This is the second BtcTurk exploit, following an approximately $55 million theft in June 2024.
BtcTurk apparently hacked again, for $49 million
The Turkish cryptocurrency exchange BtcTurk has apparently been hacked again, as various blockchain security firms observed suspicious withdrawals estimated at around $49 million. BtcTurk later acknowledged it had experienced "unusual activity" in its hot wallets, and had suspended deposits and withdrawals. They did not provide any more details about the scale of the attack.
Odin.fun bitcoin memecoin launchpad exploited for more than $7 million
Odin.fun, a bitcoin-based memecoin launchpad sort of like the popular pump.fun, was exploited for 58.2 BTC (~$7 million). The attacker had apparently manipulated the price of various tokens, then withdrew bitcoin based on the inflated prices.
A team member suggested they were unsure of the total amount stolen, "but as of right now, our company treasury isn't big enough to cover the losses".
Traders lose $1 million to malicious "trading bot" software
Scammers using AI-generated YouTube videos to promote supposedly profitable crypto bot software have convinced crypto users to deploy what is, in reality, malicious code that allows scammers to siphon funds from their wallets. The free software supposedly allows anyone to run MEV bots to profit from arbitrage strategy, but the obfuscated code people are encouraged to download and deploy is actually malicious.
Researchers at Sentinel Labs have estimated that more than $1 million has been drained from various wallets via these malicious contracts.
Credix vanishes after $4.5 million exploit
The defi lending protocol Credix lost $4.5 million to an exploit after a hacker gained control of an admin wallet and used it to mint tokens and drain liquidity pools.
Credix subsequently announced they had negotiated with the thief, who they said agreed to return the funds "in return for money fully paid by the credix treasury". They did not disclose how much they paid to the hacker.
However, shortly after this announcement, the company deleted its social media accounts and disappeared, leading some to wonder if the "hack" may have in fact been a rug pull by insiders. The promised reimbursements have not yet materialized.
$731,000 stolen in SuperRare hack
Customers of WOO X lose $14 million after exchange compromise
Attackers who compromised devices belonging to a WOO X employee stole $14 million from users of the Taiwanese WOO X cryptocurrency exchange. The phishing attack on the employee gave the hackers access to a development environment, according to statements from WOO X, and the hackers were then able to make withdrawals from customer accounts.
WOO X temporarily froze withdrawals, before reopening accounts after a security review. They offered a 10% "bounty" to the thief.
CoinDCX hacked for $44 million
The Indian cryptocurrency exchange CoinDCX was hacked, with attackers stealing around $44 million. The company announced the breach the following day, attributing it to a "sophisticated server breach" and claiming that only company funds were impacted.
BigONE hacked for over $27 million
The BigONE cryptocurrency exchange was hacked for more than $27 million, which the hacker quickly swapped for various other tokens. The attacker compromised one of the exchange's hot wallets after gaining access to the company's production network. BigONE stated they would fully cover the loss.
Blockchain security researcher zachxbt responded to the hack by saying, "I do not feel bad for the team as this CEX processed a good bit of volume from pig butchering, romance, investment scams." Elsewhere he suggested that hacks of "sketchy offshore exchanges" would be a positive for the crypto industry, serving as a "natural cleanse".
Arcadia Finance exploited for $3.5 million
The Arcadia Finance defi margin protocol was exploited for $3.5 million after an attacker found a vulnerability in a project smart contract. The attacker quickly swapped the stolen tokens and bridged them from Base to the Ethereum mainnet. The attacker stole the funds in two separate transactions that were more than four hours apart.
Arcadia is backed by Coinbase Ventures. The project acknowledged the hack, encouraging users to revoke permissions.
MoonPay apparently gets scammed out of a $250,000 donation to Trump inaugural fund
In a seizure request filed by the DC Attorney General, the Justice Department outlined how a Nigerian scammer used the classic "lowercase Ls look like uppercase Is" trick to steal $250,000 — apparently from the MoonPay crypto exchange. Using the email address steve_witkoff@t47lnaugural.com, the scammer directed "Ivan & Mouna" to deposit $250,000 in Tether to a specified wallet address. Mouna then replies to confirm the transaction, providing a link to a blockchain explorer. The FBI was only able to recover around 16% of the stolen funds, issuing seizure requests to Tether and Binance that regained control of $40,353.
As it happens, "Ivan & Mouna" match the names of MoonPay CEO Ivan Soto-Wright and CFO Mouna Siala. The crypto address used to send the transaction also appears to be one of MoonPay's company crypto wallets.
MoonPay had told Fox Business shortly before the transaction that they intended to contribute an undisclosed amount to the Trump inaugural fund.
Only weeks after the botched donation, MoonPay was selected as a payment processor for Trump's $TRUMP memecoin.
- "The DOJ Seemingly Outed Top Crypto Executives as Falling for a Nigerian Crypto Scam", NOTUS [archive]
- Complaint in US v. Approximately 40,353 USDT.ETH Cryptocurrency [archive]