Platform users are closely monitoring the situation to secure their assets. The Nemo Protocol team has yet to provide a detailed public statement. Meanwhile, the community seeks clarity on whether the lost funds can be recovered. Security researchers are actively investigating the attack and tracking the attacker’s wallet movements. 

Attack Details and Implications for Nemo Protocol 

Nemo Protocol allows users to deposit assets and take positions based on changing interest rates. All operations are automated through smart contracts, making the system fast and efficient. However, even minor coding errors can lead to significant losses. In this case, the attacker exploited a weak point and quickly moved the funds across different networks, evading detection. 

The scale of this single attack is concerning. DeFi hacks continue to account for a large portion of crypto losses in 2025. Every month, new incidents increase the total loss, with August alone seeing millions of dollars stolen in 16 separate attacks. 

Cross-Chain Bridges: Key Vulnerabilities for DeFi 

Cross-chain bridges allow users to transfer assets between different blockchains. While convenient, these bridges concentrate large funds, making them prime targets for hackers. Attackers exploit the complexity of DeFi systems to move stolen assets across multiple networks. Cross-chain vulnerabilities remain one of the biggest security concerns in DeFi. 

Developers must prioritize security measures to prevent attacks. Even sophisticated users cannot fully mitigate risks if bridge and contract vulnerabilities exist. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Breaking: Sui-Based DeFi Platform Hacked! appeared first on Coin Engineer.

One message. That’s all it takes for hackers to drain your entire wallet. A signed offchain message is now powerful enough to hand over control of your funds — no onchain transaction required.

EIP-7702: The Risky New Delegation Mechanism

Activated on May 7, 2025, Pectra’s centerpiece EIP-7702 introduces a transaction type called SetCode, which allows users to delegate control of their wallets via a simple signature.

Arda Usman, a Solidity smart contract auditor, confirmed: “An attacker can use this offchain signature to install malicious code into an externally owned account (EOA) and move ETH or tokens — without the user ever signing a transaction.”

This feature effectively transforms user wallets into smart contracts, opening the door to silent yet devastating attacks.

A Stealth Threat Via Innocent-Looking Messages

Yehor Rudytsia, an onchain researcher at Hacken, emphasized that this transaction type allows arbitrary code to be installed in wallets. Previously, such a change required an actual transaction; now, only a signature is enough.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

This shift means phishing attempts, fake DApps, or Discord scams can now result in complete wallet takeovers. “We believe this will become the most common attack vector following the Pectra upgrade,” Rudytsia warned.

Wallet applications that fail to correctly interpret transaction type 0x04 are especially vulnerable.

Hardware Wallets Are Not Immune Anymore

The once-clear distinction between hot and cold wallets is fading. Rudytsia highlighted that hardware wallets are now just as vulnerable if users unknowingly sign malicious messages: “Once signed, all funds can be gone in a moment.”

To stay safe, users should:

• Never sign messages they do not fully understand.
• Look out for delegation requests, especially those involving nonce values.
• Be aware that some delegation signatures can be replayed on any Ethereum-compatible chain.

While multisig wallets offer more robust protection, single-key wallets — including hardware ones — must adopt new safeguards to prevent exploitation.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Ethereum Pectra Update Contains a Critical Vulnerability! appeared first on Coin Engineer.