cryptohack

ResupplyFi lost $5.59M in a crypto hack on June 26, 2025.
Attacker manipulated cvcrvUSD exchange rate via contract donations.Low-liquidity markets enabled theft with minimal collateral.DeFi platforms urged to enhance smart contract security.Industry calls for better oracles and liquidity management.
$5.59M Stolen in ResupplyFi Attack
A crypto hack targeting ResupplyFi resulted in a loss of approximately $5.59 million. The breach, detected on June 26, 2025, involved suspicious transactions that exploited vulnerabilities in the platform’s smart contracts. Attackers manipulated the exchange rate of cvcrvUSD, leading to the theft of a significant amount of reUSD tokens.
The attack centered on the cvcrvUSD Controller contract. By making strategic donations, the attacker artificially inflated the token’s share price. This allowed them to borrow a large volume of reUSD tokens with minimal collateral, draining substantial assets from the protocol.
ResupplyFi, a decentralized finance platform, relies on low-liquidity markets for certain token pairs. The attacker exploited this, using just two crvUSD tokens to borrow millions in reUSD. Such vulnerabilities highlight ongoing risks in DeFi ecosystems, where low-liquidity pools can be prime targets for manipulation.

Security systems flagged the suspicious activity early, but the attacker’s swift execution caused significant damage before interventions could be implemented. The incident underscores the need for robust safeguards in decentralized lending protocols.
DeFi Security Under Scrutiny
The ResupplyFi crypto hack has reignited discussions about DeFi vulnerabilities. Exchange rate manipulation in low-liquidity markets remains a persistent threat. Attackers exploit empty or thinly traded pools to distort prices, enabling large-scale theft with minimal initial investment.
This incident follows a pattern seen in other DeFi exploits. Similar attacks have targeted lending protocols by inflating share prices through strategic donations or flash loans. The ResupplyFi breach involved a donation to the cvcrvUSD Controller, which skewed the token’s value and allowed the attacker to siphon off funds.
Decentralized finance platforms face increasing pressure to enhance security measures. Smart contract audits and real-time monitoring are critical to detecting and preventing such exploits. The ResupplyFi hack serves as a reminder of the importance of rigorous validation of mathematical functions in smart contracts.
Industry experts emphasize the need for improved oracle mechanisms to ensure accurate pricing data. Protocols like Chainlink provide decentralized price feeds to mitigate manipulation risks, but adoption remains inconsistent across DeFi platforms. Enhanced liquidity management and stricter access controls could also reduce vulnerabilities.
The ResupplyFi incident has prompted calls for greater transparency in DeFi operations. Platforms are urged to disclose security measures and undergo regular third-party audits. Strengthening these defenses is essential to maintaining user trust in decentralized finance.
The broader crypto community is now analyzing the attack’s fallout. Blockchain security firm SlowMist reported the breach through its MistEye monitoring system, highlighting the stolen funds’ movement. Such tools are vital for tracking illicit transactions and aiding recovery efforts.
ResupplyFi has not yet announced specific recovery plans or user compensation. The platform’s team is likely investigating the breach to prevent future incidents. Meanwhile, affected users await updates on potential restitution measures.
The hack’s scale underscores the growing sophistication of cybercriminals targeting DeFi. As the sector expands, so does the need for advanced security frameworks. Platforms must prioritize resilience against manipulation tactics to protect user funds.
This breach adds to a string of high-profile DeFi attacks in 2025, raising concerns about the sector’s maturity. Investors and developers alike are calling for standardized security protocols to safeguard the ecosystem. For more insights into DeFi security, resources like Cointelegraph and The Block offer in-depth coverage of blockchain vulnerabilities and solutions.

#CryptoHack #ResupplyFi #DeFiSecurity #BlockchainVulnerability #SmartContractExploit

#CryptoHack
Binance founder Changpeng Zhao speaks out after Cointelegraph and CoinMarketCap hacks, warning community.
In recent days, all the talk has been about the archive of 16 billion passwords made public in one of the largest archives available to cybercriminals today.
The crypto sector is also on high alert after two major sites, CoinMarketCap and Cointelegraph , were hacked.
In response to these incidents, Binance founder Changpeng Zhao sounded the alarm. He urged the crypto community to be careful when linking their wallets.
Changpeng Zhao Warns Against Rising Cryptocurrency Attacks
Following the attacks that hit CoinMarketCap and Cointelegraph, Binance founder Changpeng Zhao stepped in to warn users of the growing number of similar incidents in the crypto world .
CZ urged crypto people to be cautious whenever they allow wallet linking. In his post he wrote:
Two days ago CMC, now CT. Hackers are targeting news sites. Be careful when authorizing wallet connection.

Not only CZ, but also Web3 security company CertiK reiterated the need to take countermeasures to prevent these attacks.
Today, attackers are moving from exploiting vulnerabilities in smart contracts to targeting users through social engineering schemes . This is the psychological manipulation technique that tricks the victim into believing they are dealing with a legitimate site when in fact they are interacting with fake interfaces capable of stealing data and capital.
Last May, Coinbase also suffered a security breach, during which hackers stole sensitive information from key customers.
According to CertiK, the number of crypto attacks carried out after breaching wallet data is growing . This is a change in strategy by cybercriminals that has led to large losses already in the first half of 2025. Thefts this year amount to $2.1 billion, mostly due to wallet breaches and phishing attacks.

CertiK co-founder Ronghui Gu said :
Attackers always target the weakest link… Previously, it was smart contracts or blockchain code, but now hackers believe that weaknesses may stem more from human behavior than code.
What Happened to CoinMarketCap and Cointelegraph?
Changpeng Zhao's warning comes after CoinMarketCap and Cointelegraph admitted to having suffered major cyber breaches .
The Hack Against CoinMarketCap
According to CoinMarketCap, the attacker committed a security breach , in which hackers exploited a vulnerability in the platform.
The compromised site displayed a fake pop-up notification that attempted to trick users into verifying their crypto wallets , but CoinMarketCap promptly removed the code.
In his post, Changpeng Zhao revealed that CoinMarketCap has reported 39 victims, who have suffered a total loss of $18,570 based on the first on-chain analysis. The platform has pledged to cover all losses.
The attack against Cointelegraph is sophisticated and sneaky
Crypto news outlet Cointelegraph has confirmed that its site was hacked via a front-end exploit. The manipulated site promoted a fake token airdrop and aimed directly at users’ capital.
The media outlet identified the presence of a “fake pop-up” and reported that it is working to find a solution.
The platform warned users with a message: “Do not click on these pop-ups, do not connect your wallets and do not enter any personal information.”
In practice, the fake pop-up notification promoted a now common scam that promised participation in a non-existent giveaway .
The usual message informed users that they had been selected to receive tokens as part of the platform's 'fair launch' initiative.
It displayed a fake token price, promising users around $5,500 in tokens if they linked their wallet, and even went as far as to fake CertiK audit approval. The attacker used a similar tactic to the one used in the CoinMarketCap attack that occurred just two days earlier.

FOLLOW BeMaster BuySmart 🚀 TO FIND OUT MORE $$$$$ 🤩 BE MASTER BUY SMART 🤩

Nobitex Crypto Exchange, has officially begun restoring wallet access. After suffering a massive $90 million hack earlier this month. It is the larget cryptocurrency platform in Iran. In a new update posted on X (formerly Twitter), they confirmed that wallet access has now started for verified users. They will begin with spot wallets. The reopening process will continue in phases as the platform works to regain user trust and restore its services.

Source: Nobitex X Handle
Identity Verification Now a Must
As part of the recovery steps, Nobitex crypto exchange has made identity verification mandatory for accessing wallets. The process started two days ago and is now a key requirement for unlocking user accounts. Spot wallets are being prioritized, while other wallets will be accessible once full verification is completed.
If a user’s wallet balance is not yet visible, the organisation urges patience, stating the information will be released in phases after all details are confirmed secure. The platform aims to wind up the verification and access process by mid-week.  Delays may occur due to added security checks. 
Withdrawal, Deposit, and Trading to Resume 
Nobitex crypto exchange is also preparing to resume withdrawal, deposit, and trading services for verified users. These functions will return in steps, ensuring that users who meet the security checks can operate their accounts safely. The team is working hard to keep delays minimal and avoid any additional disruption to user activity.
Users are Advised 
Importantly, the Nobitex crypto exchange warned all users not to use their old wallet addresses. As part of a full system migration, old addresses are now invalid. 
Any cryptocurrency sent to them could be permanently lost. Communite members are advised to remove saved old addresses from mining rigs or apps and wait for new ones to be issued by the platform. 
The Cyberattack That Shook Iran’s Digital Asset's Market
This recovery follows the Nobitex Crypto Exchange suffering a massive cyberattack in early June, with hackers making off with some $90 million in digital currencies from Bitcoin, Dogecoin, and other tokens. 
The hacking was conducted by Gonjeshke Darande, a recognized anti-Iranian hacktivist collective suspected of having Israel connections. It was during the ongoing tensions between Iran and Israel war. 
The community alleged that the platform was assisting the Iranian government in evading sanctions from the U.S. and even financing terror. In protest, they destroyed the stolen cryptocurrency by forwarding it to burn addresses with insulting anti-IRGC messages. 
This was followed by Iran issuing an emergency crypto exchange curfew restricting trading hours. It also includes imposing stricter regulations to avoid the recurrence of such incidents. Among new rules were daily withdrawal caps, enhanced KYC requirements, and routine audits for all exchanges. 
Nobitex’s Role in Iran’s Crypto Economy
Nobitex crypto exchange is not just a regular platform in Iran, it serves over 10 million users and has processed more than $11 billion in cryptocurrency transactions. It’s often used by citizens to send funds abroad, fight inflation, and avoid financial sanctions. Reports say that working for the organisation is seen by some as equal to serving the country.
With the platform down, many users were locked out and uncertain about the safety of their funds. The stolen funds were declared unrecoverable. They moved the remaining assets to cold storage. Also activated a reserve fund to cover any potential losses. 
What’s Next for Nobitex?
Nobitex Crypto Exchange got back into business with limited activity but the damage has already been done. The exchange has not clarified yet whether they will fully reimburse the affected users. They have also not provided how much user data is compromised because of the hack. 
Up to date, wallet balances can be viewed by verified user only, and the support of trading is yet to be restored completely. 

visit- CoinGabbar

#Nobitex #CryptoExchange #WalletAccess #CryptoHack