A malicious Ledger Live clone slipped onto Apple’s App Store, draining millions from dozens of victims across multiple blockchains in a week-long phishing campaign.
The firm said a criminal group is attempting to extort it over limited insider-related data access incidents affecting about 2,000 accounts. Kraken says it will not pay and is working with law enforcement.
A hacker exploited a vulnerability in the Hyperbridge cross-chain gateway connecting Polkadot to Ethereum. By forging gateway messages and manipulating the token contract’s admin privileges, the attacker created 1 billion unauthorized DOT tokens and sold them on decentralized markets, earning about 108.2 ETH (roughly $237,000) in profit. The incident highlights ongoing risks in cross-chain bridge …
The Department of the Treasury announced it's letting crypto firms sign up for timely information-sharing on cybersecurity threats.
For years, the DeFi industry has treated security as a technical problem: something that could be solved with better code. But the Drift incident suggests something far more complex: that the real vulnerabilities may lie outside the codebase altogether.
The program includes 24/7 threat monitoring for protocols with more than $10 million in deposits and a dedicated incident response network of security firms.
Ledger’s Charles Guillemet says artificial intelligence is making hacks cheaper and faster, forcing a rethink of how crypto systems stay secure.
Prominent blockchain sleuth ZachXBT alleged faster action by Circle could have limited crypto losses, but freezing asset without legal authorization carries legal risks.
The exploit did not involve a bug in Drift's code. It used "durable nonces," a legitimate Solana transaction feature, to pre-sign administrative transfers weeks before executing them, bypassing the protocol's multisig security in minutes.
The blockchain analytics firm pointed to cross-chain laundering patterns and Solana-specific tracing challenges that mirror prior North Korean state-linked operations.
Drift Protocol shared that about $280 million was drained in a highly organized attack, affecting nearly half the funds in an associated wallet. The attacker took advantage of pre-signed durable nonce transactions, allowing them to delay execution and act at a strategic moment. By reportedly misleading several multisig signers through targeted social engineering, the attacker …
Mike Novogratz’s crypto financial services firm said unauthorized access was limited to a segregated R&D workspace; trading systems and client accounts were unaffected.
In March 2026, the crypto sector faced 20 major hacks totaling $52 million, nearly double February’s $26.5 million. The largest attack targeted ResolvLabs’ $USR, where an AWS KMS breach allowed an “infinite mint” of 80 million tokens, draining around $25 million and triggering bad debt across platforms like MorphoBlue, Euler, and Fluid. Other notable losses …
CertiK’s March 2026 security report confirms $59,509,931 lost to exploits, phishing, and scams – with just $21,912 returned. That is a recovery rate of 0.04%. Wallet compromise led all categories at $26,846,293, followed closely by phishing at $21,408,097. Together the two account for over 80% of March’s total losses. By attack type, DeFi protocols suffered …
Crypto payments platform Bitrefill has confirmed a major cyberattack on March 1, 2026, with signs pointing to the North Korea-linked Lazarus Group. The Bitrefill attack exposed internal systems, drained crypto wallets, and accessed around 18,500 user records. Let’s understand how the Bitrefill hack happened and whether user data is safe. How the Bitrefill Hack Happened? …
Crypto payments platform Bitrefill revealed it was targeted in a cyberattack on March 1, 2026, possibly linked to North Korea’s Lazarus Group. Around 18,500 order records were accessed, including customer email and crypto addresses. The breach began with a compromised employee device and stolen login credentials. Attackers gained access to parts of the company’s database …
Bybit blocked more than $300 million in unauthorized withdrawals during the final quarter of last year — a figure that puts February’s total crypto theft losses in sharp relief. Related Reading: Bitcoin Crosses 20 Million Coins Mined — And Only 1 In 20 Remains According to security firm Nominis, close to $50 million was stolen across the entire crypto industry last month, a fraction of what Bybit alone says it turned away in just three months. Attackers Home In On Human Error The drop from January’s $385 million in losses might look like progress, but security researchers say the more significant story is where the attacks are coming from. Social engineering — scams that trick people into handing over access — caused more cumulative damage in February than traditional software exploits did. Phishing campaigns climbed sharply during the month, with criminals sending fraudulent messages designed to get users to click malicious links or sign transactions they shouldn’t. The most common method was authorization abuse. Victims were manipulated into granting wallet permissions without realizing what they’d approved. Once those permissions were in place, attackers could move funds out freely. Private individuals bore the brunt of these attacks, not exchanges or large protocols. One Breach Drove Most Of The Damage A single incident accounted for most of February’s losses. Step Finance, a portfolio analytics platform built on Solana, was drained of approximately $30 million. Strip that one event out, and February would have been remarkably quiet by recent standards. The broader numbers back that up. Blockchain security company PeckShield put February losses at $26.5 million — the lowest monthly figure since March 2025. PeckShield credited stronger risk controls and better security practices across the industry for part of the decline. Big Losses Still Loom Over The Industry Even with a quieter month on the books, the industry’s annual toll remains staggering. Data from Chainalysis shows crypto hacks cost the industry $3.4 billion last year. That figure underscores how much ground still needs to be covered before theft can be called a contained problem. Related Reading: Bitcoin ETFs Break 5-Month Streak With 2nd Consecutive Week Of Inflows Bybit’s own numbers offer a window into how much active work that requires. The exchange said its fraud systems flagged roughly 350 high-risk addresses and stopped around 8,000 users from falling into potential scams — all in a single quarter. Reports indicate that while large-scale protocol attacks appear to be easing, the rise in scams targeting everyday users signals that criminals are simply redirecting their efforts. Better smart contract audits and stronger on-chain monitoring may be closing one door. But as long as people can be deceived into approving the wrong transaction, another door stays open. Featured image from Trillium Mutual Insurance, chart from TradingView
As the crypto industry adopts AI-focused blockchain netowrk it is exposing itself to more security risks. IoTeX, a blockchain platform built for real-world AI, recently suffered a major security hack, resulting in nearly $8 million in losses. Here’s how the IoTeX $8 million hack happen & how the IoTeX team is responding to it. Are …
Arbitrum DAO has confirmed that its official X account has been compromised. The team warned users not to click on or interact with any posts or links from the hacked account. They are actively working to regain control. Importantly, the Arbitrum protocol and user funds remain completely safe, as the breach only affects the social …
Saga has paused its SagaEVM chain after a smart contract exploit drained nearly $7 million in assets, forcing the team to stop the chain at block height 6,593,800 while it investigates and fixes the issue. Attackers used a coordinated series of contract and cross‑chain actions to bridge funds out to Ethereum, and Saga is working …
A sophisticated social-engineering attack led to the theft of more than $282 million in BTC and LTC, with the funds rapidly laundered through monero.
The attack exploited a flaw in an older smart contract, allowing the attacker to buy TRU at no cost and sell it back to extract ether.
Kontigo reimbursed 1,005 users $340,905 after a breach, as CEO Jesus Castillo confirmed his own account was affected by the incident.
A hacker took control of a multi-signature wallet, stealing $27.3 million in crypto assets. The attacker recently withdrew 1,000 ETH (about $3.24 million) from Aave and laundered funds through Tornado Cash, with total deposits reaching 6,300 ETH (around $19.4 million). On-chain data shows the hacker still holds leveraged positions worth $9.75 million in ETH and …
Blockchain security firm SlowMist has raised the alarm over a new and highly convincing phishing campaign targeting MetaMask users. Unlike earlier scams that relied on obvious fake links or direct wallet drainers, this attack is more subtle. It exploits user trust by copying MetaMask’s two-factor authentication (2FA) flow, making the scam feel like a routine …
Ilya Lichtenstein, the hacker behind the 2016 Bitfinex bitcoin breach, has been released early from a U.S. federal prison. He walked free on January 2, 2026, after serving just under one year of his five-year sentence. Thanks to President Trump's First Step Act, I have been released from prison early. I remain committed to making …
A fresh on-chain alert has raised concerns across the crypto space after blockchain investigator ZachXBT reported a coordinated wallet-draining incident affecting hundreds of users across EVM-compatible networks. The warning, shared widely on X, highlights a pattern of small but persistent losses that together have already crossed $107,000 in stolen funds. What makes this incident stand …
A quiet crypto attack is draining wallets across EVM chains like Ethereum, BNB Chain, Base, and Arbitrum. Each victim is losing under $2,000, but total losses have crossed $107,000 so far. The stolen funds are being sent to one address: 0xAc2e5153170278e24667a580baEa056ad8Bf9bFB. On-chain analyst ZachXBT flagged the issue, noting repeated approvals and transfers. Experts advise users …
Blockchain security firm PeckShieldAlert reported a major hack involving Unleash Protocol, a decentralized platform built on Story Protocol, where an attacker drained around $3.9 million in user funds. Here’s how the hack happened. PeckShieldAlert report revealed. How the Unleash Protocol Hack Happened? According to PeckShieldAlert, the attacker targeted Unleash Protocol’s multi-signature governance system. By doing …
Blockchain sleuth ZachXBT exposed Haby (Havard), a Canadian from Abbotsford near Vancouver, who stole over $2 million from Coinbase users over a year by posing as support staff. He used social engineering for remote access, drained wallets like a $44,000 XRP theft and $237,000 Exodus balance, swapped to BTC via instant exchanges, and blew funds …