Exploit

Phishing Scam Targets #Aave Users via #Google Ads After Protocol Surpasses $60B in Net Deposits
Aave’s Milestone Draws Unwanted Attention from Scammers
Aave, the decentralized liquidity protocol, recently celebrated a historic achievement — surpassing $60 billion in net deposits across 14 blockchain networks. However, the celebration was short-lived as a phishing campaign was launched against Aave users shortly after the announcement.

According to data from #Token Terminal, Aave's net deposits have more than tripled over the past year, growing from around $18 billion in August 2024 to over $60 billion by August 2025. This growth solidifies Aave's position as one of the most dominant decentralized finance (DeFi) protocols in the space.

#Scammers #Exploit Google Ads to Target Crypto Users
Just one day after Aave’s announcement, blockchain security firm PeckShield issued a warning about an ongoing phishing scam designed to exploit unsuspecting investors. The attackers have reportedly used Google Ads to promote malicious websites disguised as legitimate Aave platforms.

“We’ve identified several fraudulent ads leading to phishing websites impersonating $AAVE ,” PeckShield posted on X (formerly Twitter).

These ads direct users to fake Aave interfaces, where they are prompted to connect their cryptocurrency wallets. Once a user links their wallet, the scammers gain access to their funds, allowing them to initiate unauthorized transfers. In most cases, such transactions are irreversible and lead to permanent asset loss.

CrediX Disappears After a $4.5M Hit

Exit Scam or Collapse at #DEFİ ?

The CrediX team, a decentralized lender, has vanished after a $4.5 million exploit detected on August 4, leaving its X account inactive and its website offline, according to CertiK.

The attack involved a compromised admin wallet and the abuse of bridge roles, allowing the attacker to mint unbacked tokens and drain liquidity funds, transferring them from Sonic to Ethereum.

Although CrediX promised refunds within 24-48 hours and managed withdrawals via contracts, it has not returned nor offered a recovery plan, fueling suspicions of an exit scam.
#Hacker #exploit

Market Alert: $CETUS & $SUI Plunge Amid Major Exploit — $11M Drained from Cetus Protocol

Chaos strikes the Sui ecosystem as both $CETUS and SUI experience sharp crashes following a suspected exploit targeting the Cetus Protocol, the network’s flagship decentralized exchange (DEX) and liquidity provider.

What Just Happened?

Cetus, a critical pillar of the Sui DeFi landscape, was reportedly exploited in the past few hours.
Over $11 million in SUI tokens were allegedly siphoned from the SUI/USDC liquidity pool, triggering a liquidity crisis and widespread panic across the network.

Impact on $CETUS :
• Price collapsed from $0.2572 to $0.1465 — over -40% in minutes
• Mass exodus of liquidity providers and traders
• Confidence in the DEX’s integrity severely damaged

Impact on $SUI :
• Dropped from $4.20 to $3.65, a -15%+ decline
• Heavy sell pressure as users exit Sui-linked assets
• Volatility surges amid fears of broader systemic risk

Why This Matters:

In decentralized finance, trust in protocol security is everything. An exploit in a core DEX like Cetus ripples through the entire ecosystem. As many Sui-based projects rely on Cetus for trading and liquidity, this breach threatens to destabilize the broader network.

What to Watch:
• Official statement from the Cetus team confirming the breach and outlining next steps
• Emergency measures or compensation plans to stabilize affected pools
• Whether confidence and liquidity return — or continue to bleed out

Final Word:

This incident is a sobering reminder that security and audits are non-negotiable in DeFi. With uncertainty still swirling, both CETUS and SUI remain in high-risk territory.
Traders: stay alert, use tight risk controls, and monitor updates in real time.

#CryptoNews #Exploit #BinanceUpdate #MarketCrash

HTX and Poloniex assets are '100% safe', says Justin Sun after $200M hack

Cryptocurrency tycoon Justin Sun has said assets held on HTX and Poloniex are "100% safe" following last month's hack in which more than $200 million was siphoned from both exchanges.

Both exchanges have opened withdrawals for certain assets, although several altcoins remain blocked. Bitcoin (BTC) and Tron (TRX) are the two digital assets that could retire; This led to both tokens trading at a premium on Poloniex over the past few weeks, meaning users would have to take a haircut of up to 10% to liquidate their asset and withdraw another.

The withdrawal freeze came after hackers stole $114 million from Poloniex hot wallets on November 10; This was followed by the theft of $97 million from HTX and the Heco Chain blockchain protocol. “At this time, Poloniex and HTX have recovered from the attack and we are resuming tokens one by one,” investor Justin Sun told CoinDesk. at Poloniex and HTX advisor. “I think for HTX, we have already recovered 95% in terms of assets worth dollars. At Poloniex, we have recovered around 85% in terms of dollar asset value.”

“And also note that since we have already covered all token losses on the platform, on HTX and Poloniex, 100% of the assets are 100% safe,” Sun added. “Although in terms of the exchanges themselves, we basically need to make those profits in the future. But for clients’ assets, it is 100% safe.”

An HTX spokesperson told CoinDesk: “The recent exit represents a small fraction of our total reserves, and HTX remains in stable and healthy operation.”
#HTXExchange #PoloniexHack #hackers #exploit #BTC

BREAKING: $223M Exploit Hits Protocol (Sui) – DeFi Shaken 🚨
Date: June 4, 2025
Impact: One of the largest Sui ecosystem exploits to date.
🔴 What Happened?
A smart contract exploit targeting Cetus Protocol
Attackers drained ~$223M across $SUI , $USDC, and multiple tokens
Exploit stemmed from a combo of smart contract bugs — not just a single point of failure
📉 Market Fallout:
price plunged 40%
$SUI dropped between 7–14% depending on pair
CETUS
0.1362
+1.49%
Sui’s total DeFi TVL dropped by $330M almost instantly
⏸️ Protocol Response:
Cetus paused all activity for containment
Ongoing investigation with help from top security auditors
Funds tracking underway — attacker wallets flagged
🧠 Key Takeaways:
Smart contract security is still a critical weak point in emerging DeFi ecosystems
Even with new chains like Sui, vulnerabilities persist
Trust in Cetus and Sui’s DeFi layer has been severely dented — recovery may take time
🔍 What to Watch Next:
Will Cetus offer refunds or grants for victims?
How Sui Foundation responds (audit funding, new dev standards?)
Reentry opportunities for or post-panic?
📌 Caution: If you're exposed to Sui-based DeFi — review all positions, revoke contract permissions, and stay alert for phishing follow-ups.
#CETUS #SUI #DeFiHack#CryptoSecurity #smartcontracts. #TVL #Exploit #Web3Risk
$CETUS
$SUI

During tough market situations, especially the rising competition between perp decentralized exchanges, $GMX is still the safest option to trade perp in decentralized and secure manner with organic trading volumes and risk managed liquidity pools.

Also, it's one of the most profitable protocols with high cash flow and real yield to their token holders.

With upcoming multichain and $BTC L2 expansion aligned with a huge Arbitrum market share and $SOL new platform, GMX will be the king of perp dexs.

#StaySafeInTheCryptoWorld
#InvestSmart
#TradeWisely

#HackerAlert
#exploit

#ETHMarketWatch
eth Breakout news today......
🙏🙏🙏🙏.......
1.5 years experience in crypto market,#exploit
$GALA
$RONIN

⚡️ KyberSwap exchange losses $47M in possible liquidity providers exploit

KyberSwap appears to have suffered a $47M exploit of its Elastic Pools liquidity solution. The funds included $20.7M on Arbitrum, $15M on Optimism, $7M on Ethereum, $3M on Polygon, and $2M on Base. A large portion of the funds are denominated in various forms of ether, such as wrapped tokens and liquid staking tokens.

$KNC #KNC #KyberSwap #exploit $MATIC $ARB #ARB #MATIC🔥🔥

North Korea was responsible for more than $600 million in cryptocurrency thefts last year

US national security officials have expressed concern over North Korea's use of stolen cryptocurrencies to develop nuclear weapons.

North Korea-affiliated hackers were involved in a third of all cryptocurrency exploits and thefts last year, making off with some $600 million in funds, according to a report from TRM Labs.

The sum brings the Democratic People's Republic of Korea's (DPRK) total crypto project haul to nearly $3 billion over the past six years, the blockchain analytics firm said on Friday.

Still, the figure is about 30% lower than in 2022, TRM head of legal and government affairs Ari Redbord said. That year, DPRK-affiliated actors made off with around $850 million, "a large chunk" of which came from the Ronin Bridge exploit, Redbord told CoinDesk in an interview. In 2023, most of the stolen funds were stolen in recent months; TRM attributed around $200 million in stolen funds to North Korea in August 2023.

“They are clearly attacking the crypto ecosystem at unprecedented speed and scale and continue to take advantage of some sort of weak cyber controls,” he said.

Many of the attacks continue to use so-called social engineering, which allows perpetrators to acquire private keys for projects, he said.

Overall, the amount stolen in hacks in 2023 was about half that of the previous year: $1.7 billion compared to $4 billion.
Redbord attributed the decline to several factors.

There were fewer major attacks like the 2022 Ronin theft and other factors include successful law enforcement actions, better cybersecurity controls and, to some extent, price volatility over the past year.
#HackerAlert #hackers #BTC #exploit #Hacker

🚨🕵️🚨#NOW🚨🕵️🚨

Sushi CTO Matthew Lilley reports that "damage appears to be limited across the board thanks to a bit of luck and coincidence in discovering it early."

At the same time, he pointed out that "sushicom is safe."

It warns that it advises against "using other dApps until the teams have confirmed that the same is true for theirs."
#exploit #Ledger #sushi #HackerAlert #hackers

🛑🛑Breaking news: Exploit alert

Radiant Capital exploited, resulting in a loss of 💲4.4 million, 1902 $ETH ETH.

$RDNT #Scam #exploit #RadiantCapital

Please follow the account
Please, it is not a command, follow the account 😘

#متابعه_وإعجاب #مكافأة
#Follow_Like_Comment
#exploit #like_comment_follow

📌Be careful when using #Ledger

A bookstore that is used by many #DApps which is maintained by Ledger, has been compromised and a "wallet drain" has been placed.

Users are being asked not to interact with any dapp frontend for now.

How does it work?
If you visit a dapp website, #exploit will not be activated immediately to steal your funds. What happens is that messages will appear from the browser's wallet, such as Metamask, that if you give permission, your assets will be handed over to malicious actors.

Ledger is currently aware of this exploit and they are working on it until they can find a solution. Caution is requested for the moment.

✏️Do you want to continue learning about the crypto world?
Share and follow me for more 👈😎

⚡️ Top 10 Crypto Protocols Exploits in November

During November 2023, the crypto industry saw a loss of $343M across the web3 ecosystem. According to Immunefi's report, $335.5M was lost to hacks across 18 specific incidents, and $7.46M was lost to fraud across 23 specific incidents. Let's analyze the largest losses of the month!

#exploit #hack #hacks $KNC $HT $DYDX $RAFT $XCN #dydx #KNC

The #Bedrock liquid restaking protocol has suffered an #exploit resulting in a $2 million loss. The exploit was discovered in the protocol's smart contract code, leading to unauthorized withdrawals.
The Bedrock team is currently investigating the situation and has taken steps to prevent further losses by pausing the protocol.
#Binance #restaking #TrendingTopic

$USDC Why businesses choose USDC
USDC works seamlessly across applications and platforms around the globe, using blockchain 
infrastructure that’s faster, less expensive, and more customizable than legacy rails. #$USDC #TrendingTopic #earnpoints #exploit #USDC✅

🚨 SECURITY ALERT 🚨 GMX.IO suffers million-dollar exploit
According to reports from PeckShield, the GMX.IO platform has fallen victim to a significant exploit, resulting in an estimated loss of ~$42 million dollars.
The exploiter has already bridged approximately ~$9.6 million dollars in crypto assets to the Ethereum network.
This incident serves as a crucial reminder of the inherent risks in the DeFi ecosystem. It is always essential to:
* Conduct thorough research before interacting with any protocol.
* Diversify your assets and not leave large sums in one place.
* Stay informed about the latest security news.
We will be monitoring the situation and sharing more updates if new relevant information arises. Your asset security is our top priority!
#GMX #GMXIO #Exploit #DeFi #Ethereum $GMX

Via @Michaeltalkhere ($BPET dev team lead ) on X regarding the #PvP contract #exploit

As announced, I would like to disclose the details of the exploit and how did we get the money back.
Firsly, the reason of the exploit was there was a bug in ‘request swap from #POTION to #BPET ’ functionality that makes the exploiter be able to withdraw excessive amounts of $BPET tokens from the PvP contract after staking their own tokens.
Below are some noticeable withdrawing transactions the exploiter made.
(https://arbiscan.io/tx/0x058b8808e721f68c01c62ad70687f38f39d749bfc9d0e8f6be839c3af603dec6)
(https://arbiscan.io/tx/0x1ad1f7536e2d91cc5aeef6e29f948ee73fa760a482b0455ca78adade83c4ef53)
(https://arbiscan.io/tx/0x500713e7c025d5ab71e2446069a46a60009ef8060d2537bc4b29296c6f76f9d7)

Right after becoming fully aware of the exploit, we did 2 things

- Checked out to see if the exploiter’s addresses can be mapped with any Twitter profiles of any xPet users (and we found the user mapping with one of the exploiter addresses)

- Reached out to all partners in our network who can pour in the helps. They were explorer sites, centralized exchanges, privacy mixers, offramp tools, and security firms.

To be specific, #Etherscan team helped us to tag all 4 addresses related to the exploiter on Ethereum on Arbiscan as ‘xPet exploiter’. Thanks for that, the exploiter addresses were visibly exposed to and closely-watched by the public. All the centralized exchange, privacy mixer, and offramp tool teams helped to take close notice In case any of the exploiting address would have interactions with centralized exchange Hot wallets, privacy mixer contracts, or offramp tool depositing addresses. The security firms has helped us follow all, even smallest, onchain traces from the exploiter

In short, we had the combined efforts from multiple parties to closely monitoring the exploiter's movements and ensure that exploiter doesn’t have any chance to get the stolen funds mixed or obscured.