π Ethereum Deposited into Tornado Cash Following Contract Exploit
#Ethereum #TornadoCash #Exploit #CertiK #EIP7702 #Cybersecurity #ETH
According to BlockBeats, CertiK Alert has reported that an attacker deposited 95 ETH into Tornado Cash, valued at approximately $280,000. The incident followed the initialization of an uninitialized EIP-7702 delegate contract, which granted the attacker ownership rights. Subsequently, the attacker withdrew all funds from the delegate's address.#Ethereum #TornadoCash #Exploit #CertiK #EIP7702 #Cybersecurity #ETH
π Flow Blockchain Implements Protocol Fix Following Exploit
#FlowBlockchain #ProtocolFix #Exploit #NetworkUpgrade #CheckpointRollback #UnauthorizedTransactions #TransactionResubmission #December27Attack #FlowExecutionLayer #NetworkRelaunch #FundsSafety #LaunderingMonitoring #AssetFreezes #Celer #Debridge #Relay #Stargate #Thorchain #Chainflip #FLOW
According to Foresight News, Flow has announced the deployment of a protocol fix to address a recent exploit. Node operators are coordinating the upgrade to revert the network to a checkpoint prior to the attack, removing unauthorized transactions from the ledger. Flow emphasized that this rollback is essential to mitigate the impact of the attack. Users are advised to resubmit transactions made during the network interruption from December 27, 15:25 to December 27, 21:30 UTC+8 once the network is restored. The foundation will confirm these transactions upon the network's official relaunch.
Flow reported that attackers exploited a vulnerability in the Flow execution layer on December 27, transferring approximately $3.9 million before the network shutdown. The attack did not compromise existing user balances, ensuring the safety of all deposits. The funds were primarily moved through bridges like Celer, Debridge, Relay, and Stargate. The attackerβs wallet has been identified and flagged, with laundering activities via Thorchain and Chainflip being actively monitored. Flow Foundation has also requested asset freezes from Circle, Tether, and major exchanges.#FlowBlockchain #ProtocolFix #Exploit #NetworkUpgrade #CheckpointRollback #UnauthorizedTransactions #TransactionResubmission #December27Attack #FlowExecutionLayer #NetworkRelaunch #FundsSafety #LaunderingMonitoring #AssetFreezes #Celer #Debridge #Relay #Stargate #Thorchain #Chainflip #FLOW
π [ContractVulnerability] SynapLogic Contract Exploit Leads to Significant Losses
#ContractVulnerability #SynapLogic #Exploit #FinancialLosses #BlockSec #WhitelistLogic #TokenManipulation #SYP #CryptoSecurity #TokenExploitation #PANews
A vulnerability in the SynapLogic contract has resulted in substantial financial losses. According to PANews, BlockSec Alert reported that the contract's swapExactTokensForETHSupportingFeeOnTransferTokens function lacked essential parameter verification. This oversight allowed attackers to manipulate the 'whitelist' logic and designate any address for profit. Additionally, the contract failed to verify whether the total distribution of native tokens exceeded the actual payment, enabling attackers to withdraw excess native tokens and simultaneously receive newly minted SYP tokens. This exploit has led to an estimated loss of approximately $186,000.#ContractVulnerability #SynapLogic #Exploit #FinancialLosses #BlockSec #WhitelistLogic #TokenManipulation #SYP #CryptoSecurity #TokenExploitation #PANews
π MakinaFi Suffers Major Exploit Resulting in Significant Loss
#MakinaFi #DeFi #exploit #ETH #cryptocurrency #security #loss #NS3AI #blockchain #decentralizedfinance
MakinaFi, a decentralized finance protocol, has been exploited for 1,299 ETH, equating to approximately $4.13 million. According to NS3.AI, the stolen assets have been transferred to two new cryptocurrency addresses. This incident underscores the persistent security challenges faced by DeFi platforms.#MakinaFi #DeFi #exploit #ETH #cryptocurrency #security #loss #NS3AI #blockchain #decentralizedfinance
π Makina Finance Exploit Results in $4.13 Million Loss
#MakinaFinance #Exploit #CryptoLoss #MEVbots #CryptoGovernance #FundRecovery #SafeHarbor #WhiteHats #Centralization #Custody #NS3AI
Makina Finance experienced a significant exploit resulting in a loss of $4.13 million. According to NS3.AI, the incident involved MEV bots intercepting the hacker's transaction and redirecting the funds to addresses under their control, thereby preventing a complete loss. These MEV bots serve as an emergency crypto fund recovery mechanism, but their increasing influence and profit-driven motives pose governance challenges concerning fund custody and returns.
Efforts to address these issues include frameworks like Safe Harbor, which aim to formalize and regulate the process by pre-authorizing white hats and establishing clear terms. However, the adoption of such frameworks is still developing amid concerns over centralization and opaque custody.#MakinaFinance #Exploit #CryptoLoss #MEVbots #CryptoGovernance #FundRecovery #SafeHarbor #WhiteHats #Centralization #Custody #NS3AI
π Aperture Finance Investigates Contract Vulnerability Exploitation
#ApertureFinance #SmartContract #Vulnerability #Exploit #BlockchainSecurity #Ethereum #DeFi #CryptoSecurity #PANews #BlockSec
Aperture Finance has reported a vulnerability exploitation affecting its V3/V4 contracts, according to PANews. The company announced on the X platform that it has halted core functions in its front-end application to prevent further authorizations and is collaborating with security partners to investigate the root cause of the incident. Users are advised to revoke all authorizations on the Ethereum mainnet for the contract address 0xD83d960deBEC397fB149b51F8F37DD3B5CFA8913 to ensure wallet security.
Previously, BlockSec detected an attack on Aperture Finance resulting in a loss of approximately $3.67 million.#ApertureFinance #SmartContract #Vulnerability #Exploit #BlockchainSecurity #Ethereum #DeFi #CryptoSecurity #PANews #BlockSec
π CrossCurve Cross-Chain Bridge Faces Exploit Due to Smart Contract Vulnerability
#CrossCurve #CrossChainBridge #Exploit #SmartContractVulnerability #Odaily #SafeHarbor #WhiteHat #Bounty #FundsRecovery #Ethereum #CriminalProceedings #AssetTracking
CrossCurve has announced that its cross-chain bridge has been exploited due to a vulnerability in a smart contract. According to Odaily, the project team has urged users to immediately halt all interactions with CrossCurve until the investigation is complete and promised to provide updates through official channels.
The team confirmed that some addresses received tokens that should have belonged to users due to the vulnerability. CrossCurve stated that no malicious intent has been detected from these addresses and has requested cooperation in returning the misappropriated assets. Under its Safe Harbor white hat policy, those assisting in the recovery of funds may retain up to 10% as a bounty.
The announcement warned that if funds are not returned or contact is not made within 72 hours from Ethereum block height 24,364,392, the project team may escalate the situation. This could include initiating criminal and civil proceedings and collaborating with exchanges, stablecoin issuers, and on-chain analysis firms to freeze or track the involved assets.#CrossCurve #CrossChainBridge #Exploit #SmartContractVulnerability #Odaily #SafeHarbor #WhiteHat #Bounty #FundsRecovery #Ethereum #CriminalProceedings #AssetTracking
π Privacy Game Project FOOMCASH Experiences Exploit in Lottery Contract
#PrivacyGame #FOOMCASH #Exploit #LotteryContract #CertiK #ZOOMTokens #Groth16 #Vulnerability #Blockchain #CryptoSecurity #ForesightNews
CertiK has reported an exploit in the lottery contract of the privacy game project FOOMCASH, involving approximately $1.8 million. According to Foresight News, the vulnerability may stem from the configuration of its Groth16 verifier, allowing attackers to repeatedly collect ZOOM tokens under identical input conditions.#PrivacyGame #FOOMCASH #Exploit #LotteryContract #CertiK #ZOOMTokens #Groth16 #Vulnerability #Blockchain #CryptoSecurity #ForesightNews
π Solv Protocol Exploit Results in $2.7 Million Loss
#SolvProtocol #Exploit #CryptoLoss #BlockchainSecurity #SolvBTC #DeFi #CryptoNews #NS3AI #SOLVToken #Compensation
Solv Protocol experienced an exploit in one of its BRO vaults, resulting in approximately $2.7 million in losses, equivalent to 38.0474 SolvBTC. According to NS3.AI, the incident impacted fewer than 10 users, and Solv has committed to compensating their losses. The protocol assured that all other vaults and user assets are secure, and the SOLV token continues to trade in line with the broader market recovery.#SolvProtocol #Exploit #CryptoLoss #BlockchainSecurity #SolvBTC #DeFi #CryptoNews #NS3AI #SOLVToken #Compensation
π Aave Labs Secures Narrow Victory in Governance Vote Amid Tensions
#AaveLabs #SnapshotVote #AAVE #Governance #ACI #DeFi #SecurityIncidents #SolvProtocol #Exploit #ZeroKnowledgeProof
Aave Labs has narrowly secured a victory in its 'Aave Will Win' Snapshot vote, garnering 52.6% of approximately 1.2 million AAVE tokens cast. According to NS3.AI, this outcome has intensified tensions with governance delegate ACI. The newsletter also draws attention to several security incidents within the decentralized finance (DeFi) sector, including a $2.7 million exploit of Solv Protocol and recent issues related to zero-knowledge proof verifier exploits.#AaveLabs #SnapshotVote #AAVE #Governance #ACI #DeFi #SecurityIncidents #SolvProtocol #Exploit #ZeroKnowledgeProof
π Google Uncovers DarkSword iOS Exploit Targeting Crypto Apps
#Google #iOS #Exploit #DarkSword #Malware #CryptoApps #Ghostblade #DataTheft #CyberSecurity #SaudiArabia #Ukraine #Cryptocurrency
Google researchers have discovered an iOS exploit chain named DarkSword, which utilizes six vulnerabilities to install malware on iPhones operating on iOS versions 18.4 through 18.7. According to NS3.AI, the malware, known as Ghostblade, is designed to search for major cryptocurrency exchange and wallet applications, while also stealing messages, passwords, browsing data, and other device information. The campaigns have been observed in Saudi Arabia and Ukraine. Ghostblade is engineered for rapid data theft rather than prolonged surveillance.#Google #iOS #Exploit #DarkSword #Malware #CryptoApps #Ghostblade #DataTheft #CyberSecurity #SaudiArabia #Ukraine #Cryptocurrency
π BlockSec's EVMBench Re-Test Reveals No Exploit Success
#BlockSec #EVMBench #exploit #smartcontract #security #AI #vulnerability #ClaudeOpus #OpenAI #Paradigm #NS3AI
BlockSec's recent re-evaluation of EVMBench reported a 0% success rate in end-to-end exploits across 110 agent-incident pairs involving 22 real-world smart contract security incidents. According to NS3.AI, BlockSec suggested that the initial benchmark by OpenAI and Paradigm might have exaggerated AI's exploit capabilities due to the influence of scaffold design on the results. Despite this, BlockSec acknowledged the detection value of AI, noting that Claude Opus 4.6 successfully identified 13 out of 20 real-world vulnerabilities.#BlockSec #EVMBench #exploit #smartcontract #security #AI #vulnerability #ClaudeOpus #OpenAI #Paradigm #NS3AI
π AI TRENDS | OpenClaw Gateway WebSocket Vulnerability Confirmed by Founder
#AI #CyberSecurity #Vulnerability #WebSocket #ZeroDay #OpenClaw #Exploit #InformationSecurity #CNVD #GatewaySecurity
A critical vulnerability in the OpenClaw Gateway WebSocket has been confirmed by its founder, Peter, according to PANews. The 360 Security Cloud team received an official email from Peter, acknowledging the exclusive discovery of the unauthenticated upgrade flaw by the 360 team.
The high-risk vulnerability has been reported to the National Information Security Vulnerability Sharing Platform (CNVD) by 360, aiming to swiftly eliminate the risk across the network. This WebSocket unauthenticated upgrade flaw is classified as a zero-day (0Day) vulnerability, which attackers can exploit to silently bypass permission authentication via WebSocket, potentially gaining control over the intelligent gateway. This could lead to resource exhaustion or a complete system crash.#AI #CyberSecurity #Vulnerability #WebSocket #ZeroDay #OpenClaw #Exploit #InformationSecurity #CNVD #GatewaySecurity
π Exploit in PancakeSwap's BCE/USDT Pool Results in $679,000 Loss
#PancakeSwap #BCEUSDT #Exploit #CryptoLoss #TokenBurn #MaliciousContracts #NS3AI
An exploit in the BCE/USDT pool on PancakeSwap led to a loss of $679,000. According to NS3.AI, the attacker bypassed the pool's buy and sell limits by deploying two malicious contracts. This action triggered the pool's token burn mechanism, causing a distortion in the pool's token holdings and enabling the asset drain.#PancakeSwap #BCEUSDT #Exploit #CryptoLoss #TokenBurn #MaliciousContracts #NS3AI
π Resolv USR Experiences Sharp Decline Following Exploit
#ResolvUSR #Polymarket #IranConflict #Cryptocurrency #Exploit #ETH #NS3AI #RiskAssets #Ceasefire #March
Ten newly created wallets have placed approximately $160,000 on Polymarket, betting on a ceasefire in Iran by the end of March. According to NS3.AI, the ongoing conflict in Iran has been affecting both cryptocurrency and broader risk assets. Meanwhile, Resolv USR saw a significant drop of about 70%, falling to $0.27 after an exploit led to the extraction of $25 million in ETH.#ResolvUSR #Polymarket #IranConflict #Cryptocurrency #Exploit #ETH #NS3AI #RiskAssets #Ceasefire #March
π Balancer Labs to Cease Operations Following Financial Strain
#BalancerLabs #DeFi #FinancialStrain #Exploit #v2Platform #LegalChallenges #BALToken #CommunityModel #TokenBuyback #v3Shares #ServiceProvider
Balancer Labs, a prominent player in the decentralized finance sector, is set to shut down operations, according to founder Fernando Martinelli. The decision comes in the wake of a significant exploit of its v2 platform last year, which resulted in approximately $137.4 million in damages. According to NS3.AI, this incident has left the company in a state of financial distress.
Martinelli highlighted that the legal challenges and a substantial decline in the value of BAL, the platform's native token, have further influenced the decision to cease operations. Moving forward, Balancer will transition to a model focused on community, foundation, and service-provider operations. Plans include a buyback of BAL tokens, adjustments to v3 shares, and the transfer of fees to the community.#BalancerLabs #DeFi #FinancialStrain #Exploit #v2Platform #LegalChallenges #BALToken #CommunityModel #TokenBuyback #v3Shares #ServiceProvider
π Critical Vulnerability Discovered in OpenClaw's ClawHub Repository
#OpenClaw #ClawHub #Vulnerability #CyberSecurity #Malware #DataTheft #Exploit #SecurityPatch #AgentGuard #GoPlusSecurity
A severe vulnerability has been identified in OpenClaw's ClawHub repository, according to ChainCatcher. Security researchers from Silverfort discovered that attackers could exploit the flaw by invoking the internal function downloads:increment, bypassing all security measures. This allows them to artificially inflate download counts to over 20,000 within minutes using a simple curl request, pushing malicious code to the top of search rankings and potentially leading users or AI agents to automatically install harmful skills.
Once executed, these malicious skills can steal sensitive data such as cryptocurrency wallets and API keys. The vulnerability has been addressed and fixed within 24 hours. GoPlus Security advises users that high download counts do not necessarily indicate safety and recommends using AgentGuard for security scanning and protection.#OpenClaw #ClawHub #Vulnerability #CyberSecurity #Malware #DataTheft #Exploit #SecurityPatch #AgentGuard #GoPlusSecurity
π Federal Indictment: Jonathan Spalletta Charged in Uranium Finance Hacks
#FederalIndictment #JonathanSpalletta #UraniumFinance #Hacks #ComputerFraud #MoneyLaundering #Theft #NS3AI #CryptoCrime #Cybercrime #FinanceSecurity #Prosecutors #Exploit
Federal prosecutors have charged Jonathan Spalletta in connection with two alleged hacks targeting Uranium Finance. According to NS3.AI, the indictment accuses Spalletta of executing one attack that resulted in the theft of $53.3 million. The charges include one count of computer fraud and one count of money laundering, which together could lead to a maximum sentence of 30 years in prison. Prosecutors noted that the subsequent exploit left Uranium Finance without sufficient funds to maintain operations.#FederalIndictment #JonathanSpalletta #UraniumFinance #Hacks #ComputerFraud #MoneyLaundering #Theft #NS3AI #CryptoCrime #Cybercrime #FinanceSecurity #Prosecutors #Exploit
π Solana Protocols Hit by $280 Million Exploit, Drift Initiates Contact with Attacker
#Solana #Exploit #Drift #Ethereum #Attacker #Ether #Blockchain #Cyvers #Gauntlet #NS3AI #SolanaProtocols #StolenFunds #Cryptocurrency #Blockscan #CryptoAttack #Security #ETH #SOL
Drift has reached out to wallets linked to a significant exploit, estimated by external firms to be between $280 million and $286 million. According to NS3.AI, Drift communicated from its Ethereum address to four wallets containing the stolen Ether, requesting the attacker to engage via Blockscan chat. SolanaFloor reported that the exploit impacted at least 20 Solana protocols, including Gauntlet, with losses estimated at $6.4 million. Cyvers noted that no funds had been recovered 48 hours post-attack, suggesting the incident might have been a staged operation.#Solana #Exploit #Drift #Ethereum #Attacker #Ether #Blockchain #Cyvers #Gauntlet #NS3AI #SolanaProtocols #StolenFunds #Cryptocurrency #Blockscan #CryptoAttack #Security #ETH #SOL
π Circle Faces Criticism Over Handling of Stolen USDC Transfers
#Circle #USDC #StolenFunds #Solana #Ethereum #CrossChainTransfer #CCTP #DriftProtocol #Exploit #DeFi #DeFiLlama #TVL #CivilDispute #HotWallets #BlockchainSecurity #ETH #SOL
Circle is under scrutiny following the movement of over $230 million in stolen USDC from Solana to Ethereum via the Cross-Chain Transfer Protocol (CCTP) during Drift Protocol's $285 million exploit. According to NS3.AI, the criticism has intensified as Circle froze the USDC balances of 16 unrelated corporate hot wallets on March 23 due to a civil dispute. Data from DeFiLlama indicates that Drift Protocol's total value locked (TVL) dropped to below $250 million after the attack.#Circle #USDC #StolenFunds #Solana #Ethereum #CrossChainTransfer #CCTP #DriftProtocol #Exploit #DeFi #DeFiLlama #TVL #CivilDispute #HotWallets #BlockchainSecurity #ETH #SOL