BREAKING: $1.5M in Bitcoin vanishes from Seoul police cold wallet
22 BTC disappeared from a cold wallet held as evidence by Gangnam police station in Seoul.
The device itself was not stolen. Only the funds vanished.
This was discovered during an audit triggered by a similar incident where 320 BTC disappeared from Gwangju Prosecutor's Office.
Critical questions:
How were private keys accessed without the physical device being stolen?
Who had authorization to move evidence funds?
Were there multisig controls or audit trails?
This is the second major incident of seized Bitcoin disappearing from South Korean law enforcement custody.
Investigation ongoing.
22 BTC disappeared from a cold wallet held as evidence by Gangnam police station in Seoul.
The device itself was not stolen. Only the funds vanished.
This was discovered during an audit triggered by a similar incident where 320 BTC disappeared from Gwangju Prosecutor's Office.
Critical questions:
How were private keys accessed without the physical device being stolen?
Who had authorization to move evidence funds?
Were there multisig controls or audit trails?
This is the second major incident of seized Bitcoin disappearing from South Korean law enforcement custody.
Investigation ongoing.
β€3
π¨ ALERT: Moonwell exploited for $1.78M due to AI-generated vulnerable code
Moonwell lost $1.78M after deploying code co-authored by Claude Opus 4.6 without proper auditing.
The bug: cbETH price set at $1.12 instead of $2,200+ in the oracle formula, enabling price manipulation.
GitHub commits show the vulnerable code was AI-assisted ("vibe coding"). This is not the first case, OpenClaw and others faced similar issues.
The problem is not AI tools. The problem is deploying AI-generated code without comprehensive security audits.
Key lesson: AI accelerates development but cannot replace human security review. Every line of AI-generated smart contract code needs rigorous auditing.
Projects skipping audits are gambling with user funds.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
Moonwell lost $1.78M after deploying code co-authored by Claude Opus 4.6 without proper auditing.
The bug: cbETH price set at $1.12 instead of $2,200+ in the oracle formula, enabling price manipulation.
GitHub commits show the vulnerable code was AI-assisted ("vibe coding"). This is not the first case, OpenClaw and others faced similar issues.
The problem is not AI tools. The problem is deploying AI-generated code without comprehensive security audits.
Key lesson: AI accelerates development but cannot replace human security review. Every line of AI-generated smart contract code needs rigorous auditing.
Projects skipping audits are gambling with user funds.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
β€3
ALERT: StakeNova protocol exploited for $135K on Solana
Over 1,500 SOL drained through flash loan attack involving $2.5M in $SOL.
StakeNova offered the exploiter a deal: return 90% of funds, keep 10% as white hat bounty with no legal action.
At time of writing, funds remain in attacker's wallet.
The exploit happened just two days before the project's planned submission to RadiantDAO Solana Mobile Hackathon.
Flash loan attacks continue to be a major vulnerability in DeFi protocols, especially on Solana where transaction speed enables rapid exploitation.
If you've lost funds to crypto exploits or fraud, contact Hackless. We help victims quickly recover their assets through forensic tracing and legal coordination.
Hackless.io
Over 1,500 SOL drained through flash loan attack involving $2.5M in $SOL.
StakeNova offered the exploiter a deal: return 90% of funds, keep 10% as white hat bounty with no legal action.
At time of writing, funds remain in attacker's wallet.
The exploit happened just two days before the project's planned submission to RadiantDAO Solana Mobile Hackathon.
Flash loan attacks continue to be a major vulnerability in DeFi protocols, especially on Solana where transaction speed enables rapid exploitation.
If you've lost funds to crypto exploits or fraud, contact Hackless. We help victims quickly recover their assets through forensic tracing and legal coordination.
Hackless.io
1β€3
ALERT: $50M turned into $36K due to 99% slippage on AAVE swap
Trader Garrett Bullish attempted to swap $50M USDT for AAVE tokens on mobile and received only $36K worth (324 AAVE tokens) after ignoring high slippage warnings.
What happened:
User executed massive single order through AAVE interface
Platform warned about extraordinary slippage with confirmation checkbox
User confirmed on mobile and proceeded anyway
99% loss due to insufficient liquidity for order size
AAVE confirmed the transaction could not proceed without explicit user confirmation of the risk. CoW Swap routers functioned as intended.
AAVE will return $600K in fees collected, but the $50M loss remains.
Key lesson: Large single orders in DeFi face extreme slippage. Always split large trades, use limit orders, or work with OTC desks for transactions of this size.
If you've lost funds to crypto fraud or scams, contact Hackless. We help victims quickly recover their assets through forensic tracing and legal coordination.
Hackless.io
Trader Garrett Bullish attempted to swap $50M USDT for AAVE tokens on mobile and received only $36K worth (324 AAVE tokens) after ignoring high slippage warnings.
What happened:
User executed massive single order through AAVE interface
Platform warned about extraordinary slippage with confirmation checkbox
User confirmed on mobile and proceeded anyway
99% loss due to insufficient liquidity for order size
AAVE confirmed the transaction could not proceed without explicit user confirmation of the risk. CoW Swap routers functioned as intended.
AAVE will return $600K in fees collected, but the $50M loss remains.
Key lesson: Large single orders in DeFi face extreme slippage. Always split large trades, use limit orders, or work with OTC desks for transactions of this size.
If you've lost funds to crypto fraud or scams, contact Hackless. We help victims quickly recover their assets through forensic tracing and legal coordination.
Hackless.io
π€―2
2025 Crypto Crime Report: Crime is becoming industrialized
Key findings:
$154B in illicit transaction volume
694% surge in sanctioned entity activity
$2B+ stolen by North Korea (DPRK)
$93B in A7A5 settlement flows
Organized crime groups now run sophisticated digital asset supply chains, and nation state actors are increasingly using the same infrastructure.
Crypto crime is no longer opportunistic individuals. It's coordinated, well funded operations with industrial scale capabilities.
If you've lost funds to crypto fraud or theft, contact Hackless. We help victims quickly recover their assets through forensic tracing and legal coordination.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
Key findings:
$154B in illicit transaction volume
694% surge in sanctioned entity activity
$2B+ stolen by North Korea (DPRK)
$93B in A7A5 settlement flows
Organized crime groups now run sophisticated digital asset supply chains, and nation state actors are increasingly using the same infrastructure.
Crypto crime is no longer opportunistic individuals. It's coordinated, well funded operations with industrial scale capabilities.
If you've lost funds to crypto fraud or theft, contact Hackless. We help victims quickly recover their assets through forensic tracing and legal coordination.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
1β€2
BREAKING: Irish police crack "lost" Bitcoin wallet from 2019 seizure
Ireland's Criminal Assets Bureau (CAB), with Europol support, successfully accessed 1 of 12 locked wallets containing 500 BTC (β¬30M).
The backstory:
6,000 BTC seized in 2019 drug operation
Access codes lost after being hidden in fishing rod case that was discarded
All 12 wallets remained locked for years
Authorities waited for technology to catch up
The breakthrough:
CAB used advanced decryption with Europol technical support
Likely brute forced weak password on wallet .dat file
Seed phrases were lost (stored only on paper)
Remaining 5,500 BTC still locked but authorities believe this breakthrough could unlock the rest, potentially making it one of Europe's largest crypto seizures at β¬360M total value.
This demonstrates that "lost" crypto isn't always permanently lost, especially when law enforcement has the physical devices and time to develop cracking methods.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
Ireland's Criminal Assets Bureau (CAB), with Europol support, successfully accessed 1 of 12 locked wallets containing 500 BTC (β¬30M).
The backstory:
6,000 BTC seized in 2019 drug operation
Access codes lost after being hidden in fishing rod case that was discarded
All 12 wallets remained locked for years
Authorities waited for technology to catch up
The breakthrough:
CAB used advanced decryption with Europol technical support
Likely brute forced weak password on wallet .dat file
Seed phrases were lost (stored only on paper)
Remaining 5,500 BTC still locked but authorities believe this breakthrough could unlock the rest, potentially making it one of Europe's largest crypto seizures at β¬360M total value.
This demonstrates that "lost" crypto isn't always permanently lost, especially when law enforcement has the physical devices and time to develop cracking methods.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
1β€2
BREAKING: KelpDAO exploited for $290M - Aave exposed to bad debt
Attacker minted 116,500 unbacked rsETH, deposited as collateral in Aave, and borrowed $280M in real ETH/WETH.
The impact:
$280M extracted from lending markets
rsETH collateral now worthless, debt remains real
Aave carrying $200-300M in bad debt
$1.2B rsETH collateral in Aave at risk
Why this matters:
Composability attack: one protocol hacked, another left holding the bag
Liquidation mechanism broken (unbacked collateral can't be liquidated)
Cascade risk if users panic withdraw or unwind positions
Aave has frozen rsETH to prevent further damage.
Key lesson: DeFi composability means one exploit cascades across interconnected protocols.
If you've lost funds to DeFi exploits, contact Hackless. We help victims recover assets through forensic tracing and legal coordination.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
Attacker minted 116,500 unbacked rsETH, deposited as collateral in Aave, and borrowed $280M in real ETH/WETH.
The impact:
$280M extracted from lending markets
rsETH collateral now worthless, debt remains real
Aave carrying $200-300M in bad debt
$1.2B rsETH collateral in Aave at risk
Why this matters:
Composability attack: one protocol hacked, another left holding the bag
Liquidation mechanism broken (unbacked collateral can't be liquidated)
Cascade risk if users panic withdraw or unwind positions
Aave has frozen rsETH to prevent further damage.
Key lesson: DeFi composability means one exploit cascades across interconnected protocols.
If you've lost funds to DeFi exploits, contact Hackless. We help victims recover assets through forensic tracing and legal coordination.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
β€2
CRYPTO HACK DATA: $17.1B stolen over the past decade
The breakdown:
10 years (2016-2026): $17.1B lost across 518 incidents
5 years (2021-2026): $15.2B lost across 450+ incidents
1 year (Apr 2025-Apr 2026): $2.5B lost across 140+ incidents
Key insight: Most losses concentrated in the last 5 years, showing exponential growth in crypto crime.
The attack vector has shifted from smart contract bugs toward private key compromise and access control failures.
This means:
Social engineering attacks increasing
Insider threats and credential theft rising
Infrastructure security becoming critical attack surface
The industry is maturing but so are the attackers. Professional criminal operations now target crypto with industrial scale capabilities.
Lost funds to hacks or exploits? Contact Hackless for forensic recovery.
The breakdown:
10 years (2016-2026): $17.1B lost across 518 incidents
5 years (2021-2026): $15.2B lost across 450+ incidents
1 year (Apr 2025-Apr 2026): $2.5B lost across 140+ incidents
Key insight: Most losses concentrated in the last 5 years, showing exponential growth in crypto crime.
The attack vector has shifted from smart contract bugs toward private key compromise and access control failures.
This means:
Social engineering attacks increasing
Insider threats and credential theft rising
Infrastructure security becoming critical attack surface
The industry is maturing but so are the attackers. Professional criminal operations now target crypto with industrial scale capabilities.
Lost funds to hacks or exploits? Contact Hackless for forensic recovery.
β€1
KelpDAO hacker lost $123 M to Aave liquidation
The attacker behind the $293 M KelpDAO exploit got liquidated after borrowing $123 M against worthless rsETH collateral.
What happened:
Aave adjusted rsETH price via oracle
Hacker's positions went underwater
Automatic liquidation on Ethereum and Arbitrum
$123 M recovered, sent to DeFi United Recovery Guardian for victims
The irony: Hacker exploited fake collateral, then lost funds borrowing against it.
Lost funds to exploits? Contact Hackless for forensic recovery.
Hackless.io
The attacker behind the $293 M KelpDAO exploit got liquidated after borrowing $123 M against worthless rsETH collateral.
What happened:
Aave adjusted rsETH price via oracle
Hacker's positions went underwater
Automatic liquidation on Ethereum and Arbitrum
$123 M recovered, sent to DeFi United Recovery Guardian for victims
The irony: Hacker exploited fake collateral, then lost funds borrowing against it.
Lost funds to exploits? Contact Hackless for forensic recovery.
Hackless.io
β€2
BREAKING: $ESPORTS token crashes 92% after massive sell-off
Over the past 4 hours, someone dumped 197.8M $ESPORTS tokens (43% of circulating supply) for 20,401 BNB ($13.65M).
The numbers:
43% of total supply sold in one move
$13.65M extracted
92% price crash
If you've lost funds to crypto scams or phishing attacks, contact Hackless.
We help victims quickly recover their assets through forensic tracing and legal coordination.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
Over the past 4 hours, someone dumped 197.8M $ESPORTS tokens (43% of circulating supply) for 20,401 BNB ($13.65M).
The numbers:
43% of total supply sold in one move
$13.65M extracted
92% price crash
If you've lost funds to crypto scams or phishing attacks, contact Hackless.
We help victims quickly recover their assets through forensic tracing and legal coordination.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
β€1
MARKET ALERT: THE TRUTH BEHIND LABβS $14B FDV AND INSIDER CONTROL
LAB continues to manipulate the market on centralized exchanges through its market maker, reaching a $5.7B market cap and $14B FDV. It is concerning that exchanges allow this to persist, especially as insiders control nearly the entire circulating supply.
The eventual release of hidden supply through OTC deals, private sales, or airdrops poses a significant risk to the market. Furthermore, uncertainty remains regarding whether the team will once again alter its vesting terms.
Retail traders are often lured by top-tier listings and high valuations that create an illusion of safety. It is essential to remain cautious of projects where insider-controlled volume dictates market dynamics.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
LAB continues to manipulate the market on centralized exchanges through its market maker, reaching a $5.7B market cap and $14B FDV. It is concerning that exchanges allow this to persist, especially as insiders control nearly the entire circulating supply.
The eventual release of hidden supply through OTC deals, private sales, or airdrops poses a significant risk to the market. Furthermore, uncertainty remains regarding whether the team will once again alter its vesting terms.
Retail traders are often lured by top-tier listings and high valuations that create an illusion of safety. It is essential to remain cautious of projects where insider-controlled volume dictates market dynamics.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
β€2
Ledger researchers discovered a way to bypass firmware signature verification in the TROPIC01 chip used in Trezor Safe 7.
Before you panic:
Attack requires physical device access
Expensive lab equipment needed
Researchers could not access any user private data
TROPIC01 is only one of three security layers on the device
User funds remain safe. A hardware-level fix is already in development.
This is responsible disclosure working as intended: vulnerability found, vendor notified, patch incoming before anyone gets hurt.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
Before you panic:
Attack requires physical device access
Expensive lab equipment needed
Researchers could not access any user private data
TROPIC01 is only one of three security layers on the device
User funds remain safe. A hardware-level fix is already in development.
This is responsible disclosure working as intended: vulnerability found, vendor notified, patch incoming before anyone gets hurt.
π Website | βοΈ X (Twitter) | π± Telegram | π¬ Chat
π2