HackerAlert

It has been reported that the fate of approximately $500,000 worth of investor funds was put at risk after the Layer-2 network Re.al suddenly stopped working.
Researcher Luca Donno, who stated that blockchain production stopped on Friday, announced that the network became dysfunctional due to the inactivity of the platform's data availability committee (DAC).
Donno, who works on the L2Beat research platform, drew attention to a potential security vulnerability in his post on X, saying, “With the current state of the network, a malicious person can steal all the funds by making changes to the system, and there is no way to prevent this.”
The Data Availability Committee (DAC) is a structure that whitelists certain addresses and is responsible for sharing off-chain data in the Re.al project. However, when this structure is not working, the network loses its vitality and transactions come to a halt.

Donno’s warning isn’t just a problem specific to Re.al; it also highlights a larger vulnerability facing the decentralized finance (DeFi) world. According to DefiLlama data, the total amount of funds stolen in crypto attacks in 2025 exceeded $2 billion, a 50% increase compared to the entire year of 2024.
Re.al was developed by the Tangible team behind the USDR stablecoin project, which collapsed in 2023 due to its inability to manage its treasury. USDR lost 50% of its dollar peg, and investors suffered serious losses. After this failure, the team turned to the Re.al project, aiming to tokenize physical assets.
Launched in 2024, Re.al, a platform that tokenizes real estate assets, quickly raised up to $18 million in investment. However, the total asset value tied to the project has now fallen below $500,000.
Donno noted that users can attempt to withdraw funds via the Ethereum network, but this process will take 12 days. During this time, a malicious actor could steal existing funds by making a malicious update to the system, as the off-chain data that is required to be provided by the DAC is missing from the network, leaving transactions vulnerable.
#Hacker #HackerAlert #HackerNews

Security experts at Kaspersky are warning about a newly discovered threat targeting crypto users. A new strain of malware has emerged that steals screenshots containing wallet seed phrases, the crucial keys to accessing crypto funds.

📲 Malware Disguised as Legitimate Apps
Attackers are spreading the malware through apps that look trustworthy — ranging from modified TikTok versions to crypto trackers, gambling tools, and adult content platforms. Some of the fake apps, such as Soex Wallet Tracker and Coin Wallet Pro, even managed to sneak into Google Play and Apple’s App Store, being downloaded by thousands of unsuspecting users.
Often, these apps trick users into installing a special developer profile, which allows them to bypass regular phone security checks. Once installed, the app quietly requests access to the phone’s photo gallery and uses optical character recognition (OCR) to scan for seed phrases in screenshots. If detected, this sensitive data is silently sent to the attacker.

🎯 Target Region: Southeast Asia — But the Threat Is Global
The malware, named SparkKitty, primarily targets users in Southeast Asia and China. It appears to be a successor to SparkCat, another campaign discovered in early 2024. In both cases, the malware shows a strong focus on accessing crypto wallets by capturing recovery phrases.
The malicious apps were actively promoted via social media ads and Telegram channels. For example, Soex Wallet Tracker was downloaded over 5,000 times from Google Play before being taken down.

🧪 Kaspersky Acted Quickly — But the Risk Remains
After being alerted by Kaspersky, both Apple and Google removed the malicious apps from their stores. However, researchers say the campaign has likely been active since April 2024, with traces dating back even further. This means similar malware could reappear, using the same methods but under new names.

#CryptoSecurity , #CyberSecurity , #HackerAlert , #HackerNews , #StaySafe

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Binance founder Changpeng Zhao is sounding the alarm on rising crypto threats following the high-profile hacks of Cointelegraph and CoinMarketCap.
The crypto industry is on high alert after two major websites, CoinMarketCap and Cointelegraph, fell victim to hackers.
In response to these incidents, Binance founder Changpeng Zhao has issued a warning, urging users to be careful with wallet connections.
Changpeng Zhao warns users against the rise of crypto-hacks.
In a recent X post, Binance founder Changpeng Zhao expressed concern over the growing number of crypto hacks.
As an example of the growing threat, CZ highlighted recent breaches of prominent crypto websites such as CoinMarketCap and Cointelegraph. He warned users to be careful when connecting wallets. His post read,
2 days ago CMC, now CT. Hackers are targeting information web sites now. Be careful when authorizing wallet connect.

Recently, Web3 security company CertiK indicated that attackers are turning their attention to targeting users through social engineering schemes exploiting smart contract vulnerabilities. In May,
Coinbase was targeted in a security breach, where hackers stole sensitive information of major clients.
According to CertiK, there has been a significant increase in cryptohacks powered by wallet compromises.
This change is reflected in significant losses in 2025. This year, hackers have stolen more than $2.1 billion, largely due to wallet compromises and phishing attacks.

Ronghui Gu, Co-Founder of CertiK said,
Attackers always target the weakest point…Smart contracts or blockchain code itself was the weakest point, but now the attackers feel like the weakest points may come from human behavior rather than the code.

Whatever happened to CoinMarketCap and Cointelegraph?
Notably, Changpeng Zhao's warning comes in response to recent breaches of CoinMarketCap and Cointelegraph.
CoinMarketCap hack
CoinMarketCap suffered a security breach, where hackers exploited a vulnerability on the platform. While the hacked platform displayed a malicious pop-up notification attempting to trick users into verifying their crypto wallets, CoinMarketCap quickly removed the code.
Changpeng Zhao revealed that CoinMarketCap reported 39 victims with a combined loss of $18,570 based on initial on-chain analysis, and that the platform has committed to cover all losses.
Cointelegraph Hack
Crypto news outlet Cointelegraph confirmed that its website was hacked into a front-end exploit, which promoted a fake token airdrop and targeted user funds.
The media platform acknowledged the “fraudulent pop-ups” and said it was actively working on a fix. "Do not click on these pop-ups, connect your wallet [or] enter any personal information," the platform warned.
Notably, the fake pop-up notification tricked users into a cheap scam. They claimed that users have been selected to be given tokens as part of the platform's 'fair launch initiative'.
It falsely displayed the value of tokens, promised users that they would get about $5,500 worth of tokens if they linked their wallets, and even falsified CertiK's audit approval. This tactic mirrors a similar attack on CoinMarketCap that occurred just two days ago.
#Cointelegraph #CoinMarketCap #HackerAlert #Binance #ChangpengZhao

🚨
Aflac, one of the largest insurance companies in the U.S., confirmed on Friday that a cyberattack compromised sensitive customer data, including Social Security numbers. The breach, which occurred on June 12, 2025, was the result of a social engineering attack by a "sophisticated cybercrime group," according to the company.

⚠️ What Happened?

Aflac detected suspicious activity within its U.S. network and quickly activated its cybersecurity protocols. While no ransomware was deployed, an unauthorized individual gained access through deceptive manipulation of internal systems.

“We regret that this incident occurred. We are committed to transparency and will continue to update our stakeholders,” Aflac said in a press release.

🧠 Who’s Behind It?

While Aflac has not officially identified the attackers, cybersecurity analysts believe the group Scattered Spider may be involved. Known for high-profile attacks on MGM Resorts and Caesars Entertainment, the group uses fake IT support websites to trick employees into giving access.

“They move fast. Their attacks can unfold within hours,” said former FBI cyber official Cynthia Kaiser, now with cybersecurity firm Halcyon.

📉 Industry-Wide Pattern

This breach follows similar incidents at Erie Insurance and Philadelphia Insurance Companies earlier this month. Experts suggest that the attacks may be part of a wider campaign targeting the insurance sector.

Despite the breach, Aflac says its core operations remain unaffected, and it is continuing normal service, including underwriting policies and processing claims.

🛡 What Data Was Stolen?

Aflac confirmed that the breach may have exposed:

Personal and health informationClaims-related documentsSocial Security numbersEmployee and agent records

The company is offering free credit monitoring, identity theft protection, and Medical Shield coverage for two years to affected individuals.

🔍 What's Next?

Aflac has brought in top-tier cybersecurity experts to investigate and secure its systems. They pledged full transparency and ongoing updates as the investigation continues. #HackerAlert #CryptoClause #security

CoinMarketCap has reportedly identified and removed a malicious code that targeted users to withdraw their crypto wallets.
CoinMarketCap users were recently targeted by scammers who took advantage of a vulnerability on the popular crypto price tracking website.
According to the latest reports, the platform has swiftly removed a malicious pop-up from its website and is conducting a thorough investigation into the incident.
CoinMarketCap Removes Malicious Code After Security Hack
In an earlier warning, CoinMarketCap warned its users about a malicious pop-up notification that tried to trick them into verifying their crypto wallets. "
We are aware that a malicious pop-up prompting users to "Verify Wallet" appeared on our site. Do not connect your wallet," the platform wrote in an X post.
In a subsequent post, CoinMarketCap confirmed that they had identified and removed the malicious code. The update was provided within three hours of the platform's public acknowledgment of the malicious notification. read the message,
Update: We’ve identified and removed the malicious code from our site. Our team is continuing to investigate and taking steps to strengthen our security.

According to Coinspect Security, the backend API of CoinMarketCap, a blockchain security firm, was compromised, serving manipulation of JSON payloads that injected malicious JavaScript through its 'Doodles' feature. The firm quoted, “Yes, the CoinMarketCap drainer is filled with a “doodle” JSON file.
It is noteworthy that this incident comes after another high-profile hack that resulted in the loss of at least $100 million in crypto.
Reported, Iranian exchange Nobitex was breached by Israeli attackers as part of the Iran-Israel war.
Last month, prominent crypto exchange Coinbase also suffered a security breach. Earlier, Crypto Price Tracker was hacked in October 2021. As a result, approximately 3.1 million email addresses of CoinMarketCap users were compromised.
Users and platforms sound the alarm.
The CoinMarketCap hack was initially discovered by community members and platforms such as MetaMask and Phantom. A user named JetOnX shared a post, citing, "Both Metamask and Phantom have red flagged this!"

While Metamask provided a warning that the website appeared to be malicious, Phantom revealed, "coinmarket.com is blocked." Both platforms consider CoinMarketCap "unsafe" to use at this time.

Meanwhile, many users on X suspect that the pop-up was a phishing attempt, a common crypto scam where hackers trick victims into revealing personal data or private keys.
Crypto sleuth Jameson Lopp shed light on the security issue, adding that hackers intend to wipe out users' crypto wallets.
Another user, Uri, reported that the notification prompted users to link their wallets and subsequently request approval for ERC-20 tokens. Other users have also warned against the CoinMarketCap hack, warning, "Do not verify wallet."

#CoinMarketCap #HackerAlert #wallet🔥 #CryptoNewss #Market_Update

🖍️ Beware ‼️
The popular cryptocurrency data website CoinMarketCap has been compromised, by hackers users are advised to exercise extreme caution.

🔰 Do Not Connect Your Wallet
To avoid potential financial losses users are strongly advised, not to connect their cryptocurrency wallets to the CoinMarketCap website until further notice.

🔰 Security Precautions
Users should remain vigilant and monitor their accounts for suspicious activity.
It is also recommended to change passwords and enable two-factor authentication.

🔰 Investigation Underway
The CoinMarketCap team is working to resolve the issue and ensure user safety more information will be provided as the situation develops.

🔰 Stay Safe
In the meantime users are advised to prioritize their online security and avoid interacting with the compromised website.
$ETH $BNB $SOL

#USNationalDebt #BinanceSquareTalks #BinanceSquareFamily #BreakingCryptoNews #HackerAlert

O grupo cibernético "Predatory Sparrow" anunciou que em breve desativará mais bancos no Irã.
⚠️ Os iranianos devem sacar dinheiro de suas contas bancárias enquanto ainda podem.
Mais uma vez o Bitcoin e a autocustodia se mostram eficazes e necessários para todas as situações.
$BTC $PAXG $USD1
#news #iran #IranIsraelConflict #banco #HackerAlert

Israeli Hackers Burn Over $90 Million in BTC, ETH and DOGE Stolen in Nobitex Hack The exchange assures that the funds are safe.
In a shocking development within the recent Nobitex hack, Israeli hackers burned over $90 million in stolen digital assets.


The hack, attributed to pro-Israel hacker group Gunjeshke Darande, has left funds unrecoverable after being destroyed in multiple blockchains.
$90M in BTC, ETH, DOGE Burned in Nobitex Hack
After the high-profile Nobitex hack, Gonjeshke Darande, an Israeli hacker, has revealed a $90 million hoax in stolen cryptocurrencies. Among these assets are Bitcoin (BTC), Ethereum (ETH), Dogecoin (DOGE) and more.



In an X post, the hacker said, "8 burn addresses burned $90M from the wallet of Nobitex, the government's favorite sanctions-busting tool."
The group claimed to have destroyed the funds by transferring them to custom-made ‘vanity addresses’ on multiple blockchains. These addresses were designed with irretrievable private keys, making assets irrevocably and permanently locked.
Yesterday, Nobitex suffered a massive crypto hack Gonjeshke Darande, also known as Predatory Sparrow, claimed responsibility for the hack, saying it was retaliation for Nobitex's alleged involvement in evading Iranian government sanctions and financing terrorism.
Crypto Exchange Hack Raises Iran-Israel War Tensions
In particular, the Nobitex hack can be seen as an escalation of the ongoing Iran-Israel conflict, spilling over into the digital realm.
Adding further fuel to these geopolitical tensions, hackers are threatening to release Nobitex's source code to the public within 12 hours, potentially exposing vulnerabilities and compromising the platform's security.
They are pointing out that customers' assets will be at risk if they stay on Nobitex, suggesting they would be wise to withdraw.
While the Israeli hacker group mentions irreversible addresses, some of them contain inflammatory phrases, such as "FuckIRGCTerroristsNoBiTEX". This suggests that the group is directly targeting Iran’s Islamic Revolutionary Guard Corps.

Additionally, they used specific techniques to ensure the permanent loss of funds, including sending Ethereum tokens to a "0x…dead" burn address and creating a Bitcoin wallet with an incorrect checksum, rendering it unspendable.
Nobitex Responds to Security Breach
In response to the Nobitex hack, the Iranian crypto exchange has released an updated statement.
The firm announced that the situation is now under control. They asserted that all external access to their servers had been cut off.
The technical team of the Iranian crypto exchange proactively emptied the hot wallet to protect the user's assets. This resulted in a significant reduction in visible holdings on blockchain networks.

Additionally, he added that the hackers transferred the stolen funds, estimated at around $100 million, to non-standard wallets.
According to Nobitex, Israeli hackers announced the destruction of tokens under false pretenses with the intention of harming users. Despite the move, the exchange stressed that user assets are safe, citing,
We once again emphasize that user assets are covered by the Nobitex Reserve Fund, and no user funds will be lost. We remain committed to ensuring the safety of your holdings and maintaining your trust.

#BTC #ETH #DOGE #HackerAlert #Market_Update