📢 #Gate Square Writing Contest Phase 3# is officially kicks off!
🎮 This round focuses on: Yooldo Games (ESPORTS)
✍️ Share your unique insights and join promotional interactions. To be eligible for any reward, you must also participate in Gate’s Phase 286 Launchpool, CandyDrop, or Alpha activities!
💡 Content creation + airdrop participation = double points. You could be the grand prize winner!
💰Total prize pool: 4,464 $ESPORTS
🏆 First Prize (1 winner): 964 tokens
🥈 Second Prize (5 winners): 400 tokens each
🥉 Third Prize (10 winners): 150 tokens each
🚀 How to participate:
1️⃣ Publish an
North Korean developers hijacked dormant Waves repositories, embedding code to steal credentials in wallet updates.
PANews reported on June 19 that a North Korean developer gained elevated privileges in the Waves Protocol's Keeper-Wallet codebase. The account "AhegaoXXX" has been pushing updates to the dormant codebase since May 2025, and this account has been confirmed to be linked to a North Korean IT outsourcing organization. Code reviews revealed that a certain submission added functionality to send wallet logs and runtime errors to an external database, potentially stealing mnemonic phrases and Private Keys. Although this branch has not been merged, the attacker has released six long-unupdated malicious NPM packages by controlling the account of former Waves engineer Maxim Smolyakov. The security report indicates that this incident shows North Korean hackers shifting from ordinary outsourcing infiltration to direct control of code repositories. It is recommended that development teams strengthen supply chain protection, including auditing contributor permissions, cleaning up dormant accounts, and monitoring repository redirection. Currently, the download volume of the affected software is low, but there is a risk of credential leakage for Waves users updating the Keeper-Wallet.