Details of the Attack and Preparation

Blockchain analyses show the attacker funded their account stealthily with small 0.1 ETH transfers through Tornado Cash to avoid detection. Coinbase executive Conor Grogan said the attacker stored at least 100 ETH in Tornado Cash smart contracts and that those funds may link to earlier hacks. Grogan stated, “Hacker seems experienced: seeded the account with 100 ETH and operated with 0.1 ETH Tornado Cash transfers. No opsec leaks.” This behavior clearly points to a professional actor who prepared ahead of time. Balancer announced it would offer a 20% white‑hat bounty if the stolen funds were returned in full (minus the reward).

What Makes the Balancer Hack Unique

Deddy Lavid, co‑founder and CEO of blockchain security firm Cyvers, called the Balancer exploit one of the most sophisticated attacks of 2025. The attackers bypassed access control layers to manipulate asset balances directly. This represents a critical failure in operational governance rather than a flaw in core protocol logic.

Lavid also warned that static code audits are no longer enough. He urged platforms to implement continuous, real‑time monitoring to detect suspicious flows before funds are drained.

, co‑founder and CEO of blockchain security firm Cyvers, called the Balancer exploit one of the most sophisticated attacks of 2025. The attackers bypassed access control layers to manipulate asset balances directly. This represents a critical failure in operational governance rather than a flaw in core protocol logic.

Lavid also warned that static code audits are no longer enough. He urged platforms to implement continuous, real‑time monitoring to detect suspicious flows before funds are drained.

Lazarus Group and Long‑Term Preparation Strategies

Similarly, North Korean group Lazarus reportedly paused illicit activity for months before the Bybit hack. Chainalysis data showed a sharp decline in cybercriminal activity after July 1, 2024, which experts interpreted as regrouping to identify new targets and probe infrastructure.

In the Bybit incident, attackers laundered the $1.4 billion through THORChain within 10 days. That operation demonstrates how months‑long stealth and preparation can precede large, professionally executed exploits—parallels that highlight the seriousness of the Balancer incident.

Recommendations for Balancer Users

Store crypto assets only in trusted wallets and avoid moving large sums in single transactions. Be aware that using Tornado Cash and similar mixers can draw attention from professional attackers and investigators, and consider employing multi‑layer security practices to reduce exposure to sophisticated on‑chain exploits.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Was the Balancer DEX Hack Prepared Months in Advance? appeared first on Coin Engineer.

Millions Lost Within Minutes

The attacker deployed a smart contract from address 0xb32a53… at 07:31 UTC and launched the exploit two minutes later from contract 0x631adf…, draining funds from wallet 0xb5252f… The stolen tokens were quickly converted into USDT, totaling $2,152,219.99.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

Cyvers classified the exploit as “critical,” citing abnormal transaction patterns and suspicious contract code. As of publication, the attacker’s wallet remains active and has not moved the stolen assets. No official statement has been issued by the Mobius Token team.

Cyvers noted their system had flagged the malicious contract two minutes prior to the exploit, but it was too late to prevent the loss.

Crypto Exploits Surge in 2025

This incident follows a wave of crypto hacks reported in April 2025, when PeckShield identified over $360 million in digital asset losses from 18 attacks — a 990% increase from March. The largest was a $330 million BTC theft via social engineering.

As the crypto space grows, so do the threats. This attack highlights the importance of not only decentralization but robust smart contract security in protecting investors and protocols alike.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Mobius Token Smart Contracts Exploited on BNB Chain appeared first on Coin Engineer.

Background of the Attack

On October 25, 2023, blockchain security firm Cyvers Alerts reported an attack on the Base blockchain. This incident occurred through a vulnerability in a smart contract related to Wrapped Ether (WETH). The attackers exploited weaknesses in oracle services to manipulate prices, stealing approximately $993,534 in funds. They transferred a significant portion of the funds to the Ethereum network and then funneled $202,549 through the privacy-focused Tornado Cash platform, later stealing an additional $455,127 using the same method.

Price Manipulations

The primary method used in this attack involved exposing a weak oracle to price fluctuations. Oracles, tools used to provide external data to the blockchain, are commonly used in decentralized finance (DeFi) projects. When oracles rely on low-liquidity and unreliable trading pairs, they become vulnerable to price manipulation. Cyvers’ senior SOC leader, Hakan Ünal, explained that the oracle in question depended on a pair with limited liquidity, which made manipulation easier.

Oracle manipulations pose a critical threat in the DeFi ecosystem. Ensuring the secure verification of oracles is essential to protect users’ funds. This attack underscores the need for DeFi projects to strengthen and secure their oracle solutions.

Expert Recommendations for DeFi

Cyvers noted that such attacks occur due to the use of unverified lending contracts. To prevent these attacks, they recommend using oracles with higher liquidity. Additionally, enhancing oracle diversity and security is an important step toward preventing similar price manipulations. The reliability of oracles will be a crucial factor for the future growth of DeFi platforms.

Security Protocols

This attack highlights the need for DeFi platforms to address security vulnerabilities. Strengthening oracle reliability and verifying lending contracts are critical steps to prevent such attacks. Unverified lending contracts weaken the system’s security, posing a significant risk to user funds in the DeFi ecosystem.

While the attacker’s identity remains unknown, the responsibility falls on organizations managing unverified lending contracts and those making insecure oracle selections. This attack emphasizes that DeFi projects need to adopt not only a growth-oriented but also a security-focused approach. Projects offering more reliable and diversified oracle solutions, such as Chainlink, can play an essential role in preventing such attacks.

The Need for Security

To ensure continued growth in the DeFi space, proactive measures must be taken against security vulnerabilities. Protecting user funds, correctly configuring oracles, and implementing robust security protocols are vital for the sustainability of DeFi projects. This incident serves as a reminder that enhanced security measures are crucial for the continued development of DeFi.

You can join our Telegram channel to not miss the news and stay informed about the crypto world.

The post $1 Million Attack on Base Blockchain! appeared first on Coin Engineer.

Surge in Centralized Exchange Exploits

With overall crypto losses in the second quarter of 2024 exceeding $600 million, there was a 100% rise over last year. Losses on centralized exchanges accounted for 900% of the main cause of this explosion in stolen money. The study links this change to the concentration of assets on these platforms and maybe inadequate security policies.

“This quarter has seen a notable change in attack paths; centralized exchanges (CEX) bear the most of the major incidents, while decentralized finance (DeFi) systems show improved resilience” the research said.

Nature of Attacks and Notable Incidents

With over $490 million of the stolen money in Q2 alone coming from access control breaches—often in the form of phishing attacks—smart contract vulnerabilities accounted for less than $70 million withdrawn. DeFi protocols’ quick response to freeze corrupted smart contracts has shielded consumers, even if dangers still exist when hackers discover fresh weaknesses.

One well-publicized incident was the May hack of Japanese bitcoin exchange DMM, which exposed a private key and caused losses of over $300 million. Furthermore, in June Turkish bitcoin exchange BtcTurk lost around $50 million to hackers.

Recovery of Stolen Funds and Future Threats

With a 42% increase in recovered monies in Q2 compared to last year, victims are having better success in recovering their stolen money even if theft is rising. Still, 76% of missing money never comes back. Cyvers also spoke of potential dangers from artificial intelligence and quantum computing, which may provide hackers advanced new tools for evading onchain security systems.

In essence, even if distributed financial systems exhibit better resilience, centralized exchanges have evolved as the new ground zero for crypto attacks with major security concerns ahead.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Centralized Exchanges at the Center of Rising Crypto Thefts in 2024 appeared first on Coin Engineer.

According to Arkham Intelligence, attackers managed to steal approximately $20 million worth of cryptocurrency.

Attacker Converts Stolen Funds to Ethereum (ETH)!

In addition to Arkham, on-chain security company Cyvers confirmed the hack. Cyvers reported that the attacker is converting the stolen funds to Ethereum (ETH).

“Our system detected a series of suspicious transactions related to UwU Lend.

The attacker conducted 3 transactions, obtaining approximately $19.5 million. However, the hack is still ongoing, and the amount could increase. Currently, the attacker is converting the stolen digital assets to Ethereum (ETH).”

The post Another Crypto Platform Hacked! appeared first on Coin Engineer.

ALERTOur AI-powered system has detected multiple suspicious transactions with @Stake.https://t.co/0ZoMITOyF5 address received about $16M in $ETH $USDC $USDT and $DAI

All the stable coins are converted to $ETH and distributed to different EOAs.

FYI: @tayvano_ @zachxbt pic.twitter.com/CSGwRHEiVm

— Cyvers Alerts (@CyversAlerts) September 4, 2023

The irregular transactions, initially brought to light by the Web3 security firm Cyvers, involve conversions from USDT to ETH as part of suspicious crypto outflows from Stake. These transactions, as per Etherscan data, occurred between 8:52 a.m. ET and 10:05 a.m. ET. At 10:08 am ET, Stake’s official Telegram channel announced temporary maintenance for Ethereum and BSC/ERC20 networks. Attempts to reach Stake via their official press email resulted in undeliverable messages, and a spokesperson did not respond to inquiries from Blockworks. The suspicious nature of these transfers primarily arises from the conversion of USDT to ETH, as Ethereum cannot freeze ETH holdings, a capability that Tether possesses.

You might like: The Latest Status of Bitcoin and Cryptocurrencies

In addition to the Ethereum transactions, blockchain investigators have also tracked $17.8 million on the BNB Chain and $7.8 million on the Polygon PoS chain.

Hi @Stake, you may want to take a look: https://t.co/qtoTeXpXWE

— PeckShield Inc. (@peckshield) September 4, 2023

Stake, a Curacao-based platform self-described as a “leading crypto casino,” allows users to place bets on sports and online games using cryptocurrencies such as Bitcoin (BTC), Ethereum (ETH), and Dogecoin (DOGE). The platform, established in 2017, also supports betting in traditional currencies, including the US dollar. It’s worth noting that Stake has been embroiled in a trademark infringement lawsuit in Australia and is facing a separate $400 million claim from a former associate against its founders.

You can share your opinions in the comments about the topic. Also, follow us on Telegram, Twitter, and YouTube for more content like this.

The post Suspicious $40M Crypto Outflows from Hack Concerns appeared first on Coin Engineer.