hack
940,994 views
535 Discussing
Hot
Latest
CrossCurve HACKED! $3M GONE!
Warning: Halt all CrossCurve interactions NOW.
Critical vulnerability exploited. Funds drained.
Hackers used fake cross-chain messages.
Gateway authentication bypassed.
PortalV2 contract emptied.
10 hacker wallets identified.
CrossCurve offers 10% bounty for return.
72-hour ultimatum issued. Legal action threatened.
Curve Finance advises caution on Eywa pools.
This is the second major hack in weeks.
Bridges remain prime targets.
This is for informational purposes only.
#crosschain #defi #hack 🚨
Warning: Halt all CrossCurve interactions NOW.
Critical vulnerability exploited. Funds drained.
Hackers used fake cross-chain messages.
Gateway authentication bypassed.
PortalV2 contract emptied.
10 hacker wallets identified.
CrossCurve offers 10% bounty for return.
72-hour ultimatum issued. Legal action threatened.
Curve Finance advises caution on Eywa pools.
This is the second major hack in weeks.
Bridges remain prime targets.
This is for informational purposes only.
#crosschain #defi #hack 🚨
🔥🦅 THE PHOENIX OF ETHEREUM ⚡️ THE DAO RESURGES WITH US💲 220 MILLION❗ 🚀🛡️
😱 Almost ten years after the historic hack of 2016 that split the network, the name that nearly destroyed Ethereum is back. But this time, not as a vulnerability, but as a Security Fund of $220 million. 🧵👇
🧨 1. From "Hack" to Security Treasury
Do you remember the hard fork that created Ethereum Classic ❓ That's right, about 75.109 $ETH (equivalent to ~US$ 220M) were "forgotten" or unclaimed in legacy contracts from that event.
The Big Idea ⥱ Instead of leaving these funds idle, pioneers like Griff Green and the Ethereum Foundation are reviving The DAO as a permanent security endowment.
📊 2. The "One Trillion Dollar Security" Plan
The goal is not just to audit code, but to protect YOU, the end user
Permanent Staking ⥱ ~69.420 $ETH will be staked to generate an annual yield of $8 million, which will fund ongoing audits and security research.
User Focus ⥱ The fund will heavily invest in combating phishing, wallet recovery mechanisms, and withdrawal limits to prevent hackers from draining entire accounts. 🕵️♂️🔒
📈 3. Who's in Command ❓
This is not an amateur project. The board of curators includes heavyweights like Vitalik Buterin, experts from MetaMask and ENS. What was once a painful lesson about "code is law" now becomes the foundation for Ethereum to achieve global banking scale.
📢 I WANT TO HEAR FROM YOU
Do you think this "redemption" of The DAO is the final step for Ethereum to be accepted as the definitive financial infrastructure of the world? 🏛️ vs 🚀
👇 Comment "SECURITY" if you believe that crypto $ETH is stronger than ever in 2026❗
💡 @Leandro-Fumao 📣 This is not financial advice. Always do your own research before investing in any crypto project.
#BinanceSquareFamily #Ethereum #EthereumNews #VitalikButerin #Hack
😱 Almost ten years after the historic hack of 2016 that split the network, the name that nearly destroyed Ethereum is back. But this time, not as a vulnerability, but as a Security Fund of $220 million. 🧵👇
🧨 1. From "Hack" to Security Treasury
Do you remember the hard fork that created Ethereum Classic ❓ That's right, about 75.109 $ETH (equivalent to ~US$ 220M) were "forgotten" or unclaimed in legacy contracts from that event.
The Big Idea ⥱ Instead of leaving these funds idle, pioneers like Griff Green and the Ethereum Foundation are reviving The DAO as a permanent security endowment.
📊 2. The "One Trillion Dollar Security" Plan
The goal is not just to audit code, but to protect YOU, the end user
Permanent Staking ⥱ ~69.420 $ETH will be staked to generate an annual yield of $8 million, which will fund ongoing audits and security research.
User Focus ⥱ The fund will heavily invest in combating phishing, wallet recovery mechanisms, and withdrawal limits to prevent hackers from draining entire accounts. 🕵️♂️🔒
📈 3. Who's in Command ❓
This is not an amateur project. The board of curators includes heavyweights like Vitalik Buterin, experts from MetaMask and ENS. What was once a painful lesson about "code is law" now becomes the foundation for Ethereum to achieve global banking scale.
📢 I WANT TO HEAR FROM YOU
Do you think this "redemption" of The DAO is the final step for Ethereum to be accepted as the definitive financial infrastructure of the world? 🏛️ vs 🚀
👇 Comment "SECURITY" if you believe that crypto $ETH is stronger than ever in 2026❗
💡 @Leandro-Fumao 📣 This is not financial advice. Always do your own research before investing in any crypto project.
#BinanceSquareFamily #Ethereum #EthereumNews #VitalikButerin #Hack
BRIDGE HACKED! FUNDS MISSING NOW $CRSCCrossCurve bridge exploit confirmed. Smart contract vulnerability unleashed. All activity MUST halt immediately. Users, pause everything. Your funds are at risk.
The team found tokens mistakenly sent to wrong wallets. No malice suspected yet. Cooperation is key. Return the funds. A bounty is offered for white-hat assistance.
72 hours. That's the deadline. Return funds or face legal action. We are tracing every asset. Exchanges, stablecoins, analytics firms are on standby. Act fast. Contact us or send funds back. Time is critical.
Disclaimer: This is not financial advice.
#CRSC #CryptoNews #BlockchainSecurity #Hack 🚨
The team found tokens mistakenly sent to wrong wallets. No malice suspected yet. Cooperation is key. Return the funds. A bounty is offered for white-hat assistance.
72 hours. That's the deadline. Return funds or face legal action. We are tracing every asset. Exchanges, stablecoins, analytics firms are on standby. Act fast. Contact us or send funds back. Time is critical.
Disclaimer: This is not financial advice.
#CRSC #CryptoNews #BlockchainSecurity #Hack 🚨
Step Finance treasury hacked: $29 million in SOL leaves Solana front page wallets
📅 January 31
We are not talking about a small protocol, but one that aggregates positions from almost 95% of the network's projects, that organizes the Solana Crossroads conference in Istanbul and that even ventured into the tokenization of stocks like Nvidia and Tesla.
📖The incident was revealed by the Step Finance team itself through a statement on X, where they confirmed a security breach in some of their treasury and commission wallets. Hours before the announcement, onchain data already showed unusual movements: exactly 261,854 SOL were de-staked and transferred out of the addresses linked to the protocol.
The security firm CertiK estimated that the value of the funds moved is around $29 million. However, the team is yet to clarify the root cause of the incident. It is not known whether it was a vulnerability in smart contracts, a flaw in access controls or the direct compromise of private keys. It has also not been confirmed whether user funds, beyond the protocol's treasury, were affected.
Step Finance is not a minor player within the ecosystem. Founded in 2021, it functions as a visualization dashboard that aggregates LP tokens, yield farm positions, and multiple Solana protocols into a single dashboard. Additionally, it operates the SolanaFloor news outlet, manages a validator node, and allocates 100% of the validator's revenue—after operating costs—to repurchases of the STEP token to distribute to those staking xSTEP.
This event adds to a chain of incidents that have hit projects in the Solana ecosystem in the last year. In April 2025, Loopscale lost $5.8 million just two weeks after its launch. In August, CrediX suffered a theft of $4.5 million after controlling an administrative wallet. In November, South Korean exchange Upbit reported a $37 million hack involving assets on the Solana network.
Topic Opinion:
No matter how big or well-known a project is, security remains the Achilles heel of DeFi.
💬 Do you think these types of incidents continue to slow down institutional adoption in Solana?
Leave your comment...
#solana #defi #Hack #CryptoSecurity #CryptoNews $SOL
We are not talking about a small protocol, but one that aggregates positions from almost 95% of the network's projects, that organizes the Solana Crossroads conference in Istanbul and that even ventured into the tokenization of stocks like Nvidia and Tesla.
📖The incident was revealed by the Step Finance team itself through a statement on X, where they confirmed a security breach in some of their treasury and commission wallets. Hours before the announcement, onchain data already showed unusual movements: exactly 261,854 SOL were de-staked and transferred out of the addresses linked to the protocol.
The security firm CertiK estimated that the value of the funds moved is around $29 million. However, the team is yet to clarify the root cause of the incident. It is not known whether it was a vulnerability in smart contracts, a flaw in access controls or the direct compromise of private keys. It has also not been confirmed whether user funds, beyond the protocol's treasury, were affected.
Step Finance is not a minor player within the ecosystem. Founded in 2021, it functions as a visualization dashboard that aggregates LP tokens, yield farm positions, and multiple Solana protocols into a single dashboard. Additionally, it operates the SolanaFloor news outlet, manages a validator node, and allocates 100% of the validator's revenue—after operating costs—to repurchases of the STEP token to distribute to those staking xSTEP.
This event adds to a chain of incidents that have hit projects in the Solana ecosystem in the last year. In April 2025, Loopscale lost $5.8 million just two weeks after its launch. In August, CrediX suffered a theft of $4.5 million after controlling an administrative wallet. In November, South Korean exchange Upbit reported a $37 million hack involving assets on the Solana network.
Topic Opinion:
No matter how big or well-known a project is, security remains the Achilles heel of DeFi.
💬 Do you think these types of incidents continue to slow down institutional adoption in Solana?
Leave your comment...
#solana #defi #Hack #CryptoSecurity #CryptoNews $SOL
🚨 Massive shockwave on $SOL !
STEP Finance just got breached 261,854 $SOL unstaked and gone 😱
Liquidity shaken, market already reacting fast 📉
Every $SOL holder needs to stay alert this isn’t noise, it’s real.
DYOR. NFA.
#solana #CryptoAlertX #Hack 🚨
STEP Finance just got breached 261,854 $SOL unstaked and gone 😱
Liquidity shaken, market already reacting fast 📉
Every $SOL holder needs to stay alert this isn’t noise, it’s real.
DYOR. NFA.
#solana #CryptoAlertX #Hack 🚨
🚨MILLION DOLLAR MISTAKE:😭$ETH
A victim (0xd674) lost 4556 $ETH ($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC...dD2E48.
The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital's deposit address and repeatedly sent dust transactions.
11 hours ago, the victim copied an address directly from transaction history to deposit into Galaxy Digital but copied the poison address instead.
As a result, 4,556 $ETH ($12.4M) was sent to the attacker.
💢A painful lesson!
Always double-check the address before making a transfer.
Don't copy addresses from your transaction history for convenience.
Victim address:
0xd6741220a947941bF290799811FcDCeA8AE4A7Da
#Mistake #crypto #Hack #HackerAlert #hackers
A victim (0xd674) lost 4556 $ETH ($12.4M) due to a copy-paste address mistake.
Victim 0xd674 frequently transfers funds to Galaxy Digital via
0x6D90CC...dD2E48.
The attacker generated a poison address with the same first and last 4 characters as Galaxy Digital's deposit address and repeatedly sent dust transactions.
11 hours ago, the victim copied an address directly from transaction history to deposit into Galaxy Digital but copied the poison address instead.
As a result, 4,556 $ETH ($12.4M) was sent to the attacker.
💢A painful lesson!
Always double-check the address before making a transfer.
Don't copy addresses from your transaction history for convenience.
Victim address:
0xd6741220a947941bF290799811FcDCeA8AE4A7Da
#Mistake #crypto #Hack #HackerAlert #hackers
CLAWDBOT HACKED. YOUR FUNDS ARE NOT SAFE.
Hundreds of API keys and private chat records leaked. Unauthenticated instances exposed. Credential theft and remote code execution are imminent. This is not a drill. Public users MUST implement a whitelist policy NOW. The risk is real. Act immediately to protect your assets.
Disclaimer: This is not financial advice.
#crypto #security #blockchain #hack 🚨
Hundreds of API keys and private chat records leaked. Unauthenticated instances exposed. Credential theft and remote code execution are imminent. This is not a drill. Public users MUST implement a whitelist policy NOW. The risk is real. Act immediately to protect your assets.
Disclaimer: This is not financial advice.
#crypto #security #blockchain #hack 🚨
GOVT HACKER EXPOSED: 40 MILLION VANISHES!
ZachXBT just dropped a bombshell. John Daghita, aka Lick, allegedly siphoned over 40 million USD from a US government-seized address. The largest single heist? A staggering 24.9 million USD. This exploit happened around 2024. His father's company, CMDSS Corporation, has a government IT contract managing seized crypto. The company's online presence has vanished today. Daghita's identity was revealed after a boasting match with another hacker. His wallet is linked to over 90 million USD in stolen funds, targeting victims beyond the US government. This is a massive security breach.
Disclaimer: Not financial advice.
#crypto #hack #blockchain #security 🚨
ZachXBT just dropped a bombshell. John Daghita, aka Lick, allegedly siphoned over 40 million USD from a US government-seized address. The largest single heist? A staggering 24.9 million USD. This exploit happened around 2024. His father's company, CMDSS Corporation, has a government IT contract managing seized crypto. The company's online presence has vanished today. Daghita's identity was revealed after a boasting match with another hacker. His wallet is linked to over 90 million USD in stolen funds, targeting victims beyond the US government. This is a massive security breach.
Disclaimer: Not financial advice.
#crypto #hack #blockchain #security 🚨
#southkoreaseizedbtcloss 🚨 UNBELIEVABLE FAIL IN CRYPTO SECURITY 🚨
Even governments aren’t safe anymore…🙏💥😫
🇰🇷 South Korea’s prosecutors just lost nearly $48 MILLION worth of seized Bitcoin 😱
Yes — that Bitcoin ($BTC
)was confiscated from criminals… and then vanished during a routine security check 😓
southkoreaseizedbtcloss
🔍 Here’s what went down:
👉 The Gwangju District Prosecutors’ Office was inspecting seized BTC when an official accidentally clicked a phishing/scam site while accessing credentials on a USB drive.
👉 Result? Around 70 billion KRW (~$47.7 - $48M) in Bitcoin was stolen — gone.
👉 Prosecutors confirmed the loss but won’t disclose the exact amount or coin count as the investigation continues.
💥 This isn’t just another crypto hack —
It’s a slap in the face to custody practices worldwide.
If LAW ENFORCEMENT can lose Bitcoin this way, what chance do ordinary hodlers have? 😬
📉 Meanwhile:
• Crypto phishing losses globally dropped >80% in 2025 (to ~$83.8M) — but smart scammers still win.
• Chainalysis reports total crypto fraud & scam losses hit ~$17B in 2025 — with AI-powered attacks up 4.5x.
🔥 Even government custody isn’t immune.
Secure your private keys. Use hardware wallets + multisig + offline cold storage.
Because if a prosecutor’s office can get phished… no one is safe. 💀
#Bitcoin BTC #hack #security #SouthKorea #cryptoloss blockchain
Even governments aren’t safe anymore…🙏💥😫
🇰🇷 South Korea’s prosecutors just lost nearly $48 MILLION worth of seized Bitcoin 😱
Yes — that Bitcoin ($BTC
)was confiscated from criminals… and then vanished during a routine security check 😓
southkoreaseizedbtcloss
🔍 Here’s what went down:
👉 The Gwangju District Prosecutors’ Office was inspecting seized BTC when an official accidentally clicked a phishing/scam site while accessing credentials on a USB drive.
👉 Result? Around 70 billion KRW (~$47.7 - $48M) in Bitcoin was stolen — gone.
👉 Prosecutors confirmed the loss but won’t disclose the exact amount or coin count as the investigation continues.
💥 This isn’t just another crypto hack —
It’s a slap in the face to custody practices worldwide.
If LAW ENFORCEMENT can lose Bitcoin this way, what chance do ordinary hodlers have? 😬
📉 Meanwhile:
• Crypto phishing losses globally dropped >80% in 2025 (to ~$83.8M) — but smart scammers still win.
• Chainalysis reports total crypto fraud & scam losses hit ~$17B in 2025 — with AI-powered attacks up 4.5x.
🔥 Even government custody isn’t immune.
Secure your private keys. Use hardware wallets + multisig + offline cold storage.
Because if a prosecutor’s office can get phished… no one is safe. 💀
#Bitcoin BTC #hack #security #SouthKorea #cryptoloss blockchain
#ScrollCoFounderXAccountHacked
Bigger Lesson for Web3 Founders
🔐 #ScrollCoFounderXAccountHacked
This incident is another wake-up call for Web3 founders and teams. As public-facing figures, their accounts carry massive influence and are prime targets for hackers. A single compromised post can lead to financial losses for followers and reputational damage for projects. Best practices like hardware-based 2FA, limited access permissions, and rapid response protocols are no longer optional. For users, the key takeaway is simple: never trust announcements blindly—even from well-known founders—without cross-checking official project channels
#Hack #HackerAlert #Hacked
Bigger Lesson for Web3 Founders
🔐 #ScrollCoFounderXAccountHacked
This incident is another wake-up call for Web3 founders and teams. As public-facing figures, their accounts carry massive influence and are prime targets for hackers. A single compromised post can lead to financial losses for followers and reputational damage for projects. Best practices like hardware-based 2FA, limited access permissions, and rapid response protocols are no longer optional. For users, the key takeaway is simple: never trust announcements blindly—even from well-known founders—without cross-checking official project channels
#Hack #HackerAlert #Hacked
#ScrollCoFounderXAccountHacked
Impact on Scroll & Market Sentiment
⚠️ #ScrollCoFounderXAccountHacked
Account hacks involving founders often trigger short-term fear and uncertainty in the market. While there is no indication of protocol-level issues with Scroll, misinformation from compromised accounts can influence sentiment and price action. Investors should clearly separate social media incidents from project fundamentals. Scroll’s technology, roadmap, and on-chain security remain the real factors to watch. This situation underlines why traders must rely on multiple official sources before reacting to breaking news, especially during volatile market conditions
#HackerAlert #Hack #Hacked
Impact on Scroll & Market Sentiment
⚠️ #ScrollCoFounderXAccountHacked
Account hacks involving founders often trigger short-term fear and uncertainty in the market. While there is no indication of protocol-level issues with Scroll, misinformation from compromised accounts can influence sentiment and price action. Investors should clearly separate social media incidents from project fundamentals. Scroll’s technology, roadmap, and on-chain security remain the real factors to watch. This situation underlines why traders must rely on multiple official sources before reacting to breaking news, especially during volatile market conditions
#HackerAlert #Hack #Hacked
SCROLL CO-FOUNDER HACKED $100M AT STAKE
Entry: 10000 🟩
Target 1: 12000 🎯
Target 2: 15000 🎯
Stop Loss: 9000 🛑
Kenneth Shen's X account is compromised. A hacker is impersonating officials. They're sending phishing scams via DM. This is not a drill. Protect your assets NOW. Ignore all suspicious messages. Verify everything directly. The risk is extreme. Act with extreme caution.
Disclaimer: This is not financial advice.
#crypto #scam #hack #security #alert 🚨
Entry: 10000 🟩
Target 1: 12000 🎯
Target 2: 15000 🎯
Stop Loss: 9000 🛑
Kenneth Shen's X account is compromised. A hacker is impersonating officials. They're sending phishing scams via DM. This is not a drill. Protect your assets NOW. Ignore all suspicious messages. Verify everything directly. The risk is extreme. Act with extreme caution.
Disclaimer: This is not financial advice.
#crypto #scam #hack #security #alert 🚨
🍔 McDonald's Memecoin Hack: Cyber Thieves Steal Around $700,000 in Solana
In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.
💀 The Grimace Memecoin Scam 👾
Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.
📊 Pump & Dump
The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.
💸 The Payout
In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."
⚠️ Aftermath
The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.
#scam #hack #Solana $SOL #RiskManagement
In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.
💀 The Grimace Memecoin Scam 👾
Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.
📊 Pump & Dump
The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.
💸 The Payout
In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."
⚠️ Aftermath
The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.
#scam #hack #Solana $SOL #RiskManagement
🎯️WazirX was hacked, losing more than 230 million USD
💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.
🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.
🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.
📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.
✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.
⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.
#Coinbay #WazirX #hack
💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.
🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.
🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.
📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.
✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.
⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.
#Coinbay #WazirX #hack
Update on the DeFi Hack: Is there an "ethical" hacker? 🤔😇
News about the $40M hack on Vector Finance: The attacker has returned $15 million in ETH to the protocol's wallet this morning.
Along with the transaction, the hacker left an on-chain message stating that they only wanted to "expose a critical vulnerability" and that they would keep 10% as a "reward for the bug". The Vector team is trying to negotiate the return of the rest of the funds.
#DeFi #Hack #Seguridad #Arbitrum #WhiteHats $BTC
$ETH
$BNB
News about the $40M hack on Vector Finance: The attacker has returned $15 million in ETH to the protocol's wallet this morning.
Along with the transaction, the hacker left an on-chain message stating that they only wanted to "expose a critical vulnerability" and that they would keep 10% as a "reward for the bug". The Vector team is trying to negotiate the return of the rest of the funds.
#DeFi #Hack #Seguridad #Arbitrum #WhiteHats $BTC
$ETH
$BNB
Aerodrome and Velodrome Hacked: Base and Optimism's Largest DEXs Suffer Critical Compromise
📅 November 22 | United States
The DeFi ecosystem has been shaken: two of the most important decentralized exchanges—Aerodrome and Velodrome—confirmed that their front-ends were compromised, according to The Block. The teams from both protocols issued urgent warnings for users to avoid their main domains, as the interfaces could be redirecting to malicious contracts capable of draining funds in seconds.
📖The teams behind Aerodrome and Velodrome confirmed that their front-ends —the web interfaces that allow users to interact with the protocol's contracts— were compromised. Although the technical details have not yet been fully revealed, the immediate priority was to warn users not to use official domains, as these could be temporarily controlled by attackers.
Aerodrome, considered the main DEX of Base, accumulates significant daily volumes and manages large liquidity pools. Velodrome, meanwhile, dominates in Optimism, one of the main L2 chains in the Ethereum ecosystem. The simultaneous nature of the attack is concerning because it suggests:
An exploit targeting web infrastructure. A compromise of administrative access. A broader social engineering attack at the hosting or DNS level.
The developers indicated that the smart contracts were not affected, meaning that the funds in the contracts remain safe as long as users do not interact with the compromised front-end. However, this does not eliminate the most immediate risk: if a user signs transactions from the compromised interface, they could be sending tokens directly to a wallet controlled by the hackers.
Both teams are working on verifying logs, recovering access, and restoring full control of the front-end. They also recommended using alternative interfaces, such as direct contract addresses or secure interaction platforms like Etherscan, but only for advanced users.
A persistent vulnerability in DeFi: even if contracts are secure and audited, front-ends remain weak points that can compromise millions with a single oversight. The incident also marks another dark chapter for high-volume DEXs, which in recent months have been targeted by DNS hijacking attacks, embedded phishing, and server compromises.
Topic Opinion:
What happened today demonstrates that even leading protocols can falter if they neglect aspects such as administrative access, DNS, hosting, or multi-signature verification in layers external to the contract.
💬 Do you think DEXs should adopt more decentralized infrastructures for their front-ends?
Leave your comment...
#CryptoNewss #defi #Aerodrome #Velodrome #Hack $VELODROME
The DeFi ecosystem has been shaken: two of the most important decentralized exchanges—Aerodrome and Velodrome—confirmed that their front-ends were compromised, according to The Block. The teams from both protocols issued urgent warnings for users to avoid their main domains, as the interfaces could be redirecting to malicious contracts capable of draining funds in seconds.
📖The teams behind Aerodrome and Velodrome confirmed that their front-ends —the web interfaces that allow users to interact with the protocol's contracts— were compromised. Although the technical details have not yet been fully revealed, the immediate priority was to warn users not to use official domains, as these could be temporarily controlled by attackers.
Aerodrome, considered the main DEX of Base, accumulates significant daily volumes and manages large liquidity pools. Velodrome, meanwhile, dominates in Optimism, one of the main L2 chains in the Ethereum ecosystem. The simultaneous nature of the attack is concerning because it suggests:
An exploit targeting web infrastructure. A compromise of administrative access. A broader social engineering attack at the hosting or DNS level.
The developers indicated that the smart contracts were not affected, meaning that the funds in the contracts remain safe as long as users do not interact with the compromised front-end. However, this does not eliminate the most immediate risk: if a user signs transactions from the compromised interface, they could be sending tokens directly to a wallet controlled by the hackers.
Both teams are working on verifying logs, recovering access, and restoring full control of the front-end. They also recommended using alternative interfaces, such as direct contract addresses or secure interaction platforms like Etherscan, but only for advanced users.
A persistent vulnerability in DeFi: even if contracts are secure and audited, front-ends remain weak points that can compromise millions with a single oversight. The incident also marks another dark chapter for high-volume DEXs, which in recent months have been targeted by DNS hijacking attacks, embedded phishing, and server compromises.
Topic Opinion:
What happened today demonstrates that even leading protocols can falter if they neglect aspects such as administrative access, DNS, hosting, or multi-signature verification in layers external to the contract.
💬 Do you think DEXs should adopt more decentralized infrastructures for their front-ends?
Leave your comment...
#CryptoNewss #defi #Aerodrome #Velodrome #Hack $VELODROME
Login to explore more contents