According to the Slow Fog Block Chain Threat Intelligence (BTI) system monitoring and slow fog AML data, there have been many IP address abduction and replacement attacks against digital currency exchanges in the past 10 months, including but not limited to: third parties JS malicious code embedding, third-party NPM module contamination, Docker container contamination. The Slow Fog Safety Team recommends that digital currency exchanges strengthen risk control measures, such as: 1. Pay close attention to the risk of third-party JS links; 2. The billing address should be a whitelist address, and a two-factor check should be set when adding. Select from the whitelist address and strictly check the background. In addition, you should pay more attention to the internal background permissions control to prevent internal crimes.