cryptohack

DeFi has suffered another massive exploit. Hackers successfully minted and stole approximately $76.7 Million in fake eBTC from Echo Protocol.
This incident once again raises serious concerns about bridge security and smart contract vulnerabilities in the DeFi space.
Key Questions:
• Is this a wake-up call for all DeFi users?
• What precautions should retail investors take to protect their funds?
• Will this affect overall trust in DeFi projects?
Share your thoughts and analysis in the comments 👇
Stay safe and always DYOR!
#EchoProtocolHack #CryptoHack #DeFiSecurit #BinanceSquare

2026 started relatively calm - until April hit like a bomb. In just the first four months, hackers drained over $750 million from DeFi protocols. Two attacks in two weeks wiped out nearly $600 million.
April 1 - Drift Protocol on Solana. $285 million gone in just 12 minutes. A North Korean group spent six months on social engineering and compromised people, not code. The DRIFT token crashed over 40% afterward.
April 19 - Kelp DAO. $292 million in rsETH stolen. The attacker forged a cross-chain message through a LayerZero bridge, and the protocol simply handed over the funds. It became the biggest hack of the year. The ripple effect was brutal - around $10–15 billion was withdrawn from Aave and other platforms in a matter of days.
These two incidents revealed the main problem in 2026: attackers are no longer just targeting smart contracts. They're going after people, keys, and infrastructure. North Korean groups now operate like intelligence agencies - planning operations for months.
What should a regular user do?
- Don't keep large amounts on hot wallets or in DeFi protocols.
- Use hardware wallets for anything serious.
- Enable 2FA, anti-phishing codes, and whitelist addresses.
- Double-check everything - links, messages, "support" chats.
Hackers are getting smarter and more patient. The best defense is healthy paranoia and sticking to basic security rules.
#CryptoHack #DeFi #CryptoSecurity #Binance #CryptoNews

THORChain, one of the crypto industry’s leading decentralized cross-chain liquidity protocols, has become the latest victim of a major exploit after hackers reportedly drained more than $10.7 million from the network. The attack has triggered renewed concerns about the security of interoperability platforms and the growing risks associated with decentralized finance (DeFi) infrastructure.
The exploit targeted THORChain’s core vault system, sending shockwaves across the crypto market as traders, liquidity providers, and security researchers rushed to assess the damage. Following the incident, THORChain’s native token, RUNE, experienced a sharp decline amid widespread uncertainty and panic selling.
How the THORChain Hack Happened
According to preliminary investigations from blockchain security analysts, the exploit appears to have compromised one of THORChain’s Asgard vaults — the protocol’s primary multi-signature treasury infrastructure responsible for managing cross-chain liquidity and validating transactions.
The attackers allegedly exploited vulnerabilities tied to router logic or transaction-signing processes, enabling unauthorized withdrawals across several blockchain ecosystems. Early on-chain tracking revealed suspicious movements involving Bitcoin, Ethereum, BNB Chain, and Base-linked assets.
Blockchain investigator ZachXBT was among the first to identify abnormal transactions linked to the protocol. Initial estimates suggested losses of roughly $7.4 million, but subsequent wallet analysis increased the figure to more than $10.7 million as additional stolen funds were discovered across multiple addresses.
Security firms including PeckShield and Arkham Intelligence later tracked the movement of the stolen assets, identifying transfers involving wrapped Bitcoin (WBTC), ETH, USDT, USDC, and other high-value crypto assets routed through intermediary wallets.
Emergency Measures Activated
THORChain’s development team responded quickly after detecting suspicious activity. The protocol reportedly halted signing operations and temporarily paused several network functions to prevent additional losses from occurring.
In an official response, THORChain stated that automated safety systems successfully detected the exploit in progress and immediately restricted outbound vault operations. The team also emphasized that user liquidity positions and most swap-related funds appeared to remain protected during the incident.
Node operators were instructed to suspend churn operations — the process that rotates validator responsibilities — while developers and security teams investigated the source of the exploit.
THORChain has additionally delayed upcoming integrations and infrastructure upgrades until a full security review is completed.
RUNE Token Suffers Heavy Sell-Off
The market reaction was swift and severe.
Following confirmation of the exploit, THORChain’s native token RUNE experienced significant volatility, with losses ranging between 15% and 40% across major exchanges during peak selling pressure. Trading volumes surged as investors rapidly reduced exposure to the protocol amid fears of deeper vulnerabilities.
The decline reflects broader investor sensitivity toward DeFi security incidents, especially involving protocols responsible for handling cross-chain liquidity and decentralized asset transfers.
Historically, major protocol exploits tend to trigger short-term capital flight from affected ecosystems, even when teams later recover funds or patch vulnerabilities.
Why Cross-Chain Protocols Face Higher Security Risks
Unlike traditional decentralized exchanges operating on a single blockchain, THORChain enables native asset swaps across multiple independent networks without relying on wrapped tokens or centralized custodians.
While this interoperability model offers significant innovation for decentralized finance, it also introduces additional layers of complexity and risk.
Cross-chain protocols must manage:
Multi-chain communication systems
Validator coordination
Multi-signature treasury security
Transaction verification across separate blockchains
Liquidity synchronization between networks
Every additional integration increases the potential attack surface available to hackers.
Security researchers have repeatedly warned that bridges and interoperability protocols remain among the most vulnerable sectors within crypto. Over the past several years, billions of dollars have been lost through attacks targeting bridge infrastructure, validator systems, and cross-chain messaging protocols.
The THORChain exploit reinforces concerns that even highly established DeFi platforms remain exposed to sophisticated attacks.
Growing Pressure on DeFi Security Standards
The incident has once again sparked debate around security auditing practices, decentralized governance oversight, and the balance between innovation and risk management in DeFi.
THORChain has previously faced criticism regarding compliance and illicit fund flows after reports claimed the protocol had been used to route funds linked to previous crypto exploits. Although THORChain operates as a decentralized and permissionless protocol, regulators and analysts continue to scrutinize platforms that facilitate large-scale anonymous cross-chain transfers.
Following the latest exploit, many within the crypto industry are calling for stronger security frameworks, more aggressive bug bounty programs, and enhanced monitoring systems for interoperability protocols.
Institutional participants entering the digital asset market may also view recurring bridge and DeFi exploits as barriers to wider adoption.
Can THORChain Recover?
Despite the scale of the exploit, some analysts believe THORChain may eventually recover if the team successfully patches vulnerabilities, restores confidence, and demonstrates transparency throughout the investigation process.
Historically, several major DeFi protocols have survived significant exploits by reimbursing users, strengthening security architecture, and rebuilding community trust over time.
However, reputational damage in crypto can be difficult to reverse — especially during periods when investors are already cautious about systemic risks in decentralized finance.
For now, the crypto market remains focused on three key questions:
How exactly the exploit occurred
Whether additional vulnerabilities still exist
If stolen funds can be frozen, recovered, or traced further
As investigations continue, the THORChain hack serves as another reminder that security remains one of the most critical challenges facing the future of decentralized finance and cross-chain infrastructure.
Conclusion
The $10.7 million THORChain exploit highlights the ongoing vulnerabilities surrounding cross-chain DeFi protocols despite years of technological advancement. While decentralized interoperability remains one of crypto’s most promising innovations, the incident demonstrates that expanding functionality often comes with expanding security risks.
The coming weeks will be crucial for THORChain as developers, validators, and the broader crypto community work to stabilize the network and restore investor confidence. Meanwhile, the broader DeFi industry is once again being forced to confront a difficult reality: innovation without robust security can quickly become a liability in the rapidly evolving world of digital assets
#THORChain #Rune #CryptoHack #DeFi #BlockchainSecurity

ResupplyFi lost $5.59M in a crypto hack on June 26, 2025.
Attacker manipulated cvcrvUSD exchange rate via contract donations.Low-liquidity markets enabled theft with minimal collateral.DeFi platforms urged to enhance smart contract security.Industry calls for better oracles and liquidity management.
$5.59M Stolen in ResupplyFi Attack
A crypto hack targeting ResupplyFi resulted in a loss of approximately $5.59 million. The breach, detected on June 26, 2025, involved suspicious transactions that exploited vulnerabilities in the platform’s smart contracts. Attackers manipulated the exchange rate of cvcrvUSD, leading to the theft of a significant amount of reUSD tokens.
The attack centered on the cvcrvUSD Controller contract. By making strategic donations, the attacker artificially inflated the token’s share price. This allowed them to borrow a large volume of reUSD tokens with minimal collateral, draining substantial assets from the protocol.
ResupplyFi, a decentralized finance platform, relies on low-liquidity markets for certain token pairs. The attacker exploited this, using just two crvUSD tokens to borrow millions in reUSD. Such vulnerabilities highlight ongoing risks in DeFi ecosystems, where low-liquidity pools can be prime targets for manipulation.
Security systems flagged the suspicious activity early, but the attacker’s swift execution caused significant damage before interventions could be implemented. The incident underscores the need for robust safeguards in decentralized lending protocols.
DeFi Security Under Scrutiny
The ResupplyFi crypto hack has reignited discussions about DeFi vulnerabilities. Exchange rate manipulation in low-liquidity markets remains a persistent threat. Attackers exploit empty or thinly traded pools to distort prices, enabling large-scale theft with minimal initial investment.
This incident follows a pattern seen in other DeFi exploits. Similar attacks have targeted lending protocols by inflating share prices through strategic donations or flash loans. The ResupplyFi breach involved a donation to the cvcrvUSD Controller, which skewed the token’s value and allowed the attacker to siphon off funds.
Decentralized finance platforms face increasing pressure to enhance security measures. Smart contract audits and real-time monitoring are critical to detecting and preventing such exploits. The ResupplyFi hack serves as a reminder of the importance of rigorous validation of mathematical functions in smart contracts.
Industry experts emphasize the need for improved oracle mechanisms to ensure accurate pricing data. Protocols like Chainlink provide decentralized price feeds to mitigate manipulation risks, but adoption remains inconsistent across DeFi platforms. Enhanced liquidity management and stricter access controls could also reduce vulnerabilities.
The ResupplyFi incident has prompted calls for greater transparency in DeFi operations. Platforms are urged to disclose security measures and undergo regular third-party audits. Strengthening these defenses is essential to maintaining user trust in decentralized finance.
The broader crypto community is now analyzing the attack’s fallout. Blockchain security firm SlowMist reported the breach through its MistEye monitoring system, highlighting the stolen funds’ movement. Such tools are vital for tracking illicit transactions and aiding recovery efforts.
ResupplyFi has not yet announced specific recovery plans or user compensation. The platform’s team is likely investigating the breach to prevent future incidents. Meanwhile, affected users await updates on potential restitution measures.
The hack’s scale underscores the growing sophistication of cybercriminals targeting DeFi. As the sector expands, so does the need for advanced security frameworks. Platforms must prioritize resilience against manipulation tactics to protect user funds.
This breach adds to a string of high-profile DeFi attacks in 2025, raising concerns about the sector’s maturity. Investors and developers alike are calling for standardized security protocols to safeguard the ecosystem. For more insights into DeFi security, resources like Cointelegraph and The Block offer in-depth coverage of blockchain vulnerabilities and solutions.
#CryptoHack #ResupplyFi #DeFiSecurity #BlockchainVulnerability #SmartContractExploit

#CryptoHack
Binance founder Changpeng Zhao speaks out after Cointelegraph and CoinMarketCap hacks, warning community.
In recent days, all the talk has been about the archive of 16 billion passwords made public in one of the largest archives available to cybercriminals today.
The crypto sector is also on high alert after two major sites, CoinMarketCap and Cointelegraph , were hacked.
In response to these incidents, Binance founder Changpeng Zhao sounded the alarm. He urged the crypto community to be careful when linking their wallets.
Changpeng Zhao Warns Against Rising Cryptocurrency Attacks
Following the attacks that hit CoinMarketCap and Cointelegraph, Binance founder Changpeng Zhao stepped in to warn users of the growing number of similar incidents in the crypto world .
CZ urged crypto people to be cautious whenever they allow wallet linking. In his post he wrote:
Two days ago CMC, now CT. Hackers are targeting news sites. Be careful when authorizing wallet connection.
Not only CZ, but also Web3 security company CertiK reiterated the need to take countermeasures to prevent these attacks.
Today, attackers are moving from exploiting vulnerabilities in smart contracts to targeting users through social engineering schemes . This is the psychological manipulation technique that tricks the victim into believing they are dealing with a legitimate site when in fact they are interacting with fake interfaces capable of stealing data and capital.
Last May, Coinbase also suffered a security breach, during which hackers stole sensitive information from key customers.
According to CertiK, the number of crypto attacks carried out after breaching wallet data is growing . This is a change in strategy by cybercriminals that has led to large losses already in the first half of 2025. Thefts this year amount to $2.1 billion, mostly due to wallet breaches and phishing attacks.
CertiK co-founder Ronghui Gu said :
Attackers always target the weakest link… Previously, it was smart contracts or blockchain code, but now hackers believe that weaknesses may stem more from human behavior than code.
What Happened to CoinMarketCap and Cointelegraph?
Changpeng Zhao's warning comes after CoinMarketCap and Cointelegraph admitted to having suffered major cyber breaches .
The Hack Against CoinMarketCap
According to CoinMarketCap, the attacker committed a security breach , in which hackers exploited a vulnerability in the platform.
The compromised site displayed a fake pop-up notification that attempted to trick users into verifying their crypto wallets , but CoinMarketCap promptly removed the code.
In his post, Changpeng Zhao revealed that CoinMarketCap has reported 39 victims, who have suffered a total loss of $18,570 based on the first on-chain analysis. The platform has pledged to cover all losses.
The attack against Cointelegraph is sophisticated and sneaky
Crypto news outlet Cointelegraph has confirmed that its site was hacked via a front-end exploit. The manipulated site promoted a fake token airdrop and aimed directly at users’ capital.
The media outlet identified the presence of a “fake pop-up” and reported that it is working to find a solution.
The platform warned users with a message: “Do not click on these pop-ups, do not connect your wallets and do not enter any personal information.”
In practice, the fake pop-up notification promoted a now common scam that promised participation in a non-existent giveaway .
The usual message informed users that they had been selected to receive tokens as part of the platform's 'fair launch' initiative.
It displayed a fake token price, promising users around $5,500 in tokens if they linked their wallet, and even went as far as to fake CertiK audit approval. The attacker used a similar tactic to the one used in the CoinMarketCap attack that occurred just two days earlier.
FOLLOW BeMaster BuySmart 🚀 TO FIND OUT MORE $$$$$ 🤩 BE MASTER BUY SMART 🤩