News

According to TechFlow, on December 21, Artemis Analytics released its latest research report, which provides an empirical analysis of the actual payment use cases of stablecoins on the Ethereum network, focusing on peer-to-peer (P2P), business-to-business (B2B), and person-to-business/business-to-person (P2B/B2P) payment activities. The research focuses on Ethereum because this chain hosts about 52% of the global stablecoin supply, with USDT and USDC accounting for approximately 88% of the market share. The study points out: Stablecoin payments (transfers between EOA accounts) account for about 47% of the total stablecoin transfer volume (about 35% if internal transfers between accounts of the same institution are excluded), indicating that not all on-chain stablecoins are used for trading or DeFi, but a large portion is used in payment scenarios. In terms of transaction count, about 50% of stablecoin transactions are user-to-user payments (EOA-to-EOA), while the other half involves smart contracts (mainly DeFi). In terms of transaction value, payments by institutions or large accounts make up the vast majority, showing that the value density of stablecoin payments is concentrated among large accounts. Stablecoin transfers on Ethereum are mainly driven by a small number of wallets, with the top 1,000 wallets contributing about 84% of the total transaction volume, reflecting that payment activity in terms of actual value is highly concentrated among large holders or institutions.

According to Odaily, the GitHub project polymarket-copy-trading-bot has been found to contain malicious code. When the program is launched, it automatically reads the user's wallet private key from the .env file and transmits it to a hacker's server via a hidden malicious dependency package, [email protected], resulting in asset theft.

 GitHub project polymarket-copy-trading-bot has been injected with malicious code. The program automatically reads the wallet private key from the user's .env file upon startup and exfiltrates it to a hacker server through a hidden malicious dependency package [email protected], resulting in asset theft.