커뮤니티

In the early hours of July 16, 2025, the global crypto exchange BigONE fell victim to a highly sophisticated attack that resulted in $27 million in digital assets siphoned from its hot wallets, without a single private key being compromised.This wasn’t a phishing attack. It wasn’t a wallet-draining exploit.Instead, it was something far more dangerous: an infrastructure-level compromise that slipped under the radar and rewrote the rules of what a crypto hack can look like.🧠 A New Class of ExploitIt was confirm that the attackers did not need access to wallet keys or administrative credentials. Instead, they gained entry into BigONE’s backend production systems, likely through a third-party software dependency or misconfigured access point.Once inside, they modified the logic of the exchange’s internal transaction systems, effectively fooling the platform into processing fraudulent withdrawals as if they were legitimate user requests.By tampering with risk-control logic, the attackers bypassed withdrawal limits, automated fraud checks, and monitoring systems.In other words:They didn't steal the vault. They reprogrammed the vault to hand them the money.💸 The Stolen FundsOver the span of several hours, an estimated $27 million was drained from hot wallets spanning multiple chains:120 BTC1,272 ETH8.5 million USDT (TRC-20, ERC-20, BSC, Solana)1,800 SOLAdditional funds in SHIB, UNI, DOGE, SNT, CELR, and other tokensKnown Attacker Wallets:Blockchain AddressEthereum/BSC 0x9Bf7a4dDcA405929dba1FBB136F764F5892A8a7aBitcoin bc1qwxm53zya6cuflxhcxy84t4c4wrmgrwqzd07jxmTron TKKGH8bwmEEvyp3QkzDCbK61EwCHXdo17cSolana HSr1FNv266zCnVtUdZhfYrhgWx1a4LNEpMPDymQzPg4RLets look through an example through visualisation graphETHImage captured from the BountyTrack Dashboard (ETH)⚠️ Silent Signals Ignored?What makes this attack so alarming is its stealth. The attacker didn’t drain wallets with sudden, suspicious spikes. Instead, they operated under modified logic that made fraudulent withdrawals appear perfectly ordinary within internal systems.This raises serious questions:Were there no secondary audit layers to verify transaction legitimacy outside the application logic?Did the attacker have long-term access, waiting for the perfect moment to strike?Could this have been an inside job?BigONE has not disclosed details about how long the attacker had access or which specific systems were compromised, but it’s clear the intrusion was surgical, deliberate, and premeditated.

If you want free BNB token? React this post.

비가 계속와요 ㅠ

Blockchain is transforming industries beyond cryptocurrency. From supply chain transparency to secure digital identities, this technology is redefining how we exchange value and trust online. Stay ahead — the next big shift is already underway.

Joined airdrop and claim every hours. 🌊 Join Cleanify - Earn while cleaning the planet!Earn B3TR tokens and lottery tickets for daily actions and cleanups. Plus, invite friends and earn even more rewards! Join me:https://app.cleanify.vet?referralCode=468JS

#giveaway #Airdrop #Pool #Sol #Solana #BnB #USDT 🏆 Prize Pool 1000 $TRN🔘 Open Distribution link🔘 https://wn.nr/pj6nFHm🔘 Join our Telegram Channel🔘 Join our Telegram Group🔘 Follow our Twitter page & Retweet pinned post🔘 Send your address BNB/Ber-20 Wallet🔘 Done3435

On July 15, 2025, Arcadia Finance became the latest DeFi project to fall victim to a smart contract exploit, resulting in the loss of $3.5 million in user funds. Here’s what happened, how the attacker executed the hack, and what it means for the DeFi space going forward.🚨 What Happened?In the early hours of July 15, an attacker exploited a critical vulnerability in Arcadia Finance’s Rebalancer contract, a tool that allows users to manage asset allocations across their portfolio.Within minutes, the attacker drained approximately $2.5 million in stablecoins and other assets from Arcadia’s Base protocol vaults. Shortly after, a second attack followed, stealing an additional $1 million, bringing the total losses to over $3.5 million.🧠 How the Exploit WorkedThe exploit originated from a flaw in the swapData parameter of the Rebalancer contract.The attacker passed arbitrary and malicious data into swapData.This allowed the attacker to bypass validation checks and trigger unauthorized fund movements.A custom malicious contract executed the swap, draining user vaults in under one minute.🦹 Attacker Wallets & Fund MovementsThe key wallet involved in the exploit:0x0fa54E967a9CC5DF2af38BAbC376c91a29878615Image 1 Source from EtherscanFunds were bridged from Base Mainnet to ETH MainnetAs of today, ETH remains at this wallet and no further movement initiated. ✅ Final ThoughtsThe Arcadia hack underscores a painful truth: DeFi remains vulnerable without robust testing, on-chain monitoring, and swift incident response. As attackers grow more sophisticated, protocols must prioritize security as a feature, not an afterthought.Stay safe. Revoke unnecessary permissions. And keep your eyes on the chain.

it's been while since i can't login talken app, when i saw there has some lovely chainbounty in my wallet. Pretty cool keep it up!

What is join chainbounty and earn reward

The crypto world just got hit with another stealthy threat—this time targeting unsuspecting Firefox users through malicious wallet extensions.More than 40 fake Firefox extensions mimicking popular crypto wallets have been discovered since April 2025. These fraudulent add-ons, found directly on the Firefox Add-ons store, aren’t just phishing scams, they’re sophisticated clones capable of stealing private keys and draining entire wallets.🔍 The Deception: Looks Real, Acts EvilThe attackers didn’t build these fake extensions from scratch. Instead, they forked open-source code from legitimate wallets, like MetaMask, Phantom, Trust Wallet, OKX, Bitget, and Coinbase Wallet, and injected malicious scripts designed to silently steal user data.To make things worse, the extensions:• Used identical names and logos• Were stuffed with fake 5-star reviews• In some cases, were signed with valid Mozilla developer accountsThese wallet clones were nearly indistinguishable from the real thing. And once installed, they watched for one thing: your seed phrase.🧠 How the Attack WorksOnce a victim pastes a seed phrase or private key into the fake extension interface, it’s game over.These fake extensions:• Monitor inputs over 30 characters (typical of seed phrases)• Immediately exfiltrate them to attacker-controlled servers• Also log the user’s IP address, likely for geographic targeting🇷🇺 Who’s Behind It?Investigators found Russian-language comments in the code and metadata tied to Russian-speaking actors, although attribution is not conclusive.The infrastructure behind the scam was impressively organized:• Hosting on bulletproof VPS providers• Constantly rotating domain names• Multiple versions pushed across dozens of wallets and language localizationsThis wasn’t a quick smash-and-grab. It was an industrial-scale operation.🧯 Mozilla’s ResponseMozilla has begun purging these fake extensions, but new ones keep popping up. As of July 2025, many remain live on the Add-ons store, making this a whack-a-mole nightmare for security teams.Mozilla stated that it is:• Using automated scanning tools• Relying on user reports• Tightening vetting procedures for crypto-related extensionsBut clearly, more must be done.🛡️ What You Can Do NowIf you use Firefox for crypto-related activity, pause and reassess your security posture. Here's what I recommend:🔐 Action Why It MattersAvoid browser wallet extensions Especially on Firefox, until the dust settles. Use mobile apps or official websites.Install only from verified sources Check the publisher name and history. Don't trust reviews alone.Enable 2FA everywhere Adds a critical second layer to access.Use cold storage for large holdings If it’s not online, it can’t be drained.Report suspicious extensions Help Mozilla remove threats faster.🧰 Free Tool to Check for Scam WalletsAt scamhunter.ai, we’re fighting crypto scams head-on. Uppsala Security offers a free tool to:• Scan suspicious wallet addresses• View scam reports• Flag stolen assetsYou can try it free twice a day. Just paste in a wallet address and we’ll show you what we know.🚨 Final ThoughtsThis latest wave of wallet-cloning extensions on Firefox is a wake-up call for the crypto industry. Browser-based wallets are convenient, but they also open up new attack surfaces.As always in crypto, convenience must be balanced with paranoia. Double-check everything. Trust no extension blindly. And if you’ve ever typed a seed phrase into an extension, you should migrate your funds now.The attackers are evolving. So must our defenses.Stay safe, stay skeptical.