资产转出。此供应链投毒行为与用户使用的访问方式及入口无关。
团队发现钓鱼行为后,第一时间通知了用户取消恶意钓鱼授权,暂停了网站访问,并且提示所有用户检查在钱包内的恶意授权,并同步采取隔离及移除受影响依赖项的措施。但由于相关交互发生在用户自主保管的钱包环境中,仍有部分用户遭受资产损失
目前团队已经报警,后续会和交易所与警方全力追拿黑客。
用户存在ZEROBASE理财内的资金都非常安全,不会受到任何影响。对于因为钓鱼行为受到损失的家人,我们深表关切并且为带来的不便表示歉意,ZEROBASE DAO也会向受损失的用户提供补贴,希望大家的加密生活安全美满。
我们将向符合条件的受损用户发放USDT补贴。
资格条件:
事件发生时间: 2025年12月9日00:00 - 12月12日23:59(UTC+8)。
条件: 与ZEROBASE有过交互,授权给了恶意合约,资金被转给了恶意合约。
申请时间:即日起截至12月19日晚上23:59 (UTC+8)。
发放细节: 按受损金额发放。金额最高为1,000 USDT,将于12月20日23:59(UTC+8)前由ZEROBASE DAO统一发放到钱包地址。
申请方式: 请所有受损用户联系专属客户经理 Jacky (telegram:@Jacky9992),我们将开通绿色通道快速响应。
风波终将过去,ZEROBASE感谢您的信任与支持,我们将以实际行动守护用户,与大家共同成长。
风险提示:我们敦促所有用户保持警惕,防范社会工程学攻击和网络钓鱼企图。在签署交易前,请务必通过官方渠道核实合约地址。