TheHolyCoins
Discover original content on presales, IDOs, IEOs, and crypto projects. Stay informed with detailed analysis and insights into emerging crypto opportunities
0 Siguiendo
76 Seguidores
78 Me gusta
24 compartieron
Publicaciones
Todo
Citas
Arkham Intelligence published a report examining Lazarus Group’s crypto laundering network and operational tactics between 2017 and 2026.
According to the research, Lazarus-linked actors were tied to more than $6 billion in stolen cryptocurrency across exchange breaches, ransomware campaigns, bridge exploits, and decentralized finance attacks.
Arkham said North Korean-linked actors accounted for more than 70% of crypto exploit losses recorded so far in 2026.
The report described how Lazarus allegedly moves stolen assets through cross-chain bridges, mixers, centralized exchanges, OTC brokers, and fragmented wallet activity to complicate blockchain tracing efforts.
THORChain was identified as a frequently used bridge for converting stolen assets into Bitcoin. Arkham also referenced mixers including Sinbad.io and YoMix, along with Russian exchanges and Chinese OTC brokers involved in cash-out activity.
The research examined the April 2026 Drift Protocol ($DRIFT ) exploit, where attackers allegedly spent months building trust with employees through conferences, deposits exceeding $1 million, and fake partnership activity. Arkham said Lazarus later used pre-authorized Solana transactions to drain about $285 million from the protocol.
The report also covered the February 2026 KelpDAO exploit. According to Arkham, attackers compromised LayerZero RPC nodes and forged cross-chain messages, allowing the withdrawal of 116,500 $rsETH valued at about $292 million.
Arkham concluded that Lazarus continues adapting its laundering methods and attack strategies as blockchain tracing systems become more advanced.
#arkham #DRIFT #KelpDAO #LazarusGroup #Lazarus
According to the research, Lazarus-linked actors were tied to more than $6 billion in stolen cryptocurrency across exchange breaches, ransomware campaigns, bridge exploits, and decentralized finance attacks.
Arkham said North Korean-linked actors accounted for more than 70% of crypto exploit losses recorded so far in 2026.
The report described how Lazarus allegedly moves stolen assets through cross-chain bridges, mixers, centralized exchanges, OTC brokers, and fragmented wallet activity to complicate blockchain tracing efforts.
THORChain was identified as a frequently used bridge for converting stolen assets into Bitcoin. Arkham also referenced mixers including Sinbad.io and YoMix, along with Russian exchanges and Chinese OTC brokers involved in cash-out activity.
The research examined the April 2026 Drift Protocol ($DRIFT ) exploit, where attackers allegedly spent months building trust with employees through conferences, deposits exceeding $1 million, and fake partnership activity. Arkham said Lazarus later used pre-authorized Solana transactions to drain about $285 million from the protocol.
The report also covered the February 2026 KelpDAO exploit. According to Arkham, attackers compromised LayerZero RPC nodes and forged cross-chain messages, allowing the withdrawal of 116,500 $rsETH valued at about $292 million.
Arkham concluded that Lazarus continues adapting its laundering methods and attack strategies as blockchain tracing systems become more advanced.
#arkham #DRIFT #KelpDAO #LazarusGroup #Lazarus
Most memecoins rely entirely on online hype cycles. Wadoozie is trying to turn the launch itself into a live nationwide crypto experience.
The Ethereum-based $WADZ token launches on May 27, 2026, with no presale, no private rounds, 0/0 tax, a renounced contract, and 75% of the supply placed into a DAO-governed locked liquidity pool.
What makes the project stand out is its real-world campaign structure. Wadoozie plans to send a branded RV across 48 U.S. states as part of an eight-act narrative tour featuring livestream storytelling, community meetups, and hidden “Signal Fragments” that can be redeemed for fixed $WADZ rewards.
According to the project’s litepaper, the hunt will distribute nearly 50 million $WADZ directly to participants, while a separate 70 million token allocation funds a “Publishers Network” designed to reward creators for clips, memes, and community-driven content.
The concept is closer to an interactive crypto reality show than a traditional memecoin launch!
Launch date: May 27, 2026.
#MEME #wadoozie #memecoin #CryptoProject #CreatorEconomy
* This post is sponsored by Wadoozie.
The Ethereum-based $WADZ token launches on May 27, 2026, with no presale, no private rounds, 0/0 tax, a renounced contract, and 75% of the supply placed into a DAO-governed locked liquidity pool.
What makes the project stand out is its real-world campaign structure. Wadoozie plans to send a branded RV across 48 U.S. states as part of an eight-act narrative tour featuring livestream storytelling, community meetups, and hidden “Signal Fragments” that can be redeemed for fixed $WADZ rewards.
According to the project’s litepaper, the hunt will distribute nearly 50 million $WADZ directly to participants, while a separate 70 million token allocation funds a “Publishers Network” designed to reward creators for clips, memes, and community-driven content.
The concept is closer to an interactive crypto reality show than a traditional memecoin launch!
Launch date: May 27, 2026.
#MEME #wadoozie #memecoin #CryptoProject #CreatorEconomy
* This post is sponsored by Wadoozie.
DL News is shutting down after more than two years of crypto reporting and investigations.
The publication said declining traffic, AI-driven search disruption, and parasitic content aggregation contributed to the decision.
Director Paige Aarhus stated that legal threats became common after investigations into crypto projects and industry figures.
DL News covered Terraform Labs, DeFi exploits, regulation, scams, and on-chain investigations during its run.
#CryptoNews #CryptocurrencyNews #DLNews #defi
The publication said declining traffic, AI-driven search disruption, and parasitic content aggregation contributed to the decision.
Director Paige Aarhus stated that legal threats became common after investigations into crypto projects and industry figures.
DL News covered Terraform Labs, DeFi exploits, regulation, scams, and on-chain investigations during its run.
#CryptoNews #CryptocurrencyNews #DLNews #defi
Pepeto Presale Review: Is the $PEPETO token legit or a Potential Scam?
The Pepeto presale has been running since late October 2024 and is now in its third calendar year with no token distribution and no live product. The project has raised $9.7 million from retail investors over 18 months.
Pepeto markets itself as a meme-coin infrastructure ecosystem on Ethereum, with a zero-fee exchange, a cross-chain bridge, and an AI token screener. All three exist only as demos.
The whitepaper spans 12 pages, eight of which are a fictional story about a frog god. It contains no architecture diagrams, no bridge specification, no AI model details, no team bios, no legal entity, and no breakdown of how the raised funds are used.
The token has a total supply of 420 trillion and a fully diluted valuation around $78.5 million at the current presale price. Allocations include 30% presale, 30% staking, and 20% marketing, with no public timelock or vesting disclosure.
The team is anonymous. The only names attached to press releases, Baker Uccio and Dani Bonocci, have no verifiable record outside Pepeto material. Claims about a Pepe cofounder and a senior Binance developer are unnamed and unverified.
The SolidProof audit only covers a 200-line ERC-20 contract. It does not cover the bridge, exchange, AI screener, staking, or fund custody.
Marketing materials promise 100x to 1,000x returns, advertises staking APY up to 1,378%, and references a Binance listing Binance has never confirmed. Trustpilot rates it at 2.1 with reports of blocked accounts.
The $PEPETO structure doesn’t look legitimate by the standards of a transparent project. A doxxed team, a full-stack audit, a registered entity, conservative marketing, reasonable claims, and a working product before launch are all missing.
Anyone considering participating in the $PEPETO presale should weigh that record against the projected returns the marketing copy is promising.
** The full article is on TheHolyCoins website.
#Pepeto #Presale #reviews #Scam? #CryptoNews
The Pepeto presale has been running since late October 2024 and is now in its third calendar year with no token distribution and no live product. The project has raised $9.7 million from retail investors over 18 months.
Pepeto markets itself as a meme-coin infrastructure ecosystem on Ethereum, with a zero-fee exchange, a cross-chain bridge, and an AI token screener. All three exist only as demos.
The whitepaper spans 12 pages, eight of which are a fictional story about a frog god. It contains no architecture diagrams, no bridge specification, no AI model details, no team bios, no legal entity, and no breakdown of how the raised funds are used.
The token has a total supply of 420 trillion and a fully diluted valuation around $78.5 million at the current presale price. Allocations include 30% presale, 30% staking, and 20% marketing, with no public timelock or vesting disclosure.
The team is anonymous. The only names attached to press releases, Baker Uccio and Dani Bonocci, have no verifiable record outside Pepeto material. Claims about a Pepe cofounder and a senior Binance developer are unnamed and unverified.
The SolidProof audit only covers a 200-line ERC-20 contract. It does not cover the bridge, exchange, AI screener, staking, or fund custody.
Marketing materials promise 100x to 1,000x returns, advertises staking APY up to 1,378%, and references a Binance listing Binance has never confirmed. Trustpilot rates it at 2.1 with reports of blocked accounts.
The $PEPETO structure doesn’t look legitimate by the standards of a transparent project. A doxxed team, a full-stack audit, a registered entity, conservative marketing, reasonable claims, and a working product before launch are all missing.
Anyone considering participating in the $PEPETO presale should weigh that record against the projected returns the marketing copy is promising.
** The full article is on TheHolyCoins website.
#Pepeto #Presale #reviews #Scam? #CryptoNews
Kyiv is once again becoming one of the key Web3 meeting points in Eastern Europe.
On June 13, Incrypted Conference 2026 will return to the Parkovy Convention and Exhibition Center venue in Kyiv, bringing together the crypto community, global companies, builders, founders, investors, regulators, and technology leaders.
The fourth edition of the conference is expected to be the largest yet, with over 3,000 attendees, more than 50 speakers, and over 50 partners participating. The event will also remain the central gathering of Ukrainian Blockchain Week.
This year’s agenda reflects how quickly the industry is evolving. Alongside crypto, blockchain, and Web3 topics, the conference will place a strong focus on AI and its synergy with decentralized technologies — one of the most important conversations shaping the next stage of digital infrastructure.
The program will take place across two parallel stages:
Main Stage — strategic discussions with leading voices from the industry.
Workshop Stage — practical sessions designed for professionals who want actionable insights, not just theory.
The expanded format will also include a dedicated VIP zone, exclusive activities, and more space for networking, business development, and partnership opportunities.
The event is supported by major market players such as BingX, OKX, MEXC, TrustWallet, and Bitget, alongside more than 50 world-class partners.
Incrypted Conference has already established itself as the main platform for dialogue between the crypto community, business, and regulators in Ukraine. In 2026, it returns with an even stronger ambition: to connect people who are building the future of Web3 in Ukraine and beyond.
📍 Kyiv, “Parkovy”, Parkova Road, 16a
📅 June 13, 2026
🎟 More information: incryptedconference.com
#conference #CryptoEvent #Incrypted2026
** This post was written in collaboration with Incrypted Conference 2026
On June 13, Incrypted Conference 2026 will return to the Parkovy Convention and Exhibition Center venue in Kyiv, bringing together the crypto community, global companies, builders, founders, investors, regulators, and technology leaders.
The fourth edition of the conference is expected to be the largest yet, with over 3,000 attendees, more than 50 speakers, and over 50 partners participating. The event will also remain the central gathering of Ukrainian Blockchain Week.
This year’s agenda reflects how quickly the industry is evolving. Alongside crypto, blockchain, and Web3 topics, the conference will place a strong focus on AI and its synergy with decentralized technologies — one of the most important conversations shaping the next stage of digital infrastructure.
The program will take place across two parallel stages:
Main Stage — strategic discussions with leading voices from the industry.
Workshop Stage — practical sessions designed for professionals who want actionable insights, not just theory.
The expanded format will also include a dedicated VIP zone, exclusive activities, and more space for networking, business development, and partnership opportunities.
The event is supported by major market players such as BingX, OKX, MEXC, TrustWallet, and Bitget, alongside more than 50 world-class partners.
Incrypted Conference has already established itself as the main platform for dialogue between the crypto community, business, and regulators in Ukraine. In 2026, it returns with an even stronger ambition: to connect people who are building the future of Web3 in Ukraine and beyond.
📍 Kyiv, “Parkovy”, Parkova Road, 16a
📅 June 13, 2026
🎟 More information: incryptedconference.com
#conference #CryptoEvent #Incrypted2026
** This post was written in collaboration with Incrypted Conference 2026
On-chain investigator ZachXBT wrote on April 28, 2026, that Sam Altman’s Worldcoin, now rebranded as World, launched a predatory low float crypto token comparable to Sam Bankman-Fried’s FTX companies.
He posted the remarks in a reply to an Elon Musk tweet that read “Scam Altman …” and included a Grok conversation about Ronan Farrow’s New Yorker reporting on OpenAI and Altman.
ZachXBT wrote that Worldcoin preyed on people in low-income countries for biometric data, that its proof-of-personhood technology created a black market for verified accounts, and that WLD supply inflates at unsustainable levels while insiders regularly offload holdings through OTC channels.
He attached three screenshots. The first showed verified World ID accounts being sold for as low as $0.50 each on escrow platforms. The second showed a transaction in which the World Foundation sold 85.45 million WLD for $25 million through FalconX at an average price of $0.293. The third was a 2022 MIT Technology Review report that described Worldcoin’s early recruitment tactics as “deception, exploited workers, and cash handouts” aimed at low-income individuals.
In March 2026, a World Foundation-related entity sold tens of millions of dollars worth of WLD through OTC deals.
ZachXBT’s statements land while the Musk v. OpenAI civil trial is in progress, and a 52.5% WLD unlock is scheduled for July 23, 2026.
#zachxbt #Worldcoin #SamAltman #ElonMusk
He posted the remarks in a reply to an Elon Musk tweet that read “Scam Altman …” and included a Grok conversation about Ronan Farrow’s New Yorker reporting on OpenAI and Altman.
ZachXBT wrote that Worldcoin preyed on people in low-income countries for biometric data, that its proof-of-personhood technology created a black market for verified accounts, and that WLD supply inflates at unsustainable levels while insiders regularly offload holdings through OTC channels.
He attached three screenshots. The first showed verified World ID accounts being sold for as low as $0.50 each on escrow platforms. The second showed a transaction in which the World Foundation sold 85.45 million WLD for $25 million through FalconX at an average price of $0.293. The third was a 2022 MIT Technology Review report that described Worldcoin’s early recruitment tactics as “deception, exploited workers, and cash handouts” aimed at low-income individuals.
In March 2026, a World Foundation-related entity sold tens of millions of dollars worth of WLD through OTC deals.
ZachXBT’s statements land while the Musk v. OpenAI civil trial is in progress, and a 52.5% WLD unlock is scheduled for July 23, 2026.
#zachxbt #Worldcoin #SamAltman #ElonMusk
Spain's Comisión Nacional del Mercado de Valores (CNMV) has issued a public warning against the Snorter ($SNORT) project, stating it is not authorized to provide crypto-asset services under the EU's MiCA Regulation.
The notice was published on April 20, 2026, and flags the Spanish-language version of the Snorter Token website. The CNMV pointed to Articles 3 and 59 of MiCA, which require firms offering services such as operating trading platforms or executing orders on behalf of users to obtain prior authorization.
Snorter's core product is a Telegram-based trading bot that executes token purchases and interacts with user wallets. Functions like these can fall within the definition of a crypto-asset service provider under MiCA. If the bot performs these activities, it would need to be registered with regulators like the CNMV.
The CNMV did not accuse Snorter of fraud. The warning is meant to inform the public that the project is unsupervised and lacks approval to offer regulated crypto services in the EU.
Snorter ran a 5-month presale that raised $5.7 million from retail investors and ended in October 2025. The founding team is anonymous, with no developers, executives, or prior project history disclosed.
At the time of writing, $SNORT trades at $0.0069, a 93% decrease from the $0.1 listing price.
This is the second high-profile crypto presale flagged by the Spanish regulator in 2026, following Bitcoin Hyper in January.
#MiCA #Snorter #Presale #Regulation #CryptoNews
The notice was published on April 20, 2026, and flags the Spanish-language version of the Snorter Token website. The CNMV pointed to Articles 3 and 59 of MiCA, which require firms offering services such as operating trading platforms or executing orders on behalf of users to obtain prior authorization.
Snorter's core product is a Telegram-based trading bot that executes token purchases and interacts with user wallets. Functions like these can fall within the definition of a crypto-asset service provider under MiCA. If the bot performs these activities, it would need to be registered with regulators like the CNMV.
The CNMV did not accuse Snorter of fraud. The warning is meant to inform the public that the project is unsupervised and lacks approval to offer regulated crypto services in the EU.
Snorter ran a 5-month presale that raised $5.7 million from retail investors and ended in October 2025. The founding team is anonymous, with no developers, executives, or prior project history disclosed.
At the time of writing, $SNORT trades at $0.0069, a 93% decrease from the $0.1 listing price.
This is the second high-profile crypto presale flagged by the Spanish regulator in 2026, following Bitcoin Hyper in January.
#MiCA #Snorter #Presale #Regulation #CryptoNews
Justin Sun has filed a federal lawsuit against World Liberty Financial, the DeFi project backed by Donald Trump and his family, in the U.S. District Court for the Northern District of California.
The 52-page complaint lists Sun and two British Virgin Islands entities, Blue Anthem Limited and Black Anthem Limited, as plaintiffs. Causes of action include breach of contract, fraud in the inducement, conversion, unjust enrichment, and declaratory relief.
According to the filing, Sun invested $45 million in WLFI tokens between November 2024 and January 2025 and received an additional 1 billion tokens as an advisor. Reporting puts his total position at around $75 million, with roughly 540 million unlocked and 2.4 billion locked tokens in the frozen wallet.
Sun alleges WLFI secretly installed a "backdoor blacklisting function" that prevented the sale of his tokens after they became tradable in September 2025. The freeze followed on-chain outflows from his wallet, including one transfer of about $9 million. WLFI says the freeze was a routine security measure and previously told Sun, "See you in court, pal."
Sun also opposes a governance proposal WLFI published on April 15, which would burn 10% of all advisor tokens and impose a two-year cliff plus two-year vesting on early-purchaser tokens. He says the freeze leaves him unable to vote.
In his X post, Sun distanced President Trump from the dispute and said he remains a supporter of the administration's crypto agenda, attributing the conflict to specific individuals on the WLFI project team.
#defi #JustinSun #CryptoNews #CryptocurrencyNews #WLFI
The 52-page complaint lists Sun and two British Virgin Islands entities, Blue Anthem Limited and Black Anthem Limited, as plaintiffs. Causes of action include breach of contract, fraud in the inducement, conversion, unjust enrichment, and declaratory relief.
According to the filing, Sun invested $45 million in WLFI tokens between November 2024 and January 2025 and received an additional 1 billion tokens as an advisor. Reporting puts his total position at around $75 million, with roughly 540 million unlocked and 2.4 billion locked tokens in the frozen wallet.
Sun alleges WLFI secretly installed a "backdoor blacklisting function" that prevented the sale of his tokens after they became tradable in September 2025. The freeze followed on-chain outflows from his wallet, including one transfer of about $9 million. WLFI says the freeze was a routine security measure and previously told Sun, "See you in court, pal."
Sun also opposes a governance proposal WLFI published on April 15, which would burn 10% of all advisor tokens and impose a two-year cliff plus two-year vesting on early-purchaser tokens. He says the freeze leaves him unable to vote.
In his X post, Sun distanced President Trump from the dispute and said he remains a supporter of the administration's crypto agenda, attributing the conflict to specific individuals on the WLFI project team.
#defi #JustinSun #CryptoNews #CryptocurrencyNews #WLFI
Former ClickOut Media Writer Exposes SEO Practices in Poker and iGaming Media
Blaise Bourgeois, a World Series of Poker (WSOP) Circuit ring winner and former ClickOut Media poker writer, published a blog post on April 16, 2026, describing how the UK-based digital publishing group operates across poker, iGaming, crypto, and finance affiliate content.
Key claims from his post:
-Card Player Magazine, acquired by ClickOut Media in December 2024, will stop printing physical copies and continue as a newsletter and free bi-monthly online magazine. Insider sources say it was losing 750,000 dollars per year.
- Bourgeois describes ClickOut Media as a parasitic SEO company that hires legitimate journalists, then pushes them toward high-volume SEO pages like Best online poker sites in 2026 and Top crypto poker platforms to drive affiliate signups.
- He claims ClickOut Media owns CoinPoker, a crypto-based poker platform, and doubled the rake charged to players. CoinPoker is listed at the top of affiliate pages on Card Player and other ClickOut-owned sites.
- He alleges some articles were fully AI-generated and credited to writers who do not exist, and that his own name stayed on articles he never reviewed after leaving in August 2025.
- He was let go shortly after raising ethics concerns internally, despite strong performance reviews and three promotions during 21 months at the company.
- Bourgeois is pursuing legal action over wrongful termination and unauthorized use of his name. ClickOut Media has not publicly responded.
** The full article can be found on TheHolyCoins, a crypto news platform focused on early-stage projects, token launches, and presales.
#SEO #CryptocurrencyNews #CryptoNews #poker #AffiliateMarketing
Blaise Bourgeois, a World Series of Poker (WSOP) Circuit ring winner and former ClickOut Media poker writer, published a blog post on April 16, 2026, describing how the UK-based digital publishing group operates across poker, iGaming, crypto, and finance affiliate content.
Key claims from his post:
-Card Player Magazine, acquired by ClickOut Media in December 2024, will stop printing physical copies and continue as a newsletter and free bi-monthly online magazine. Insider sources say it was losing 750,000 dollars per year.
- Bourgeois describes ClickOut Media as a parasitic SEO company that hires legitimate journalists, then pushes them toward high-volume SEO pages like Best online poker sites in 2026 and Top crypto poker platforms to drive affiliate signups.
- He claims ClickOut Media owns CoinPoker, a crypto-based poker platform, and doubled the rake charged to players. CoinPoker is listed at the top of affiliate pages on Card Player and other ClickOut-owned sites.
- He alleges some articles were fully AI-generated and credited to writers who do not exist, and that his own name stayed on articles he never reviewed after leaving in August 2025.
- He was let go shortly after raising ethics concerns internally, despite strong performance reviews and three promotions during 21 months at the company.
- Bourgeois is pursuing legal action over wrongful termination and unauthorized use of his name. ClickOut Media has not publicly responded.
** The full article can be found on TheHolyCoins, a crypto news platform focused on early-stage projects, token launches, and presales.
#SEO #CryptocurrencyNews #CryptoNews #poker #AffiliateMarketing
Kelp DAO, a liquid restaking protocol connected to EigenLayer, was exploited on April 18, 2026. Around $292 million worth of $RSETH was drained through its LayerZero cross-chain bridge.
The attacker forged a cross-chain message that the system accepted as valid, even though no real deposit happened on the source chain. This allowed them to mint or unlock about 116,500 rsETH without any actual ETH backing it.
The stolen rsETH was then sent to Aave, a major DeFi lending protocol, where it was used as collateral to borrow large amounts of real ETH and wrapped ETH. By the time protocols responded, much of the borrowed ETH had already moved.
A second attack was nearly executed that could have drained another $100M, but a rapid blacklist response stopped it just before it went through.
Kelp DAO paused rsETH contracts across mainnet and several Layer-2 chains. Aave froze the $RSETH markets. Compound, Euler Labs, and Venus Protocol also reviewed and adjusted their exposure.
The failure is reported to have happened in the Decentralized Verifier Network layer, which is responsible for confirming cross-chain messages, not in the core smart contracts themselves. This points to a configuration weakness in how external validation was trusted.
The exploit was first reported by the blockchain investigator ZachCBT and is now considered one of the largest DeFi incidents of 2026, showing how a single bridge failure can spread risk across the entire DeFi ecosystem within minutes.
#KelpDAO #security #Hack #Hacked #exploit
The attacker forged a cross-chain message that the system accepted as valid, even though no real deposit happened on the source chain. This allowed them to mint or unlock about 116,500 rsETH without any actual ETH backing it.
The stolen rsETH was then sent to Aave, a major DeFi lending protocol, where it was used as collateral to borrow large amounts of real ETH and wrapped ETH. By the time protocols responded, much of the borrowed ETH had already moved.
A second attack was nearly executed that could have drained another $100M, but a rapid blacklist response stopped it just before it went through.
Kelp DAO paused rsETH contracts across mainnet and several Layer-2 chains. Aave froze the $RSETH markets. Compound, Euler Labs, and Venus Protocol also reviewed and adjusted their exposure.
The failure is reported to have happened in the Decentralized Verifier Network layer, which is responsible for confirming cross-chain messages, not in the core smart contracts themselves. This points to a configuration weakness in how external validation was trusted.
The exploit was first reported by the blockchain investigator ZachCBT and is now considered one of the largest DeFi incidents of 2026, showing how a single bridge failure can spread risk across the entire DeFi ecosystem within minutes.
#KelpDAO #security #Hack #Hacked #exploit
A security researcher on Reddit has uncovered a fake Ledger Nano S+ being sold on a Chinese marketplace at the same price as the official device.
The counterfeit hardware looked legitimate from the outside, but an internal analysis revealed a generic ESP32-S3 chip by Espressif Systems instead of the secure element used in real Ledger devices. Some component markings were deliberately scraped off, and sensitive data, including PIN codes and seed phrases, were found stored in plain text in the device's firmware.
The attack does not rely on bypassing Ledger's security. The official Ledger Live app correctly detects the fake device through its built-in Genuine Check. The real threat comes from a QR code inside the packaging that redirects users to a cloned website resembling ledger.com. From there, users are pushed to download malicious versions of Ledger Live for Android, iOS, Windows, and macOS.
These fake apps show a hardcoded verification screen that does not actually check anything. In the background, they capture seed phrases and send them to attacker-controlled servers. The Android version also monitors wallet balances and intercepts communication between the device and the app.
The researcher linked the operation to a Shanghai-registered shell company set up specifically to sell on JD.com, with infrastructure supporting multiple distribution channels across desktop and mobile.
The scam appears to be designed to target first-time hardware wallet users, who are more likely to follow onboarding instructions, scan QR codes, and download software from links in the box.
Ledger has not issued a public statement, but a verified support account asked the researcher to file a formal report. Always buy hardware wallets from official sources and download software only from the official website.
#CryptoSecurity #Ledger #Cryptoscam #Web3Security #phishingscam
The counterfeit hardware looked legitimate from the outside, but an internal analysis revealed a generic ESP32-S3 chip by Espressif Systems instead of the secure element used in real Ledger devices. Some component markings were deliberately scraped off, and sensitive data, including PIN codes and seed phrases, were found stored in plain text in the device's firmware.
The attack does not rely on bypassing Ledger's security. The official Ledger Live app correctly detects the fake device through its built-in Genuine Check. The real threat comes from a QR code inside the packaging that redirects users to a cloned website resembling ledger.com. From there, users are pushed to download malicious versions of Ledger Live for Android, iOS, Windows, and macOS.
These fake apps show a hardcoded verification screen that does not actually check anything. In the background, they capture seed phrases and send them to attacker-controlled servers. The Android version also monitors wallet balances and intercepts communication between the device and the app.
The researcher linked the operation to a Shanghai-registered shell company set up specifically to sell on JD.com, with infrastructure supporting multiple distribution channels across desktop and mobile.
The scam appears to be designed to target first-time hardware wallet users, who are more likely to follow onboarding instructions, scan QR codes, and download software from links in the box.
Ledger has not issued a public statement, but a verified support account asked the researcher to file a formal report. Always buy hardware wallets from official sources and download software only from the official website.
#CryptoSecurity #Ledger #Cryptoscam #Web3Security #phishingscam
Justin Sun vs World Liberty Financial ($WLFI ) is getting heated.
Sun invested $75M in WLFI, a Trump-backed DeFi project.
In September 2025, his wallet was frozen after he moved $9M in tokens. He denied any wrongdoing.
Now, on-chain data shows the blacklist function didn't exist when he invested. It was added 11 months later, one week before trading opened. One anonymous wallet can freeze any WLFI holder's tokens with a single signature and no vote needed.
Sun is publicly demanding WLFI name who controls that wallet.
WLFI responded: "See you in court."
The governance votes, the vesting structure, and the freeze power are all verifiable on-chain. The identity behind the address still hasn't been disclosed.
#WLFI #JustinSun #defi #blockchain #CryptoNews
Sun invested $75M in WLFI, a Trump-backed DeFi project.
In September 2025, his wallet was frozen after he moved $9M in tokens. He denied any wrongdoing.
Now, on-chain data shows the blacklist function didn't exist when he invested. It was added 11 months later, one week before trading opened. One anonymous wallet can freeze any WLFI holder's tokens with a single signature and no vote needed.
Sun is publicly demanding WLFI name who controls that wallet.
WLFI responded: "See you in court."
The governance votes, the vesting structure, and the freeze power are all verifiable on-chain. The identity behind the address still hasn't been disclosed.
#WLFI #JustinSun #defi #blockchain #CryptoNews
A major international effort called Operation Atlantic just finished, marking a big win against crypto fraud.
Led by the UK National Crime Agency and authorities from the US and Canada, the team found more than 20,000 victims and froze $12 million in stolen money.
The operation focused on stopping approval phishing scams.
This is a scam where criminals trick you into giving them permission to access your digital wallet, often using fake investment links or pop-up alerts. It’s different from a regular fraud because the scammers trick you into signing away control of your assets so they can empty your wallet instantly.
A key part of the success was how police worked directly with private companies. Teams from Binance and Elliptic used blockchain tracking to follow the money in real time and stop the funds before they could disappear.
This shows that when authorities and regulators decide to act, they can stop scams and protect the public. It also proves that even though these crimes are growing, the transparency of the blockchain makes it very hard for criminals to hide when experts work together across borders.
#Cryptoscam #phishingscam #Binance #crackdown
Led by the UK National Crime Agency and authorities from the US and Canada, the team found more than 20,000 victims and froze $12 million in stolen money.
The operation focused on stopping approval phishing scams.
This is a scam where criminals trick you into giving them permission to access your digital wallet, often using fake investment links or pop-up alerts. It’s different from a regular fraud because the scammers trick you into signing away control of your assets so they can empty your wallet instantly.
A key part of the success was how police worked directly with private companies. Teams from Binance and Elliptic used blockchain tracking to follow the money in real time and stop the funds before they could disappear.
This shows that when authorities and regulators decide to act, they can stop scams and protect the public. It also proves that even though these crimes are growing, the transparency of the blockchain makes it very hard for criminals to hide when experts work together across borders.
#Cryptoscam #phishingscam #Binance #crackdown
BlockDAG is selling $BDAG at $0.000022 after listing around $0.05 on exchanges.
That price implies an FDV of $3.3M, compared to a reported $440M crypto presale.
Less than 1%.
The same token supply that raised hundreds of millions is now being sold at a fraction of that valuation.
The $BDAG token is still being sold directly at lower prices, while higher prices are listed on exchanges.
Presale investors are left exposed to severe losses with this pricing structure.
** Full article in the comments
#BlockDAG #bdag #tokenlaunch #Presale
That price implies an FDV of $3.3M, compared to a reported $440M crypto presale.
Less than 1%.
The same token supply that raised hundreds of millions is now being sold at a fraction of that valuation.
The $BDAG token is still being sold directly at lower prices, while higher prices are listed on exchanges.
Presale investors are left exposed to severe losses with this pricing structure.
** Full article in the comments
#BlockDAG #bdag #tokenlaunch #Presale
We've published a review of the ApeMars ($APRZ) crypto presale.
The article examines the presale structure, APRZ coin tokenomics, whitepaper, audit, and team transparency.
It shows there is no planned working product, no MVP, and no clear explanation of how the funds are used. It also covers the high FDV and “100x” ROI marketing.
Is the $APRZ coin legit or a scam?
** Full review in the comments
#CryptoNews #CryptoAnalysis #CryptoReview #TheHolyCoins
The article examines the presale structure, APRZ coin tokenomics, whitepaper, audit, and team transparency.
It shows there is no planned working product, no MVP, and no clear explanation of how the funds are used. It also covers the high FDV and “100x” ROI marketing.
Is the $APRZ coin legit or a scam?
** Full review in the comments
#CryptoNews #CryptoAnalysis #CryptoReview #TheHolyCoins
Italy’s CONSOB Orders Immediate Halt of Solaxy’s $SOLX Token Offer Under MiCA
Italy’s financial regulator, CONSOB (Commissione Nazionale per le Società e la Borsa), has ordered the immediate cessation of Solaxy’s $SOLX token offer to the Italian public under the EU’s MiCA Regulation (Regulation (EU) 2023/1114).
Resolution No. 23891 states that the $SOLX utility token was offered without notification of a required crypto-asset whitepaper under Article 8 of MiCA.
CONSOB determined that the Solaxy website provided instructions for purchasing the token and redirected users to trading platforms.
According to the resolution, the offer qualified as a public offering of crypto-assets other than asset-referenced tokens or electronic money tokens.
In a related press release addressing illegal financial activities, CONSOB included Solaxy’s token offering as part of its enforcement action. Italian ISPs are working to block access to the website.
The decision does not declare Solaxy a scam. However, it confirms that the crypto presale failed to comply with EU crypto regulation requirements applicable to utility token offerings in the European Union.
MiCA enforcement is now moving from theory to application, with regulators actively reviewing crypto presales and public token offers targeting EU investors.
Full article link in the comments.
#solx #CryptoNews #regulations #MiCA #CryptoUpdates
Italy’s financial regulator, CONSOB (Commissione Nazionale per le Società e la Borsa), has ordered the immediate cessation of Solaxy’s $SOLX token offer to the Italian public under the EU’s MiCA Regulation (Regulation (EU) 2023/1114).
Resolution No. 23891 states that the $SOLX utility token was offered without notification of a required crypto-asset whitepaper under Article 8 of MiCA.
CONSOB determined that the Solaxy website provided instructions for purchasing the token and redirected users to trading platforms.
According to the resolution, the offer qualified as a public offering of crypto-assets other than asset-referenced tokens or electronic money tokens.
In a related press release addressing illegal financial activities, CONSOB included Solaxy’s token offering as part of its enforcement action. Italian ISPs are working to block access to the website.
The decision does not declare Solaxy a scam. However, it confirms that the crypto presale failed to comply with EU crypto regulation requirements applicable to utility token offerings in the European Union.
MiCA enforcement is now moving from theory to application, with regulators actively reviewing crypto presales and public token offers targeting EU investors.
Full article link in the comments.
#solx #CryptoNews #regulations #MiCA #CryptoUpdates
Inicia sesión para explorar más contenidos