Progress Update on the July 8th Customer Fund Loss Incident

@Gate_zh
TIẾNG TRUNG1 ngày trước · 11 thg 7, 2026
1.1M
253
35
604
111

TL;DR

Gate.io issues a formal apology and progress report regarding the July 8th fund theft, explaining the sophisticated attack methods used and their ongoing collaboration with law enforcement to recover assets.

Regarding the recent account fund issues reported by users, we would like to apologize once again.

After the incident occurred, our initial external communication attitude was inappropriate, failing to put the user's feelings first. This is our problem and an area where we need to seriously reflect and improve. Although we determined immediately that there were no platform security risks, the loss and anxiety of the users are real. We understand everyone's emotions and accept your criticism.

Inappropriate Initial Communication:

The initial communication regarding this incident was not a "deny first, see later" PR tactic. When our internal team handles any user asset incident, the first step is always to have the security, risk control, and compliance teams perform a cross-verification based on facts.

  1. The accuracy and completeness of the information held by the applicant for security option modification were unusually high. The person who applied for the security modification at that time provided the following full set of information after passing the application form liveness verification:
  • Account email and mobile phone number
  • Real-name identity information corresponding to the account
  • Platform transaction history records
  • Alipay transaction screen recording materials
  • Mutually verifiable symmetrical transaction records

In particular, the Alipay screen recording materials were authentic and valid. After our security assessment at the time, we believed that a platform like Alipay, which manages the assets of 800 million users worth trillions, has extremely strict security requirements. This material could only be held by the user themselves or someone very close to them.

  1. In the first step of the application for security option changes, we sent an email and SMS notification to the customer (which the customer later confirmed). After a 2-day review protection period plus a 24-hour withdrawal protection period for the entire incident, the customer did not come to us to raise any objections.
  1. The IP address used by the applicant was in the same region as the IP addresses used for recent account access.

Based on the above coincidences, we made a judgment of suspicion at the time and responded firmly in our PR.

Although the early communication was inappropriate, our support and assistance to the user have never stopped. Immediately after the incident, we established a special task force composed of security, compliance, legal, and business teams. We established an incident handling group with the customer at the first opportunity, assisting them in completing all materials required for police reporting and filing, and actively connecting with relevant channels to advance the cross-border collaboration parts of the case. At the same time, we also assisted the user in contacting a professional legal team to ensure that the rights protection process has professional legal resource support.

Current Progress:

As of now, we have completed the following with the customer:

  1. Further collection of materials and information, communication on the reconstruction of the incident, and device security analysis; (2026.07.09 15:03)
Gate 华语 on X — cover
Gate 华语 - inline image
  1. Continuous on-chain tracking and analysis of the lost fund chain, with real-time fund flow alerts; (24h internal continuous monitoring, alerting, analysis, and follow-up)
Gate 华语 - inline image
  1. Assisting the customer in reporting to the police, cooperating with investigations, and providing materials according to the fund tracking and freezing requirements of various platforms where funds flowed; (2026.07.09 17:42)
Gate 华语 - inline image
Gate 华语 - inline image
  1. Discussing the possibilities of reporting and tracking with the customer, and providing full support from the company's legal department and law firm resources. (2026.07.10 12:32)
Gate 华语 - inline image
  1. Mobilizing all available business resources to contact various partners, including Tether and the exchanges through which the funds flowed, to assist in intercepting and recovering funds; (2026.07.10 14:11)
Gate 华语 - inline image

We are currently continuing to fully invest security, technical, business, and judicial resources to support the customer in fund tracking.

Expected Goals:

We are currently fully cooperating with the user and third parties to push forward in the following directions:

  1. If the police can lock down the personnel involved, we will fully cooperate by providing evidence, materials, and on-chain information to assist in the progress of the case.
  2. If effective collaboration can be reached with third-party institutions such as Tether, we will do our best to push for the freezing of the funds involved.
  3. If the funds can be successfully frozen, we will also fully assist in pushing the process of returning the funds to the user.

Although these depend on the efficiency of police filing, judicial collaboration, and the speed of third-party cooperation, and there are uncertainties, as long as there is a glimmer of possibility, we will continue to invest resources to push forward and help the user get their funds back.

Gate Security Explanation:

  1. With the breakthrough in AI image and video generation capabilities in recent years, liveness verification has long been unable to serve as an independent security verification method. This is already a consensus in the security industry, and Gate has never treated it as the sole criterion. In principle, it is more like an early verification tool like CAPTCHA; even if it has long been cracked by AI, it will not affect the overall account security level because Gate's true security defense line is a four-fold verification of "multi-channel advance notification + system risk control pre-screening + manual multi-layer review + time protection," completed independently by two reviewers according to the four-eyes principle.
  1. We also want to explain again the IP addresses like 10.x.x.x appearing in the logs. These are internal VPN addresses used by Gate customer service personnel during operations, representing the actions performed by the reviewer after the full process is completed. The system keeps complete records, which is compliant.
  1. Additionally, regarding the rumor that "former employees holding user data unbind user accounts," we would like to make a clarification. As a professional financial platform that has operated for over 13 years, we have a mature authority control and data leakage prevention system and logs.

In addition to the platform holding international security certifications such as ISO/IEC 27001 and PCI DSS, we have strict hierarchical access control and access log records for all customer data. When any suspicious problem arises, we can perform log backtracking verification in a timely manner to see if there is a leak. After investigation, no information leakage logs exist in this incident.

During the unbinding review process, we required the user to provide Alipay record screen recordings for a specified time period. The applicant submitted these materials completely and accurately. The platform did not previously possess these materials, so there is no possibility of a platform leak. In this case, we also found more sensitive identity information of the user provided by the applicant, which the platform also did not previously possess. The information came from outside. Because it involves sensitive user information, it cannot be displayed here, but we will cooperate and provide it to judicial authorities.

These mechanisms together constitute Gate's complete security protection system, and we always maintain strict control over the platform's account security.

There is no end to security; we will always keep moving forward.

Conclusion

Finally, we would like to apologize again to the users and friends who are following this matter for the deficiencies in our early PR handling. This incident has also shown us that we still have many areas to improve in responding to emergencies. We will seriously review and continuously optimize.

Regardless of the investigation results, our support for the user will not stop. We also thank the netizens who have stood up to supervise us during this time; we have seriously listened to your urging.

Lưu một chạm

Đọc sâu bài viết viral bằng AI trong YouMind

Lưu nguồn, đặt câu hỏi tập trung, tóm tắt lập luận và biến một bài viết viral thành các ghi chú có thể tái sử dụng trong một không gian làm việc AI duy nhất.

Khám phá YouMind
Dành cho nhà sáng tạo

Biến Markdown của bạn thành bài viết 𝕏 gọn gàng

Khi bạn đăng bài viết dài của riêng mình, việc định dạng hình ảnh, bảng và khối mã cho 𝕏 rất mệt mỏi. YouMind biến cả bản nháp Markdown thành một bài viết 𝕏 gọn gàng, sẵn sàng để đăng.

Thử Markdown sang 𝕏

Thêm pattern để giải mã

Bài viết viral gần đây

Khám phá thêm bài viết viral