US DOJ Strike Force Freezes $701M in Crypto Linked to Scams
The US Department of Justice’s Scam Center Strike Force froze over $701 million in cryptocurrency tied to investment scams targeting Americans. The operation also seized a recruitment channel and disabled 503 fraudulent websites.
North Korean hackers suspected in $300M KelpDAO crypto heist
A sophisticated state-sponsored cybercrime group is suspected of stealing nearly $300 million in cryptocurrency from KelpDAO over the weekend. Two LayerZero blockchain servers were compromised, enabling a drain of Ethereum-linked tokens in the largest DeFi exploit of the year.
Arbitrum Security Council Freezes $71.1M ETH Linked to Kelp DAO Exploit
Arbitrum Security Council froze 30,766 ETH valued at $71.1 million following the Kelp DAO exploit. Funds were moved to an intermediary frozen wallet pending governance approval. Law enforcement guidance informed the emergency intervention.
DeFi Hacks Hit $606M in First 18 Days of April, Worst Since 2025
Crypto protocols lost over $606 million in exploits during the first 18 days of April 2026, making it the worst month for DeFi hacks since February 2025. Major losses at KelpDAO and Drift Protocol accounted for 95% of April’s total, exposing renewed security risks.
KelpDAO Bridge Hack Triggers $292M DeFi Crisis, Justin Sun Calls for Negotiation
A $292 million exploit of KelpDAO’s cross-chain bridge on April 18 drained 116,500 rsETH and triggered emergency freezes across multiple DeFi protocols. Aave faces over $236 million in bad debt. Tron founder Justin Sun publicly urged the hacker to negotiate a funds return.
April 2026 Records $606M in Crypto Hack Losses, Worst Since February 2025
Crypto protocols suffered $606.2 million in exploits during the first 18 days of April 2026, marking the worst monthly total since February 2025. KelpDAO and Drift Protocol accounted for 95% of April’s losses. Year-to-date hack losses reached $771.8 million.
Grinex Exchange Suspends Operations Following $13.74M Cyberattack
Grinex, a Kyrgyzstan-based crypto exchange sanctioned by the U.S. and U.K., halted trading and withdrawals after a $13.74 million hack on April 15. Blockchain analytics linked the operation to Western intelligence agencies, citing sophisticated tactics and geopolitical motives.
Polkadot bridge exploit mints 1B DOT tokens on Ethereum
A vulnerability in the Hyperbridge Polkadot–Ethereum bridge allowed attackers to mint one billion unauthorized DOT tokens on Ethereum and sell them within an hour, causing a temporary price drop of over 5%. The incident, first flagged by CertiK, did not affect the Polkadot relay chain but disrupted bridged DOT liquidity pools.
$45 Million in Crypto Fraud Mapped by Operation Atlantic
Operation Atlantic maps $45 million in crypto fraud losses, identifies over 20,000 victims, and freezes $12 million in proceeds across US, UK and Canada, in coordinated law enforcement crackdown.
Drift Protocol Suffers $285M Theft in Sophisticated Exploit
Drift Protocol experienced a $285 million theft via social engineering and a zero-timelock exploit, triggering rapid cross-chain transfers. The breach caused a 20 % token plunge and a 50 % collapse in total value locked. The incident highlights critical governance and security vulnerabilities in DeFi protocols.
Is North Korea behind the $286M Drift Protocol hack data shows
Blockchain analytics suggest DPRK-linked actors orchestrated the $286 million exploit of Solana-based Drift Protocol on April 1. Elliptic and TRM Labs identify on-chain patterns, Tornado Cash staging, and cross-chain bridging consistent with North Korean methods.
Solana DeFi Platform Drift Suffers $280M Hack
A $280 million exploit targeted Drift Protocol on Solana, suspending deposits and withdrawals and marking the largest DeFi breach of 2026 to date. The attacker leveraged a durable nonce vulnerability to bypass multisig governance and seize admin control. Blockchain forensics firm Elliptic attributes the exploit to DPRK-linked actors.
DeFi Platform Drift Halts Deposits and Withdrawals After Hack
Drift suspended deposits and withdrawals following confirmation of a security incident with hackers stealing between $136 million and $285 million in assets. If verified, the breach is the largest crypto theft of 2026 to date.
FBI Arrests Contractor’s Son in $46M U.S. Marshals Crypto Theft
Authorities arrested John Daghita in Saint Martin on March 6, 2026, for allegedly stealing $46 million in cryptocurrency from U.S. Marshals Service wallets. The joint FBI-French operation targeted unauthorized access to seized asset holdings.
Paradex Pricing Glitch Briefly Values Bitcoin at Zero, Causing Mass Liquidations and Chain Rollback
A technical error during scheduled maintenance on the Starknet-based DEX Paradex caused Bitcoin’s price to flash at $0, triggering widespread liquidations. The platform rolled back its chain state to a known good block, force-cancelling open orders and restoring pre-maintenance account balances. Recovery modes and withdrawal restrictions remained in place while the team continued assessment.
DeadLock Ransomware Exploits Polygon Smart Contracts to Evade Takedowns
Cybersecurity firm Group-IB warns that the DeadLock ransomware is leveraging Polygon smart contracts to rotate proxy server addresses, making its command-and-control infrastructure highly resilient. The on-chain technique allows attackers to update their proxy endpoints without centralized servers, complicating disruption efforts.
Jefferies Analyst Warns Quantum Computing Could Compromise Bitcoin Cryptography
Jefferies global head of equity strategy removed bitcoin from his long-term model portfolio, citing the existential risk posed by cryptographically relevant quantum computers. A ChainCode Labs report warns that a sufficiently powerful quantum machine could derive private keys from public keys in days, threatening up to 50% of circulating BTC.
Crypto.com reports $30 million breach in Bitcoin and Ethereum hack
Crypto.com disclosed a security breach resulting in unauthorized withdrawals totaling 4,836 ETH and 443.93 BTC, worth over $30 million, after attackers bypassed two-factor authentication. The exchange has reimbursed affected users and enhanced wallet security measures.
Tether freezes $182M USDT across five Tron wallets
Tether executed one of its largest single-day enforcement actions by immobilizing approximately $182 million in USDT across five wallet addresses on the Tron blockchain after receiving a formal law enforcement request. The freezes, ranging from $12 million to $50 million per address, underscore Tether’s compliance framework launched in December 2023 and its cooperation with global sanctions regimes.
Truebit Token Crashes 99% After $26M Ethereum Exploit
Truebit reported a smart-contract exploit that drained approximately 8,535 ETH (around $26 million), triggering a 99% collapse in its TRU token price. The team acknowledged the breach, confirmed contact with law enforcement, and warned users to avoid the compromised contract address.
Truebit Token Crashes 99% After $26M Exploit
The Truebit protocol suffered a security breach on January 8, 2026, allowing the attacker to drain 8,535 ETH (≈$26.6 million) via a mispriced mint function. The TRU token price plunged by over 99%, and the team has engaged law enforcement to mitigate losses.
Stablecoins Overtake Bitcoin in Dark Web Crime
Chainalysis data shows stablecoins represented 84% of the $154 billion illicit transaction volume in 2025. The shift displaced Bitcoin in dark web crime and empowered large-scale money laundering and state-sponsored evasion operations.
Ledger Faces Fresh Data Breach via Payment Processor Global-e
Hardware wallet maker Ledger confirmed a data exposure incident stemming from its payment partner Global-e. Customer names and contact details were accessed, though private keys and payment data remain secure. Affected users have been notified and advised to monitor for phishing.
$35 million cryptocurrency theft linked to LastPass data breach
Blockchain investigators traced a $35 million crypto theft from LastPass users to Russian cybercriminal infrastructure. Attackers converted stolen assets through mixing services before funneling funds to sanctioned Russian exchanges, revealing coordinated laundering phases over multiple years.
'Hundreds' of EVM wallets drained in mysterious attack
An attacker has drained small sums from hundreds of EVM‐compatible wallets across multiple chains in a wide‐scale exploit. On‐chain investigator ZachXBT linked the incident to the December Trust Wallet hack, warning users to revoke approvals and enhance security.
From Bybit to GMX: The 10 biggest crypto hacks of 2025
Crypto attackers siphoned an estimated $2.2 billion across the ten largest security breaches in 2025, including record thefts at Bybit, Cetus, Balancer V2, and more, highlighting persistent infrastructure risks.
Trust Wallet confirms $8.5M supply-chain hack via leaked Chrome API key
Trust Wallet confirmed that a malicious Chrome extension update caused a supply-chain hack with $8.5 million in stolen funds. Attackers used a leaked Google Chrome Web Store API key to push a compromised extension and exfiltrate mnemonic seed phrases.
Arrest made in $355M Coinbase insider extortion scheme
Coinbase reported the arrest of a former support agent in India tied to a $355 million insider extortion plot that targeted nearly 70,000 customers. Investigation highlights gaps in outsourced security controls and underscores regulatory scrutiny of exchange access workflows.
Flow Network Exploit Triggers Panic Selling, Plunges Price by 46%
An attacker exploited a vulnerability in Flow’s execution layer on Dec. 27, draining $3.9 million by routing funds through Celer, Debridge, Relay and Stargate bridges. Networks and exchanges froze exit paths, yet panic selling pushed FLOW down 46% to a new low before partial rebound.
Trust Wallet Browser Extension Breach Drains $7M From Users
Trust Wallet browser extension version 2.68 was compromised on December 26, 2025, resulting in unauthorized drains of approximately $7 million from hundreds of user wallets. Blockchain investigator ZachXBT and PeckShield identified the exploit, prompting an emergency update to version 2.69 and assurances of full compensation. The breach highlights persistent risks in browser-based wallets.
Trust Wallet Browser Extension Incident Drains Over $6M in Crypto
A supply-chain compromise of the Trust Wallet Chrome extension led to seed phrase imports being intercepted and user wallets drained of over $6 million across multiple blockchains, according to on-chain analysis and community reports. The issue centered on a malicious JavaScript payload in version 2.68 released December 24, which monitored imported seed phrases and transmitted them to an attacker-controlled domain before initiating immediate unauthorized transfers. Trust Wallet has acknowledged the incident, advising users to disable version 2.68 and upgrade to the patched 2.69 release.
North Korean Groups Account for $2.7B Crypto Hacks in 2025
Crypto hacks reached a record $2.7 billion in 2025, led by state-linked North Korean groups responsible for over $2 billion in thefts, including the $1.5 billion Bybit heist. Centralized exchanges and DeFi protocols both suffered high-impact breaches.
Polymarket Accounts Hacked via Third-Party Auth Vulnerability
Decentralized prediction market Polymarket reported user account breaches linked to a third-party authentication provider. Affected wallets, created via Magic Labs email login, suffered unauthorized fund transfers. Polymarket has patched the flaw and will notify impacted users.
Gnosis announces hard fork to recover funds from Balancer exploit
Gnosis Chain operators executed a hard fork to recover assets from a November Balancer exploit that siphoned about $116 million in crypto. The fork follows a prior soft fork and aims to enable affected users to reclaim lost funds.
North Korea-Linked Hackers Stole Over $2 Billion in Crypto in 2025
North Korean–linked hackers stole $2.02 billion in cryptocurrency in 2025 despite fewer overall attacks, driven by high-value breaches such as the $1.5 billion Bybit exploit and sophisticated laundering cycles targeting institutional assets.
Binance Co-CEO WeChat Account Compromised to Promote MUBARA Pump-and-Dump
Binance co-CEO Yi He’s official WeChat account was breached and leveraged to endorse the MUBARA memecoin in a coordinated pump-and-dump. On-chain analysis shows two newly created wallets purchased 21.16 M tokens with 19,479 USDT, later dumping 11.95 M for 43,520 USDT, netting a $55,000 profit while retail traders suffered losses.
Anthropic AI Agents Expose Smart Contract Security Flaws
Anthropic’s AI agents autonomously reconstructed 19 of 34 real smart contract exploits, extracting $4.6 million in simulated value at $1.22 per contract. Exploit automation now rivals traditional audits, necessitating continuous AI-driven adversarial testing in CI/CD pipelines.
Swiss and German authorities shut down cryptomixer.io in money laundering crackdown
Swiss and German law enforcement seized servers and domains of cryptomixer.io, confiscating over €25 million in bitcoin and 12 TB of data. The operation targeted one of the largest crypto tumblers used for illicit transfers.
European Cops Shut Down Cryptomixer Laundering Service
A coalition of law enforcement agencies coordinated by Europol seized the Cryptomixer platform and infrastructure, alleging it laundered over €1.3 billion in bitcoin since 2016. Authorities confiscated three servers, the domain cryptomixer.io and €25 million in bitcoin. The operation targeted ransomware and darknet operators using the service to obfuscate illicit funds.
Yearn Finance DeFi hack exploits yETH vulnerability draining $9M
A vulnerability in Yearn Finance’s legacy yETH token contract enabled an attacker to mint trillions of tokens and drain approximately $9 million from stableswap pools on November 30. The stolen ETH was laundered via Tornado Cash, while V2 and V3 Vaults remained unaffected.
Solana traders targeted by covert browser extension siphoning swap fees
A malicious Chrome extension named Crypto Copilot siphoned fees from Raydium swaps by appending hidden transfer instructions to transactions since June, remaining undetected until flagged by cybersecurity firm Socket.
South Korea suspects North Korea behind Upbit hack
South Korean authorities suspect North Korean Lazarus Group orchestrated an unauthorized withdrawal of 44.5 billion won from Upbit, triggering system inspections and forensic analysis linking the breach to a 2019 heist.
Balancer DAO Considers $8M Recovery Plan After $110M Exploit
Following a November 3 smart-contract exploit that drained $110 million from Balancer v2 vaults, Balancer DAO on November 27 began discussing a plan to distribute $8 million in recovered assets to affected liquidity providers. The proposal includes white-hat bounties and a pro-rata reimbursement mechanism.
Upbit Reports $36M Loss in Solana Hot-Wallet Breach
South Korea’s largest crypto exchange detected unauthorized transfers from its Solana hot wallet, resulting in a $36 million loss across multiple tokens. Remaining assets were moved to cold storage and on-chain freezes are in coordination. Upbit pledged full reimbursement from parent company funds to protect user balances.
Upbit Suspends Solana Token Withdrawals After $37M Irregular Activity
South Korea’s leading exchange halted deposits and withdrawals after detecting irregular Solana token transfers totaling about $37 million. The platform will cover all losses, froze assets worth roughly 12 billion won, and is collaborating with law enforcement. Withdrawal services will resume once security audits are complete.
Cardano Network Experiences Temporary Chain Split After AI-Script Exploit
A malformed transaction caused a brief divergence in the Cardano blockchain, as newer node versions accepted the malformed data while older nodes rejected it. The incident prompted an emergency patch and network-wide upgrade. Cardano’s co-founder described the event as a targeted attack by a disgruntled stake-pool operator.
Aerodrome Finance Suffers Front-End DNS Hijacking, Users Warned of Phishing Risk
Aerodrome Finance on Coinbase’s Base network was targeted by a front-end DNS hijack, redirecting users to phishing domains. Smart contracts remained secure; users urged to revoke approvals and use ENS mirrors to interact safely.
ICIJ Investigation Reveals Crypto’s Criminal ‘Coin Laundry’ Financial Network
The ICIJ investigation uncovered extensive crypto-backed money laundering networks operating through major exchanges such as Binance, Coinbase and Kraken. The probe involved over 100 journalists from 35 countries exposing flows tied to drug cartels, people trafficking and sanctioned entities. The series highlighted gaps in compliance and called for stronger cross-border regulatory cooperation.
Suspected $30M Manipulation Causes $4.9M Loss on Hyperliquid
A suspected $30 million market manipulation on Hyperliquid triggered $4.9 million in losses after a trader used $3 million USDC to create a fake buy wall, causing forced liquidations. The exchange paused its Arbitrum bridge to stabilize liquidity.
China Alleges U.S. Seizure of 127K BTC in 2020 Mining Pool Hack
China’s National Computer Virus Emergency Response Center (CVERC) claims that U.S. authorities seized 127,000 BTC stolen in a 2020 hack of a Chinese mining pool. The U.S. government disputes the accusation, maintaining that the action targeted criminal proceeds under law enforcement protocols.
$120M Balancer hack exploited rounding bug across chains
A rounding-error vulnerability in Balancer’s batch-swap logic was leveraged to siphon over $120 million, exploiting mismatches between token decimal handling. Affected chains froze funds and emergency hard forks were deployed to safeguard users.
Macro Headwinds and Balancer Hack Trigger Crypto Sell-Off
Global markets faced renewed selling on November 3 as US rate concerns and a $128.6 million exploit on the Balancer DeFi protocol prompted widespread liquidations. Bitcoin dipped below $108,000, and Ethereum fell to nearly three-month lows amid $1.16 billion in liquidations. Institutional outflows from Bitcoin and Ethereum ETFs compounded bearish momentum.
Crypto Hacks Plunge 85% in October to Lowest Losses of 2025
Crypto hack losses declined 85.7% in October 2025 to $18.18 million across 15 incidents, the lowest monthly total of the year. Garden Finance, Typus Finance, and Abracadabra accounted for most losses. Experts caution new attack vectors remain a risk.
T3 Financial Crime Unit, Backed by Tron, Tether, TRM Labs, Has Now Frozen $300M in Assets
The T3 Financial Crime Unit reported freezing $300 million in illicit funds within its first year. Formed by Tether, Tron and TRM Labs, the task force evolved into a global enforcement model, collaborating with law enforcement across five continents. The milestone underscores industry-led anti-crime capabilities.
XRP Investor Reports $3M Theft from Ellipal Cold Wallet
A long-time XRP holder discovered a $3 million loss after importing his hardware wallet seed into Ellipal’s mobile app, which converted it into a hot wallet. On-chain analyst ZackXBT traced the October 12 funds movement across multiple swaps and OTC venues. Ellipal attributes the breach to user error, warning against entering cold wallet seeds into internet-connected apps.
Singapore court approves WazirX recovery scheme for hack victims
Singapore’s High Court approved the WazirX restructuring plan, enabling customers to recover up to 55% of the $235 million stolen in the July 2024 hack. The scheme mandates fair distribution of recovered assets and oversight by the appointed scheme administrator. Approval marks a significant step in restitution for affected users and sets a precedent for crypto exchange insolvency proceedings.
Uphold research chief alleges targeted Binance margin exploit
Dr. Martin Hiesboeck of Uphold Research claimed the October 10–11 crypto crash was a targeted attack exploiting a flaw in Binance’s Unified Account margin system. The exploit allegedly used unstable collateral pricing for USDe, BNSOL and WBETH to trigger cascading liquidations. Binance has acknowledged dislocations and pledged compensations alongside risk control enhancements.
Ethena’s USDe Briefly Loses Peg During $19B Crypto Liquidation Cascade
Stablecoin USDe deviated from its $1 peg amid a $19 billion market liquidation wave, dropping to $0.996 before recovering within hours. Ethena Labs confirmed that mint and redeem functionality remained operational and collateral levels held above required thresholds.
PancakeSwap Chinese X account hack fails to dent CAKE gains, token jumps 16%
PancakeSwap’s Chinese-language X account was compromised, with attackers promoting a fake “Mr. Pancake” token amid a meme coin frenzy. Despite the breach, CAKE surged 16% to $4.52, reflecting strong trading momentum on BSC. The incident highlights escalating phishing threats across Binance Smart Chain channels.
Griffin AI Relaunches GAIN Token After $3M Bridge Exploit
Griffin AI resumed GAIN token trading on major exchanges after a September bridge exploit that minted 5 billion counterfeit tokens. A $2.5 million buyback fund was established to compensate legitimate holders and restore investor confidence.