Models tested by MATS and the Anthropic Fellows program generated turnkey exploit scripts and identified fresh vulnerabilities, suggesting automated exploitation is becoming technically and economically viable.
Yearn Finance’s yETH product was targeted in an exploit where an attacker minted nearly unlimited yETH in a single transaction, draining around 1,000 ETH ($3 million). Some funds were sent to Tornado Cash, and blockchain data shows the attack used several newly deployed contracts that self-destructed afterward. The full extent of the losses is still unclear. …
Yearn Finance, one of the most well-known DeFi platforms, has suffered a major security incident that caused nearly $9 million in losses. The attack targeted a custom stable-swap pool linked to Yearn’s yETH token, allowing the hacker to mint almost unlimited tokens and drain the pool in a single strike. Here are the key details. …
Wallet interfaces typically summarize instructions as a single swap, and the bundled transaction executes atomically—meaning users unknowingly sign off on both.
For a few days in November, a malicious Chrome extension ranked as the fourth result for “Ethereum wallet” on the Chrome Web Store. The extension, called “Safery: Ethereum Wallet,” looked polished enough to pass as legitimate. It had a clean icon, a generic name adjacent to security language, a flood of five-star reviews, and boilerplate […]
The post Security reality check: Top-ranked Chrome ‘wallet’ that steals your seedphrase appeared first on CryptoSlate.
A massive Bitcoin mystery from 2020 has resurfaced, but this time, it’s not just about hackers and stolen crypto. China is accusing the United States of secretly taking control of 127,000 stolen Bitcoins, worth around $13 billion, in what may become one of the most controversial crypto disputes ever. The allegation has added fresh strain …
The DeFi world was hit with another shock as Stream Finance, a platform known for its yield and capital efficiency strategies, paused all withdrawals and deposits after suffering a massive $93 million loss. The company said the loss came from an external fund manager responsible for handling a portion of its assets, and operations will …
On Oct. 31, 2025, the Radiant exploiter transferred approximately 5,411.8 ETH to Tornado Cash, a move worth roughly $20.7 million. Nine days earlier, the same cluster had moved approximately 2,834.6 ETH, equivalent to $10.8 million, after staging funds across chains and through swaps before the mixer. Neither burst looked hurried. Both looked like a careful […]
The post How this millionaire crypto hacker continues to freely cash out a year later appeared first on CryptoSlate.
North Korea’s hackers have found a new weapon — and it’s not quantum computing.In 2025 alone, state-sponsored groups like the Lazarus Group have stolen more than $2 billion in cryptocurrency, using artificial intelligence to supercharge every stage of their operations. AI now scans thousands of smart contracts in minutes, identifies exploitable code, and automates multi-chain …
Mysten Labs’ chief cryptographer warns that artificial intelligence, not quantum computing, poses the real near-term threat to blockchain security.
Long-time XRP investor Brandon LaRoque says he discovered the loss on Oct. 15 in cold wallet maker Ellipal’s mobile app, but the theft occurred on Oct. 12.
Six hacker wallets dumped ETH during the Oct. 10 market crash, then rebought at higher prices, amplifying losses.
Singapore’s High Court has given the green light to a restructuring plan for crypto exchange WazirX, clearing a major obstacle in the company’s effort to repay users after last year’s large theft. Related Reading: ‘BNB Isn’t Crumbling’: CZ Slams Critics Stirring Fear And Doubt According to reports, the court’s approval on October 13 allows the exchange to move ahead with a court-supervised recovery process tied to the $234 million hack that hit the platform in July 2024. Creditor Vote And Numbers Based on reports from the company, the revised plan won broad backing from affected account holders. In an August revote, 95.7% of participating scheme creditors voted in favor, and those votes came from 143,190 participating creditors representing about $196 million in approved claims. The strong turnout and result were used by WazirX to press its case to the Singapore court. Thank you to everyone who supported this difficult phase of WazirX. The Singapore High Court has approved the scheme. Its your support and love that has made this possible ❤️ Now we set out on the next phase to work hard and create value for everyone. We’re here because of YOU… — Nischal (Shardeum) ???? (@NischalShetty) October 13, 2025 The hack itself exploited a Safe Multisig wallet in mid-July 2024 and drained a large pool of user funds. Investigations and media accounts linked the breach to advanced cyber operators, and the theft forced WazirX to freeze both crypto and rupee withdrawals while legal options were explored. What Users Will Receive According to several outlets, users may recover a substantial portion of lost funds under the approved plan. Reports have said recoveries could reach up to 55% of the losses, delivered as a mix of immediate liquid payments and so-called Recovery Tokens that represent remaining claims to be fulfilled over time. WazirX has said the first wave of payouts — in stablecoin or USDT equivalent — would follow once the scheme takes effect. That mix means some users will get cash-equivalent payments quickly while others will hold tokens that the company intends to redeem as it regains assets or generates revenue. The plan shifts part of the repayment responsibility to entities inside India to comply with local rules, a change that was highlighted during court rounds. The road to approval was not straight. The Singapore court had earlier rejected a first version of the scheme after judges raised questions over the plan’s structure and oversight. That decision forced WazirX and its advisers to rework the proposal and secure a fresh vote from creditors before returning to court. Related Reading: XRP Traders Face Fresh Selling Pressure As Large Holders Move Out Next Steps And Timeline If the scheme becomes effective under the court’s timetable, WazirX says distributions of available liquid assets will begin within 10 business days. That window is expected to trigger the initial USDT transfers while RTs are recorded for the remainder of approved claims. The exchange will still need to finish legal formalities and coordinate with payment processors and regulators. Featured image from Pixabay, chart from TradingView
The sanction order followed an August re-vote that saw 95.7% of creditors by number and 94.6% by value support the plan.
According to PeckShield, the theft stemmed from a private key compromise, allowing an attacker to drain the victim’s funds in a single swift move.
Binance co-founder Changpeng Zhao (CZ) has warned that North Korean hackers are using increasingly advanced methods to infiltrate cryptocurrency companies. In a recent X post, CZ explained: “They exploit trust, creativity, and patience to breach platforms and steal user funds.” According to Chainalysis, North Korean hackers stole around $1.34 billion in crypto in 2024, with …
The code includes pre-loaded instructions to target 56 browser wallet extensions and is designed to extract private keys, credentials, and certificates.
The credential stealer harvested username, password, and 2FA codes before sending them to a remote host. With full access, the attacker republished every "qix" package with a crypto-focused payload.
According to Guillemet, the malicious code — already pushed into packages with over 1 billion downloads — is designed to silently swap crypto wallet addresses in transactions. That means unsuspecting users could send funds directly to the attacker without realizing it.
Nemo, a yield protocol on the Sui blockchain, suffered a $2.4 million exploit.
The attack involved updating a contract to a malicious address, affecting tokens like vUSDC and vETH.
Crypto hack in August shook the digital asset industry as hackers stole $163 million across 16 incidents, according to blockchain security firm PeckShield. This marked a sharp jump from July’s $142 million, proving how cyberattacks are becoming more frequent and sophisticated. The largest hit was a $91.4 million theft from multiple anonymous Bitcoin addresses, highlighting …
More than 51,800 addresses lost $1-$1,000, 5,269 are down $1,000-$10,000 and 1,025 shed $10,000-$100,000, Bubblemaps said.
A fraudster posing as a hardware wallet support agent tricked the target into handing over wallet credentials.
The crypto industry has witnessed another strong move from regulators. The U.S. government recently received 76.56 Ethereum, valued at approximately $332,000, from Coinbase. These funds are linked to the 2021 Uranium Finance hack, according to blockchain data. The transfer marks another step in recovering stolen digital assets and demonstrates the progress authorities have made in …
Qubic’s mining group has picked Dogecoin as its next target after claiming it briefly gained majority control of Monero’s network, according to reports. Related Reading: Trump Coin Jumps 10% On Canary Capital ETF Filing: Details The group said it reorganized six blocks on Monero and then asked its community to vote on which ASIC-friendly proof-of-work coin to test next. The vote came on Aug. 17. Community Picks Dogecoin Based on reports, Dogecoin won the vote with more than 300 votes. Qubic’s founder, Sergey Ivancheglo, shared that Dogecoin beat out Zcash and Kaspa in a public poll. The project says its Monero pool reached a 51% share and that it currently runs about two point three GH/s of Monero hashrate. The group calls these moves “stress tests” and says they are meant to show how its mining model works, while also using pool profits to buy and burn QUBIC tokens. The group added it does not want to destroy networks. The #Qubic community has chosen #Dogecoin. pic.twitter.com/EnevIZUAw5 — Come-from-Beyond (@c___f___b) August 17, 2025 The technical claim has sparked debate in the Monero community. Some developers and miners question whether the pool ever held sustained, uncontested control. Others say the actions — which reorganized blocks — are proof the group can alter short stretches of chain history. Either way, the interruption was enough for Kraken to pause Monero deposits while exchanges and services assessed risk. What A 51% Attack Can Do A 51% attack lets the controller reorganize blocks or stop transactions. A group that controls more than half of a network’s mining power can rewrite recent blocks, halt certain transactions, or try double-spends. Qubic’s move showed it could force a small reorg on Monero. If a similar level of control were applied to Dogecoin, the effect could be larger because Dogecoin has a market capitalization above $35 billion. Still, Dogecoin benefits from merged-mining with Litecoin and runs at a much higher hashrate, so an attack would likely cost far more. Markets and exchanges reacted quickly. Prices moved on the news and custodial services tightened checks. Kraken’s decision to pause deposits underscored how exchanges will act fast when block reorgs or other threats appear. Users and traders faced increased short-term uncertainty. Related Reading: XRP’s Toughest Bull Run Could Lead To Big Gains, Analyst Claims What To Watch Next Based on reports, the timeline is unclear but the issue raises bigger questions. Qubic has not given a clear timeline for any action against Dogecoin. Observers will watch for technical logs, more statements from the project, and any responses from Dogecoin and Litecoin developers. A Hostile Act? People will also be looking for proof that Qubic’s tests were non-destructive and for evidence about how long the pool actually held control. Most outlets call what Qubic did a 51% attack (a chain reorg), not a “hack” in the usual sense — but it’s still an attack on network consensus and many people treat it as hostile. Featured image from Meta, chart from TradingView
Three high-profile exploiters have taken advantage of ether’s rally to liquidate stolen funds, pocketing tens of millions in extra profits.
Turkish crypto exchange BtcTurk has been targeted by a major cyberattack, which resulted in the theft of roughly $48 million in digital assets. On Aug. 14, blockchain security firm Cyvers reported that the stolen funds were moved across multiple networks, including Ethereum, Avalanche, Arbitrum, Base, Optimism, Mantle, and Polygon. Most of the assets were transferred […]
The post BtcTurk hack sees $48 million in crypto vanish from hot wallets appeared first on CryptoSlate.
Turkish cryptocurrency exchange BtcTurk, the country’s second-largest and oldest, has been hacked, with over $48 million worth of assets stolen. The attacker has completed transferring the stolen funds and started exchanging them. In response, BtcTurk has suspended all cryptocurrency deposits and withdrawals while investigating the breach. The hack affected multiple blockchains, including Ethereum, Avalanche, and …
Blockchain sleuths flag suspicious multi-chain transfers from the Turkish exchange, prompting a suspension of deposits and withdrawals.