hackeralert

During the holiday season, a large-scale attack targeted hundreds of cryptocurrency wallets across Ethereum Virtual Machine (EVM) compatible networks such as Ethereum, BNB Chain, Polygon, Avalanche, and Arbitrum. Blockchain security investigator ZachXBT reported a series of thefts in which small amounts of funds — typically under $2,000 per wallet — were stolen, but the total loss has already surpassed $107,000.

Gradual, Yet Sophisticated Exploit
Instead of massive single hits, the attacker used a low-key method by draining small amounts from many wallets. According to on-chain data, these coordinated thefts began in late December, but the exact method remains unclear. All funds were funneled to the address starting with 0xAc2e…ad8Bf9bFB.

Where the Funds Ended Up
Blockchain tracking tools reveal the attacker has accumulated assets across more than 20 different blockchains. Most of the funds were stolen from Ethereum — approximately $54,655, making up 51% of the total. BNB Chain followed with $25,545, then Base ($8,688), Arbitrum ($6,273), Polygon ($3,498), Optimism ($1,480), Zora ($994), Linea ($909), and Avalanche ($386).

Suspected Phishing via Fake MetaMask Emails & Trust Wallet Exploit
Some crypto users speculated that phishing emails mimicking MetaMask were used to trick investors into handing over their seed phrases.
However, an in-depth analysis by Nansen pointed to a supply chain attack targeting Trust Wallet’s Chrome extension (v2.68). This incident began on December 24, when a malicious update was released, allowing attackers to steal wallet recovery phrases.

Compromised GitHub Access and Backdoored Extension
Trust Wallet later confirmed that the attacker gained access to its source code and Chrome Web Store API keys via leaked developer data on GitHub. This allowed them to upload a malicious version of the extension without going through the company’s approval process. A fake domain, metrics-trustwallet[.]com, was also registered to distribute the backdoored extension capable of exfiltrating mnemonic phrases.
About 1 million users of the Trust Wallet Chrome extension were later prompted to update to version 2.69 after the compromised update went live.

Shai-Hulud 3.0: A More Sophisticated Malware Version
Researchers at Upwind described the malware as a stealthier evolution called “Shai-Hulud 3.0,” featuring enhanced string obfuscation, improved error handling, and Windows compatibility. Its goal wasn’t new attack techniques, but rather to prolong the campaign's lifespan undetected.

Expected Token Movements: Tornado Cash, THORChain & Others
Stolen tokens are expected to be laundered via platforms such as Tornado Cash, Railgun, THORChain, Debridge, eXch, and other OTC/mixing services to hide the origin of the assets.

Christmas 2025: A Record Season for Crypto Scams
This holiday season marked an all-time high in cybercrime targeting crypto users. In early December, the FBI’s Internet Crime Complaint Center warned Americans about scam and phishing emails, estimating more than $785 million in losses due to holiday-related non-payment and non-delivery scams — with another $199 million lost to credit card fraud.

A Year of Record-Breaking Crypto Heists
2025 is now the worst year on record for crypto theft. According to Chainalysis and TRM Labs, cybercriminals stole $2.7 billion worth of crypto — the highest annual total to date. The biggest heist was the $1.4 billion exploit on Dubai-based exchange Bybit.
That incident surpassed previous notorious hacks like the $624 million Ronin bridge breach and $611 million Poly Network hack in 2022.

North Korea Behind Most of the Thefts
Analysts say state-sponsored North Korean groups were behind the majority of 2025’s thefts, allegedly stealing over $2 billion this year alone. Since 2017, these groups are estimated to have stolen nearly $6 billion in crypto, reportedly used to fund North Korea’s sanctioned nuclear weapons program.

#Cryptoscam , #CryptoSecurity , #HackerAlert , #CryptoNews , #Ethereum

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Crypto hacks surge over 130% in Q1 2025
Raj Gokal, co-founder of the Solana blockchain, has become the target of a serious cyberattack. Hackers published his personal identification documents on the compromised Instagram account of rapper Migos. The leak appears to be tied to an unsuccessful extortion attempt — reportedly demanding over $4.3 million.

🔐 Extortion Message: “You Should Have Paid the 40 BTC”
Circulating online are photos of Gokal and his wife, alongside their IDs and passports — resembling typical KYC (Know Your Customer) data used on regulated crypto platforms.
The sensitive documents were shared on the official Instagram page of rapper Migos, which was apparently hacked as well. A caption under one of the posts read: “You should have paid the 40 BTC” — a statement that led many to speculate the leak followed a failed ransom attempt.
At current Bitcoin prices, that would equate to a ransom demand of over $4.3 million. Instagram has since removed the post.

🧠 Social Engineering Suspected
Renowned Web3 investigator ZachXBT believes the attack was a result of social engineering — where cybercriminals tricked their way into accessing Gokal’s personal accounts and data.
“Raj’s accounts were likely compromised and used in an extortion attempt. Since he didn’t pay, the attackers trolled him by leaking the data through Migos’ Instagram,” said ZachXBT.

Interestingly, a week before the incident, Gokal had already warned his followers on X that someone was trying to access his email and social media accounts.

📈 Crypto Hacks in 2025: A Dangerous Spike
This attack is just one in a wave of escalating crypto hacks in 2025.
🔹 Q1 2025: According to security firm PeckShield, there were over 60 major hacking incidents, resulting in $1.63 billion in losses — a 131% increase from $706 million in Q1 2024.
🔹 The largest breach targeted Bybit, while Q2 saw the Cetus Protocol on the Sui network lose over $223 million.
🔹 Following the Coinbase data breach confirmed on May 15, reported compensation claims could exceed $400 million — further highlighting that DeFi and centralized platforms remain prime targets.

⚠️ A Call for Caution
With the rising number of cyberattacks, the need for increased vigilance is critical — especially when dealing with unknown links or individuals posing as support staff from crypto exchanges.

#solana , #CryptoHack , #HackerAlert , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Hackers Exploited the Account to Promote Fraudulent Tokens
The @TrumpDailyPosts account on the X platform (formerly Twitter) has been hacked and is being misused to spread fake meme coin addresses. The compromised account continues to actively promote several fraudulent tokens, including a fake token named $POWER.
According to Scam Sniffer, a Web3 platform focused on combating scams, the hackers not only post but also quickly delete content related to these fraudulent schemes. Users are advised to verify the credibility of any investment promises, especially those originating from compromised accounts.

Connection to Other Organized Scams
Investigations revealed that the gas source used to create the fake $POWER token address was linked to the same platform involved in a recent hack of the Farcaster account, owned by a MetaMask co-founder.
During that incident, hackers promoted fraudulent meme coins and were accused of generating over 1,000 SOL (Solana). These activities point to a well-organized cybercriminal gang targeting prominent crypto figures and organizations.
Social Media as an Emerging Tool for Fraud
A troubling trend in the crypto space is the increasing use of social media accounts to promote fraudulent tokens. Hackers exploit high-profile accounts to create an illusion of trustworthiness and maximize their financial gains.
The hacking of @TrumpDailyPosts is yet another example of how cybercriminals are adapting their methods. By leveraging fraudulent meme coins and social media, they are creating new ways to deceive investors and extract illicit profits.
How to Protect Yourself From These Scams
Given these trends, it is crucial for both users and platforms to pay closer attention to identifying fraudulent activities. Users should exercise extreme caution when considering any investment opportunities, especially involving meme coins or less-known tokens.
Safety should always take precedence over the promise of profit. Verify sources, thoroughly check addresses, and avoid suspicious projects promising unrealistic returns. The crypto space offers numerous opportunities but also comes with heightened risks that require vigilance and proactive measures.

#CryptoNewss , #blockchain , #CryptoScamAlert , #cryptohacks , #HackerAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

On Wednesday night, a mysterious message appeared on the Ethereum blockchain — a direct mockery aimed at one of the most prominent crypto investigators. The sender? A hacker linked to the recent massive data breach at Coinbase, which compromised the accounts of over 69,000 users and may cost the exchange hundreds of millions of dollars.
The taunt, simply reading "L bozo", was embedded in a transaction and meant to ridicule the investigator. The hacker even included a link to a viral meme video featuring NBA Hall of Famer James Worthy smoking a cigar, escalating the provocation.

💰 $44.9 Million Laundered Through THORChain
But the trolling wasn’t all. On Tuesday, the attacker began liquidating stolen assets, converting 17,800 ETH into DAI stablecoins — worth roughly $44.9 million — using THORChain, a decentralized cross-chain trading protocol.
📉 The swaps occurred at an average ETH price of $2,528.

💼 One major swap involved 9,080 ETH for $22.8 million in DAI.
Using THORChain allowed the hacker to bypass centralized exchanges, complicating tracking efforts and signaling a new level of sophistication in crypto laundering tactics.

🔓 What Happened at Coinbase?
Coinbase confirmed that the breach took place in December 2024, but it wasn’t disclosed publicly until May 2025. The hackers gained access to sensitive personal data of around 69,000 users.
Soon after, they allegedly demanded $20 million in Bitcoin as ransom, threatening to leak the stolen data on the dark web. Coinbase refused to pay and instead offered the same amount as a reward for information leading to the attackers.

📉 Financial Fallout: Coinbase in Crisis
The breach has severely damaged Coinbase’s reputation. On Wednesday, its stock (COIN) closed down 0.92% at $258.97, continuing a 36% monthly decline.
Security experts claim the exchange ignored prior warnings of suspicious activity as early as December, a failure that now haunts its image and user trust.

🛡️ Binance and Kraken Also Targeted
Coinbase wasn’t the only target. Binance and Kraken also faced recent social engineering attempts, where attackers posed as users and tried to bribe support agents.
Binance’s AI systems successfully flagged and blocked the suspicious messages. Kraken reported no customer data losses either, thanks to strong internal protocols.

🔚 A Glimpse Into the Future of Crypto Crime?
This case is more than a breach — it's a bold show of power by a cybercriminal who’s fluent in DeFi and unafraid to mock those chasing him. With advanced laundering tactics and an open taunt of blockchain sleuths, we may be witnessing the next evolution in crypto-based crime.
Coinbase may recover financially — but the reputational scars will be harder to erase.

#HackerAlert , #CryptoSecurity , #CryptoCrime , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

🔔 MARKET MOVING NEWS! (25/12/24)

1️⃣ Russia Imposes 6-Year Ban on Crypto Mining in 10 Regions, Citing Energy Use ⛏
#RussiaCrypto
According to local media reports, the Russian government has imposed a six-year ban on crypto mining in 10 regions due to the industry's high power consumption. The ban takes effect on Jan. 1 2025 and ends on March 15, 2031. It includes seasonal restrictions in key cryptocurrency mining regions to prevent energy blackouts. The restrictions align with Russia’s cryptocurrency mining laws signed by the president in August and October 2024.

2️⃣ Hacker Breaches 15 X Accounts, Nets $500K Boosting Bogus Memecoins: ZachXBT ❓
#HackerAlert
According to the onchain sleuth ZachXBT, over $500,000 in funds stolen via memecoin phishing scams were connected to one threat actor. He reported that the perpetrator tricked X users into handing them control over their accounts by impersonating the X team and issuing fake copyright infringement notices. ZachXBT claims that over 15 X accounts were compromised this way, including those belonging to Kick, Cursor, The Arena, Brett and Alex Blania. Many of these X accounts have large audiences, with well over 200,000 followers who are mainly memecoin enthusiasts looking to catch the next hot tip.

3️⃣ Montenegro Court Rejects Do Kwon’s Extradition Appeal ▶️
#Montenegro
Montenegro’s Constitutional Court has reportedly dismissed Terraform Labs co-founder Do Kwon’s extradition appeal. The court cited legal inconsistencies in Kwon’s appeal, effectively upholding an earlier ruling favouring his extradition. This decision is significant as the international extradition case will potentially set a precedent for cross-border accountability in crypto.

4️⃣ Over 30% Of South Koreans Invest In Crypto Assets 🔍
#SouthKoreaCrypto
According to the South Korean media outlet Yonhap News, the number of crypto users in the country increased by 610,000 in November after Donald Trump won the United States presidential election. Representative Lim Kwang-Hyun of the Democratic Party of Korea shared data showing that digital asset investors in the country at the end of November totalled 15.6 million. Notably, with a population of 51.7 million, this means that over 30% of its citizens are crypto holders. Yonhap said the data was collected and released following the country’s new regulations on crypto exchanges. This is also the first time statistical data related to crypto has been released in the country.

5️⃣ Little-Known Canadian Crypto Firm Matador Adds Bitcoin To Its Books 💸
#MatadorTechnologies
Canadian real-world asset tokenisation firm Matador Technologies has reportedly become the latest company to incorporate BTC in its treasury. The firm's board of directors unanimously approved adding Bitcoin and “USD-denominated assets” to its balance sheet as part of its “long-term capital preservation strategy.” The firm is also planning to convert the majority of its cash balance sheet from Canadian dollars to US dollars.

Sunny Ray, president of Matador, stated,

Matador’s Board and management believe in using Bitcoin to future-proof our treasury. This step also supports our mission to explore using Bitcoin as a platform for our gold-based products.