Advertisement

Hacks

Attacker Mints 10 Billion TOP Tokens Through Governance Takeover, Drains $1.58M from Balancer Pool
Hacks

Attacker Mints 10 Billion TOP Tokens Through Governance Takeover, Drains $1.58M from Balancer Pool

An attacker exploited Token of Power's Aragon DAO on Tuesday to mint 10 billion TOP tokens via a malicious governance proposal, then swapped the supply for 944.2 WETH worth roughly $1.58 million.
Raydium Confirms $1.34M Drain on Deprecated AMM V3, Pledges Treasury Compensation
Hacks

Raydium Confirms $1.34M Drain on Deprecated AMM V3, Pledges Treasury Compensation

Raydium core contributor Infra confirmed Wednesday that an attacker drained ~$1.34M from the legacy AMM V3 program, a contract phased out in 2021. Current users were unaffected, the treasury will cover full compensation, and the root cause was a self-contained LP-mint validation flaw. PeckShield earlier traced the laundering across KuCoin, a Solana-to-Ethereum bridge, Tornado Cash and FixedFloat.
Humanity Protocol Traces $36M Hack to Single Malware-Infected Machine That Held Seven Keys
Hacks

Humanity Protocol Traces $36M Hack to Single Malware-Infected Machine That Held Seven Keys

A forensic report from Humanity Protocol found a single malware-infected developer machine held backups of seven private keys, giving an attacker full control over both its Ethereum and BNB Smart Chain infrastructure.
Humanity Protocol Loses $36M After Foundation Laptop Is Compromised, Token Drops Nearly 70%
Hacks

Humanity Protocol Loses $36M After Foundation Laptop Is Compromised, Token Drops Nearly 70%

An attacker compromised a Humanity Protocol foundation member's private keys, drained 17-plus Gnosis Safe wallets across Ethereum and BNB Chain, and minted 100 million additional H tokens on BSC. Total losses reach about $36 million. The H token fell nearly 70% on the day. On-chain investigator ZachXBT alleges the incident may have been staged.
Yuga Labs Executes White-Hat Rescue of 68 NFTs After Flooring Protocol Exploit
Hacks

Yuga Labs Executes White-Hat Rescue of 68 NFTs After Flooring Protocol Exploit

Yuga Labs used its GrailsOTC trading desk to pull 68 blue-chip NFTs valued at more than $500,000 out of vulnerable Flooring Protocol pools before attackers could drain them.
Old DxSale Lockers Drained for $7.3M Across 1,400 BNB Chain Pools as Owner-Privilege Exploits Pile Up
Hacks

Old DxSale Lockers Drained for $7.3M Across 1,400 BNB Chain Pools as Owner-Privilege Exploits Pile Up

A dormant launchpad contract from 2021 was emptied this week through a quiet ownership transfer and a one-wei fee reset — the latest in a string of BNB Chain drains that turn admin keys into the attack surface.
Kelp DAO Hacker Has Laundered Nearly All $220M in Unfrozen Funds, Closing the Recovery Window
Hacks

Kelp DAO Hacker Has Laundered Nearly All $220M in Unfrozen Funds, Closing the Recovery Window

On-chain traces show the DPRK-linked attacker behind April's $292 million bridge exploit has pushed the unfrozen ~$220 million through THORChain, Wasabi, Tornado Cash, and Umbra, leaving roughly $1.7 million still sitting in the original wallet.
V12 Says THORChain Silently Patched Its Critical Bug, Then Told Researchers the Bounty Is 'Permanently Retired'
Hacks

V12 Says THORChain Silently Patched Its Critical Bug, Then Told Researchers the Bounty Is 'Permanently Retired'

A security startup says it disclosed a fund-draining vulnerability to the cross-chain protocol weeks before a $10.7M exploit hit a near-identical flaw. Now it plans to publish exploit code for more.
Gnosis Pay Hit by 'Delay Module' Exploit as Gnosis Pledges to Cover User Losses
Hacks

Gnosis Pay Hit by 'Delay Module' Exploit as Gnosis Pledges to Cover User Losses

Co-founder Martin Köppelmann said the company will make all users whole after attackers exploited the smart-contract module that governs Gnosis Pay card accounts. No loss figure has been disclosed.
Alephium Bridge Loses $815K to Forged Guardian Messages, Not Stolen Keys
Hacks

Alephium Bridge Loses $815K to Forged Guardian Messages, Not Stolen Keys

Alephium's Wormhole-fork TokenBridge was drained on Ethereum and BNB Chain in roughly seven minutes after an off-chain backend flaw let fraudulent messages slip past its four-guardian network, the team said in a public correction.