#hack
hack
947,717 vistas
618 están debatiendo
Hot
Lo último
2026 crypto hacks (jan - april):
-) Truebit (Truebitprotocol) — $26M
smart contract bug let attacker mint cheap tokens + drain ETH
-) Step Finance (StepFinance_ ) — $27–40M
team device hacked, private key stolen (phishing)
-) SwapNet — $13M
bad permissions + unlimited approvals drained funds
-) Saga bridge — $7M
bridge exploit
-) Makina/Curve — $5M
price/oracle manipulation with flashloans
-) TMX — $1.4M
liquidity pool manipulation
-) Aperture — $3.7M
contract issue
-) random user — $282M
tricked into giving access (social engineering)
feb:
-) CrossCurve — $3M
fake cross-chain message
-) IoTeX bridge — $4.4M
validator key stolen → fake tokens minted
march:
-) Resolv Labs — $25M
cloud system hacked → fake stablecoin minted
-) Venus — $2–3.7M
collateral rules bypassed
-) Solv — $2.7M
double mint bug
-) multiple users — $18M–24M
phishing / address poisoning
april:
-) @DriftProtocol Drift — $285M
long-term social engineering + fake collateral + admin access
-) @hyperbridge Hyperbridge — $237K
fake bridge messages → minted fake tokens
-) @dango Dango — $1.9M
bug, but hacker returned everything (white hat)
main pattern:
most hacks aren’t “genius code exploits”
it’s:
- people getting tricked
- private keys getting stolen
- bridges minting fake assets
- old code breaking
#hack #trade
-) Truebit (Truebitprotocol) — $26M
smart contract bug let attacker mint cheap tokens + drain ETH
-) Step Finance (StepFinance_ ) — $27–40M
team device hacked, private key stolen (phishing)
-) SwapNet — $13M
bad permissions + unlimited approvals drained funds
-) Saga bridge — $7M
bridge exploit
-) Makina/Curve — $5M
price/oracle manipulation with flashloans
-) TMX — $1.4M
liquidity pool manipulation
-) Aperture — $3.7M
contract issue
-) random user — $282M
tricked into giving access (social engineering)
feb:
-) CrossCurve — $3M
fake cross-chain message
-) IoTeX bridge — $4.4M
validator key stolen → fake tokens minted
march:
-) Resolv Labs — $25M
cloud system hacked → fake stablecoin minted
-) Venus — $2–3.7M
collateral rules bypassed
-) Solv — $2.7M
double mint bug
-) multiple users — $18M–24M
phishing / address poisoning
april:
-) @DriftProtocol Drift — $285M
long-term social engineering + fake collateral + admin access
-) @hyperbridge Hyperbridge — $237K
fake bridge messages → minted fake tokens
-) @dango Dango — $1.9M
bug, but hacker returned everything (white hat)
main pattern:
most hacks aren’t “genius code exploits”
it’s:
- people getting tricked
- private keys getting stolen
- bridges minting fake assets
- old code breaking
#hack #trade
💥 Bridge Exploit! Hacker Mints $1 Billion DOT but Only Sells for $237K
Attackers exploited a vulnerability in the Bridged DOT contract on Ethereum, minting a massive amount of tokens worth $1.22 Billion 💸
📌 Key Details
- The Heist: They successfully dumped the tokens via Uniswap and Odos Router, walking away with 108.2 ETH (~$237,975).
- Cost: The entire operation cost them only $0.74 in gas fees.
- Important: This affects only Wrapped/Bridged DOT on Ethereum, not the native DOT on the Polkadot network.
📈 Market Impact
Outlook: Bearish 🔴
While the actual financial damage is limited, this incident highlights the ongoing security risks and vulnerabilities within cross-chain bridge infrastructure.
#DOT #Polkadot #Bridge #Hack #CryptoNews
Attackers exploited a vulnerability in the Bridged DOT contract on Ethereum, minting a massive amount of tokens worth $1.22 Billion 💸
📌 Key Details
- The Heist: They successfully dumped the tokens via Uniswap and Odos Router, walking away with 108.2 ETH (~$237,975).
- Cost: The entire operation cost them only $0.74 in gas fees.
- Important: This affects only Wrapped/Bridged DOT on Ethereum, not the native DOT on the Polkadot network.
📈 Market Impact
Outlook: Bearish 🔴
While the actual financial damage is limited, this incident highlights the ongoing security risks and vulnerabilities within cross-chain bridge infrastructure.
#DOT #Polkadot #Bridge #Hack #CryptoNews
🚨 POLKADOT EXPLOITED 1 BILLION $DOT MINTED & DUMPED
This just shocked the market.
An attacker minted 1 BILLION bridged $DOT on Ethereum…
And dumped it ALL in a single transaction.
The attacker walked away with:
108.2 $ETH ($238K)
That’s it.
Massive supply injection… tiny exit liquidity.
$DOT instantly dropped -4.8% to $1.15 on the news.
Here’s what’s important:
This was a bridged token exploit
NOT native Polkadot chain (for now)
But the market doesn’t care panic spreads fast
Confidence > fundamentals in moments like this.
No official statement yet.
That silence?
Fuel for more volatility.
What to watch next:
Team response (critical)
Exchange reactions
Further abnormal minting activity
Liquidity impact on $DOT pairs
If fear escalates:
Expect deeper downside
Liquidity drains
Short-term chaos
If controlled quickly:
Possible sharp bounce
Relief rally setup
Fast sentiment recovery
This is how fast narratives shift in crypto.
Stay sharp.
#Polkadot #Crypto #DeFi #Hack #Altcoins
This just shocked the market.
An attacker minted 1 BILLION bridged $DOT on Ethereum…
And dumped it ALL in a single transaction.
The attacker walked away with:
108.2 $ETH ($238K)
That’s it.
Massive supply injection… tiny exit liquidity.
$DOT instantly dropped -4.8% to $1.15 on the news.
Here’s what’s important:
This was a bridged token exploit
NOT native Polkadot chain (for now)
But the market doesn’t care panic spreads fast
Confidence > fundamentals in moments like this.
No official statement yet.
That silence?
Fuel for more volatility.
What to watch next:
Team response (critical)
Exchange reactions
Further abnormal minting activity
Liquidity impact on $DOT pairs
If fear escalates:
Expect deeper downside
Liquidity drains
Short-term chaos
If controlled quickly:
Possible sharp bounce
Relief rally setup
Fast sentiment recovery
This is how fast narratives shift in crypto.
Stay sharp.
#Polkadot #Crypto #DeFi #Hack #Altcoins
🚨 HACK ALERT: Bitcoin Depot Suffers Security Breach, Loses $3.7M in BTC!
Major crypto ATM operator Bitcoin Depot has officially filed with the SEC, revealing they were hacked on March 23rd. The attack resulted in the loss of 50.9 BTC, worth approximately $3.66 Million 💸
What Happened?
- Hackers gained unauthorized access to the company's internal settlement wallet credentials.
- However, the company confirmed that customer funds and personal data remain safe and were not compromised.
- They are currently working with cybersecurity experts and law enforcement to investigate the incident.
⚠️ A Cause for Concern
- This is not the first time! The company also suffered a data breach back in 2024, exposing user information.
- While the financial impact is deemed manageable, it raises serious questions about the security standards of major service providers.
📈 Market Impact
Outlook: Bearish 🔴
Incidents like this reinforce security concerns in the industry and could temporarily dampen investor confidence, especially regarding infrastructure providers.
$BTC $BCH
#Bitcoin #Hack #Security #BitcoinDepot
Major crypto ATM operator Bitcoin Depot has officially filed with the SEC, revealing they were hacked on March 23rd. The attack resulted in the loss of 50.9 BTC, worth approximately $3.66 Million 💸
What Happened?
- Hackers gained unauthorized access to the company's internal settlement wallet credentials.
- However, the company confirmed that customer funds and personal data remain safe and were not compromised.
- They are currently working with cybersecurity experts and law enforcement to investigate the incident.
⚠️ A Cause for Concern
- This is not the first time! The company also suffered a data breach back in 2024, exposing user information.
- While the financial impact is deemed manageable, it raises serious questions about the security standards of major service providers.
📈 Market Impact
Outlook: Bearish 🔴
Incidents like this reinforce security concerns in the industry and could temporarily dampen investor confidence, especially regarding infrastructure providers.
$BTC $BCH
#Bitcoin #Hack #Security #BitcoinDepot
According to reports, Bybit averted a big attempted fraud totalling more than $1.3B
According to internal findings, attackers attempted to abuse the deposit mechanism by creating misleading transaction records on several blockchain networks. The purpose was to make it look that more than 1 billion DOT (roughly $1.32 billion) had been successfully deposited, despite no actual payments being received on-chain.
The attack involved altering transaction data and execution logs to trick the system into crediting balances that did not exist. However, Bybit’s risk control infrastructure did not rely solely on logs. Instead, it checked true on-chain balances, allowing the exchange to notice the disparity and prevent any losses.
This type of "fake deposit" attack isn't new. Similar approaches were utilised in previous events, including the Mt. Gox hack, which resulted in the loss of around 850,000 BTC, and vulnerabilities related to Silk Road, which affected over 51,000 BTC between 2011 and 2014.
Despite being a well-known vector, attackers are constantly tweaking it to exploit modern blockchain systems
#bybit #CZReleasedMemeoir #MarketRebound #Hack
$BTC $BNB $XRP
According to internal findings, attackers attempted to abuse the deposit mechanism by creating misleading transaction records on several blockchain networks. The purpose was to make it look that more than 1 billion DOT (roughly $1.32 billion) had been successfully deposited, despite no actual payments being received on-chain.
The attack involved altering transaction data and execution logs to trick the system into crediting balances that did not exist. However, Bybit’s risk control infrastructure did not rely solely on logs. Instead, it checked true on-chain balances, allowing the exchange to notice the disparity and prevent any losses.
This type of "fake deposit" attack isn't new. Similar approaches were utilised in previous events, including the Mt. Gox hack, which resulted in the loss of around 850,000 BTC, and vulnerabilities related to Silk Road, which affected over 51,000 BTC between 2011 and 2014.
Despite being a well-known vector, attackers are constantly tweaking it to exploit modern blockchain systems
#bybit #CZReleasedMemeoir #MarketRebound #Hack
$BTC $BNB $XRP
🚨 DRIFT PROTOCOL: QUANDO LA FIDUCIA UMANA DIVENTA IL PUNTO DEBOLE 🚨
Il 1° aprile 2026, Drift Protocol, il più grande perpetual DEX su Solana, ha subito un attacco devastante da 285 milioni di dollari in appena 12 minuti.
Con un TVL di circa 550 milioni, oltre la metà dei fondi è stata cancellata rapidamente.
Il punto cruciale?
Nessun bug nel codice: il sistema ha funzionato esattamente come progettato.
Gli attaccanti hanno costruito l’accesso in circa sei mesi attraverso una sofisticata operazione di ingegneria sociale. Fingendosi una società di trading legittima, hanno partecipato a conferenze, instaurato relazioni tecniche e persino investito oltre 1 milione di dollari per guadagnare credibilità.
Gradualmente, hanno compromesso i dispositivi dei contributor legati alla governance introducendo strumenti malevoli.
Il vero bersaglio non era il codice, ma la governance.
Drift utilizzava un multisig 2-su-5 senza timelock, permettendo approvazioni immediate.
Gli attaccanti hanno sfruttato i “durable nonces” di Solana per ottenere firme valide in anticipo, impossibili da revocare.
Parallelamente, hanno creato un token falso (CVT), gonfiandone artificialmente il prezzo tramite wash trading.
Il sistema oracle, privo di controlli rigorosi, ha accettato quel prezzo come valido.
Una volta pronti, hanno preso il controllo, inserito il token come collaterale e prelevato asset reali.
In 31 transazioni, hanno drenato USDC, ETH e SOL.
Non è stato un fallimento tecnologico, ma umano: governance fragile, fiducia mal riposta e controlli insufficienti.
#BREAKING #Hack #DRIFT #solana
Il 1° aprile 2026, Drift Protocol, il più grande perpetual DEX su Solana, ha subito un attacco devastante da 285 milioni di dollari in appena 12 minuti.
Con un TVL di circa 550 milioni, oltre la metà dei fondi è stata cancellata rapidamente.
Il punto cruciale?
Nessun bug nel codice: il sistema ha funzionato esattamente come progettato.
Gli attaccanti hanno costruito l’accesso in circa sei mesi attraverso una sofisticata operazione di ingegneria sociale. Fingendosi una società di trading legittima, hanno partecipato a conferenze, instaurato relazioni tecniche e persino investito oltre 1 milione di dollari per guadagnare credibilità.
Gradualmente, hanno compromesso i dispositivi dei contributor legati alla governance introducendo strumenti malevoli.
Il vero bersaglio non era il codice, ma la governance.
Drift utilizzava un multisig 2-su-5 senza timelock, permettendo approvazioni immediate.
Gli attaccanti hanno sfruttato i “durable nonces” di Solana per ottenere firme valide in anticipo, impossibili da revocare.
Parallelamente, hanno creato un token falso (CVT), gonfiandone artificialmente il prezzo tramite wash trading.
Il sistema oracle, privo di controlli rigorosi, ha accettato quel prezzo come valido.
Una volta pronti, hanno preso il controllo, inserito il token come collaterale e prelevato asset reali.
In 31 transazioni, hanno drenato USDC, ETH e SOL.
Non è stato un fallimento tecnologico, ma umano: governance fragile, fiducia mal riposta e controlli insufficienti.
#BREAKING #Hack #DRIFT #solana
The details of the recent hack on Bybit are continuing to emerge. Hackers successfully stole around 135,000 Ethereum, worth approximately $335 million, from the platform's hot wallets. Investigations show that the hackers managed to launder 45,900 ETH (around $113 million) within a very short period. At this rate, it’s estimated that the remaining stolen Ethereum could be fully laundered in just 8 to 10 days.
In response, Bybit assured users that their funds are safe and that investigations into the attack are ongoing. The hackers have been using decentralized platforms to quickly launder the stolen Ethereum, highlighting the need for cryptocurrency exchanges and the broader crypto community to reassess their security measures.
#bybit #Hack
In response, Bybit assured users that their funds are safe and that investigations into the attack are ongoing. The hackers have been using decentralized platforms to quickly launder the stolen Ethereum, highlighting the need for cryptocurrency exchanges and the broader crypto community to reassess their security measures.
#bybit #Hack
⚠️ Beware of the new malware RatOn. It targets Android devices, hacks wallets (MetaMask, Trust, Phantom) and banking apps, and can even lock your screen for ransom. Active since July, spreading through fake TikTok apps.
When your whole life is on your phone, device security must come first. Get proper antivirus and run regular checks.
#scam #Android #Hack #tiktok #fake
When your whole life is on your phone, device security must come first. Get proper antivirus and run regular checks.
#scam #Android #Hack #tiktok #fake
#SBIGroup Crypto Loses $21M in Suspected North Korean #Hack
Blockchain investigator ZachXBT reported Wednesday that addresses linked to SBI Group Crypto lost approximately $21 million on September 24. The stolen funds included $BTC , $ETH , $LTC , $DOGE, and Bitcoin Cash, which were subsequently laundered through Tornado Cash.
SBI Crypto operates as a subsidiary of Japanese financial conglomerate SBI Group. The company did not immediately respond to requests for comment regarding the incident. Blockchain security firm Cyvers assisted #ZachXBT with the investigation.
The attack exhibits characteristics similar to other exploits connected to North Korean #hackers. Stolen funds were routed through instant exchanges before being deposited into Tornado Cash, a decentralized mixing protocol designed to obscure transaction origins.
ZachXBT has established a reputation as one of the most prolific cryptocurrency investigators, identifying numerous instances of illicit fund movements. In June, the sleuth reported that Iranian cryptocurrency exchange Nobitex appeared compromised for over $80 million across Tron and EVM-compatible chains.
Earlier this year, Arkham Intelligence attributed the Bybit hack involving over $1.5 billion to Lazarus Group, widely believed to operate under North Korean state sponsorship. The attribution cited information provided by ZachXBT.
#TornadoCash has faced sustained scrutiny as a platform enabling hackers to launder stolen funds. The Treasury Department's Office of Foreign Assets Control sanctioned the protocol in August 2022. Roman Storm faced charges in 2023 for conspiracy to commit money laundering and sanctions violations related to operating Tornado Cash.
Blockchain investigator ZachXBT reported Wednesday that addresses linked to SBI Group Crypto lost approximately $21 million on September 24. The stolen funds included $BTC , $ETH , $LTC , $DOGE, and Bitcoin Cash, which were subsequently laundered through Tornado Cash.
SBI Crypto operates as a subsidiary of Japanese financial conglomerate SBI Group. The company did not immediately respond to requests for comment regarding the incident. Blockchain security firm Cyvers assisted #ZachXBT with the investigation.
The attack exhibits characteristics similar to other exploits connected to North Korean #hackers. Stolen funds were routed through instant exchanges before being deposited into Tornado Cash, a decentralized mixing protocol designed to obscure transaction origins.
ZachXBT has established a reputation as one of the most prolific cryptocurrency investigators, identifying numerous instances of illicit fund movements. In June, the sleuth reported that Iranian cryptocurrency exchange Nobitex appeared compromised for over $80 million across Tron and EVM-compatible chains.
Earlier this year, Arkham Intelligence attributed the Bybit hack involving over $1.5 billion to Lazarus Group, widely believed to operate under North Korean state sponsorship. The attribution cited information provided by ZachXBT.
#TornadoCash has faced sustained scrutiny as a platform enabling hackers to launder stolen funds. The Treasury Department's Office of Foreign Assets Control sanctioned the protocol in August 2022. Roman Storm faced charges in 2023 for conspiracy to commit money laundering and sanctions violations related to operating Tornado Cash.
30.1K #BTC ($2.1B) of #Silk Road #hack funds controlled by US government is on the move right now.
0.001 BTC ($69) transferred to a Coinbase deposit address so it’s a test transfer possibly.
txn hash
9c3af4b48e66565f1da1da8278036fa1dbb09f2beaaca99c3504475390ba4590
Coinbase deposit address
3KrZVU9Jz4UKHpKUtuvkEMX1tY8zeiTvX2
0.001 BTC ($69) transferred to a Coinbase deposit address so it’s a test transfer possibly.
txn hash
9c3af4b48e66565f1da1da8278036fa1dbb09f2beaaca99c3504475390ba4590
Coinbase deposit address
3KrZVU9Jz4UKHpKUtuvkEMX1tY8zeiTvX2
Inicia sesión para explorar más contenidos