There wasn't much sympathy to be had for Garden after this exploit. The protocol had recently announced hitting a milestone of bridging more than $2 billion in assets, but the celebration was criticized after zachxbt pointed out that a substantial portion of the bridged funds were proceeds of crimes being laundered to evade detection and recovery.
Garden hacked for $11 million
The Garden bitcoin bridge suffered a roughly $11 million loss after one of its solvers was compromised. These solvers essentially act as market makers for the protocol. Some blockchain sleuths have questioned whether the affected solver, which Garden described as a separate entity, may actually be operated by the same team as Garden.
SBI Crypto likely suffers $21 million theft
Crypto sleuth zachxbt observed $21 million in "suspicious outflows" from SBI Crypto, a crypto mining subsidiary of the Japanese SBI Group. The money was quickly laundered through instant exchanges and Tornado Cash, in ways zachxbt observed were similar to tactics of North Korean crypto thieves.
SBI Crypto has not made any public statements addressing the apparent theft.
Crypto exchange BitoPro belatedly discloses $11.5 million hack
The Taiwanese cryptocurrency exchange BitoPro disclosed that they had suffered a theft from one of their hot wallets, which they said occurred during a system upgrade in which they were transferring assets between wallets.
The theft was originally noticed by crypto sleuth zachxbt, who observed a suspicious transfer of around $11.5 million in crypto assets on May 8. The funds sold on decentralized exchanges and then laundered through various cryptocurrency mixing services.
BitoPro originally only told customers that the platform was offline for "maintenance", but disclosed the theft on June 2 after zachxbt published his findings.
- Telegram post by zachxbt [archive]
- Telegram announcement by BitoPro (in Chinese) [archive]
$330 million in Bitcoin apparently stolen; laundering spikes Monero price by over 40%
3,250 BTC (~$330 million) were apparently stolen from a bitcoin holder and then quickly moved through multiple exchanges and swapped for the Monero privacycoin. Such a massive swap into Monero was apparently enough to cause the Monero price to spike from around $230 to as high as around $330, before retracting somewhat.
Coinbase customer loses $35 million in bitcoin theft
A Coinbase customer reportedly lost 400 BTC (~$35 million) in a scam identified by blockchain sleuth zachxbt. While investigating the massive theft from the single customer, he also observed at least $11 million in thefts from various other Coinbase customers throughout March.
zachxbt has previously accused Coinbase of not doing enough to protect customers from hundreds of millions of dollars in scams, and he noted that in these cases, Coinbase had not marked the thief wallets as malicious in various cryptocurrency compliance tools.
- Telegram post by zachxbt [archive]
Coinbase accused by crypto sleuth zachxbt of allowing more than $300 million per year in social engineering attacks on its customers
Crypto sleuth zachxbt has accused the popular American cryptocurrency exchange Coinbase of "fail[ing] to stop its users losing $300M+ per year to social engineering scams". He identified $65 million in crypto thefts from Coinbase in just the most recent two months, but noted that the "number is likely much lower than the actual amount stolen as our data was limited to my DMs and thefts we discovered on-chain which does not account for Coinbase support tickets and police reports we do not have access to."
zachxbt recounted how scammers routinely spoof phone numbers and use stolen personal information to gain trust with victims on phone calls, where they claim to be Coinbase employees informing users of unauthorized account access. They then walk victims through "securing" their accounts, but in reality they direct people to cloned versions of the Coinbase website where the victims are made to transfer their assets to the scammers.
zachxbt concluded, "Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make these changes and set a good example but they have chosen to do little to nothing ."
NoOnes hacked for almost $8 million
After crypto sleuth zachxbt noticed an apparent theft from the NoOnes peer-to-peer crypto trading platform on January 1, CEO Ray Youssef was forced to acknowledge the theft. He claimed that the project's Solana bridge had suffered a compromised, and explained that it had been taken offline for "exhaustive pen testing".
Youssef emphasized that user funds were safe, which led to questioning from others on how that could be possible when nearly $8 million had been stolen. Youssef claimed he had reimbursed the stolen assets himself.
- Telegram post by zachxbt [archive]
- Tweet by Ray Youssef [archive]
MetaWin casino hacked for $4 million
Hot wallets used by the MetaWin crypto casino were drained of around $4 million. According to the company's CEO, the attacker "t[ook] advantage of our frictionless withdrawal system". The attacker then moved the stolen funds to crypto exchanges including KuCoin.
- "Online Casino MetaWin hacked for $4 million — ZackXBT", CoinTelegraph
North Korean developers steal $1.3 million from crypto project treasury
According to blockchain investigator zachxbt, North Korean developers using fake identities were able to steal $1.3 million from a cryptocurrency project after pushing malicious code.
zachxbt traced the payment addresses for roughly 21 developers involved in this kind of activity, which he found had been working for at least 25 different cryptocurrency projects. They had earned around $375,000 over the past month.
WazirX exchange hacked for $235 million
After a $230 million "suspicious transfer", Indian cryptocurrency exchange WazirX has paused withdrawals and acknowledged that one of their multisignature wallets was compromised. The attacker began selling off the tokens, causing the price of tokens like Shiba Inu to drop around 10%.
WazirX is the largest cryptocurrency exchange in India. The company was acquired by Binance in 2019, but the two companies re-separated in 2023 after a bizarre public dispute.
WazirX's June 2024 proof-of-reserves reported around $500 million in total holdings, making the $235 million theft a substantial portion of the assets held at the exchange.
Blockchain sleuth zachxbt observed that the theft had some of the hallmarks of the Lazarus Group, a North Korean hacking group that has perpetrated other 9-figure heists including the $625 million Axie Infinity theft in March 2022, and the theft of more than $100 million from Atomic Wallet users. The US and South Korea both officially pinned the attack on North Korea later on.