Hack Details and Impact 

Abracadabra Money has now been attacked for the third time in the past two years. In 2024 and 2025, it lost $6.49 million and $13 million, respectively. According to blockchain researchers @officer_cia and Weilin William Li, the attacker exploited a vulnerability in Abracadabra’s smart contracts. Around $1.7 million in MIM tokens was withdrawn and swapped for ~395 ETH. 

• All affected smart contracts have been paused. 
• The attacker bypassed payment controls to quickly transfer the funds. 
• Abracadabra team has not yet released an official statement. 

Market Reaction and Precautions 

Abracadabra Money previously lost $13 million in a March 2025 hack. The recent attack has increased community calls for stress tests and comprehensive smart contract audits. 

According to CoinMarketCap, Magic Internet Money (MIM) saw a 16.98% drop in trading volume. The 60-day price decline reached 40.26%, while the 90-day increase recorded 19.83%. This underscores the sensitivity of investor confidence. 

The incident reignites discussions on security measures in the DeFi sector. Experts emphasize that proactive security testing and rigorous smart contract audits are critical. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post DeFi Protocol Abracadabra Money Loses $1.7M in Hack Attack appeared first on Coin Engineer.

Details of the NGP Token Hack 

The attacker manipulated the price using the PancakeSwap BUSD-NGP pool after buying NGP tokens at low prices. During this process, the maximum purchase limit and buyer waiting time were bypassed using a “DEAD” address. Subsequently, BUSD was withdrawn, draining the liquidity pool. This caused a sudden spike in NGP token price while resulting in a total loss of $2 million. 

Notably, the attacker transferred 443.8 ETH of the stolen funds to Tornado Cash. This move made tracing the transactions difficult and complicated fund recovery further. 

Critical Vulnerabilities in Token Design 

The NGP token attack exploited two main security flaws: 

• Purchase Limit Bypass: Using the “DEAD” address as the buyer allows bypassing the maximum purchase rule. 
• Price Manipulation During Sale: Contract synchronization during token sales reflects deducted fees, momentarily inflating the token price. 
• These vulnerabilities enabled the attacker to manipulate prices through large-volume transactions. 

Market Impact and Security Measures Post-Attack 

The hack highlights the importance of robust security measures in the DeFi ecosystem. Experts recommend strict control of purchase and sale limits in smart contracts and restricting the use of special addresses. Additionally, contract synchronization mechanisms should be secured against potential attacks. 

 You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post 2 Million Dollar Hack Hits BSC Token, Price Drops 88% appeared first on Coin Engineer.

Platform users are closely monitoring the situation to secure their assets. The Nemo Protocol team has yet to provide a detailed public statement. Meanwhile, the community seeks clarity on whether the lost funds can be recovered. Security researchers are actively investigating the attack and tracking the attacker’s wallet movements. 

Attack Details and Implications for Nemo Protocol 

Nemo Protocol allows users to deposit assets and take positions based on changing interest rates. All operations are automated through smart contracts, making the system fast and efficient. However, even minor coding errors can lead to significant losses. In this case, the attacker exploited a weak point and quickly moved the funds across different networks, evading detection. 

The scale of this single attack is concerning. DeFi hacks continue to account for a large portion of crypto losses in 2025. Every month, new incidents increase the total loss, with August alone seeing millions of dollars stolen in 16 separate attacks. 

Cross-Chain Bridges: Key Vulnerabilities for DeFi 

Cross-chain bridges allow users to transfer assets between different blockchains. While convenient, these bridges concentrate large funds, making them prime targets for hackers. Attackers exploit the complexity of DeFi systems to move stolen assets across multiple networks. Cross-chain vulnerabilities remain one of the biggest security concerns in DeFi. 

Developers must prioritize security measures to prevent attacks. Even sophisticated users cannot fully mitigate risks if bridge and contract vulnerabilities exist. 

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Breaking: Sui-Based DeFi Platform Hacked! appeared first on Coin Engineer.

The new direction? Open-source development, stronger security, and a commitment to compensate users.

Vulnerability Patched, Open-Source Future Unveiled

On May 22, attackers took advantage of a flaw in Cetus‘ pricing mechanism, draining major liquidity pools. Fortunately, $162 million worth of stolen assets were frozen shortly after.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

In a June 7 statement, the team revealed that they’ve not only patched the vulnerability but are also transitioning to an open-source model. A new white hat bounty program is launching to crowdsource contributions to security and stability.

Liquidity Restored Through Multiple Channels

To resume operations, Cetus replenished its liquidity using $7 million in cash reserves, a $30 million USDC loan from the Sui Foundation, and partial recovery of the stolen funds. Recovery rates for affected pools range from 85% to 99%, depending on the drain severity.

As part of a user compensation strategy, 15% of CETUS token supply has been allocated. While 5% will be distributed immediately, the remaining 10% will unlock linearly over 12 months, starting June 10.

Legal Action Underway As Security Tightens

Though a $6 million white hat bounty was initially offered, the attacker has started laundering funds, prompting Cetus to pursue legal action across multiple jurisdictions. Law enforcement agencies are actively involved, and the team remains confident about asset recovery.

Security audits are being ramped up again as Cetus aims to win back user trust through transparency and resilience.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Cetus Return With Open-Source Vision After Devastating Exploit appeared first on Coin Engineer.

According to data from cybersecurity firm CYVERS, WazirX’s Safe Multisig wallet on the Ethereum network was compromised. The attackers reportedly transferred a total of $234.9 million to a new address, with each transaction originating from a TornadoCash-funded account.

Blockchain security company PeckShield also confirmed the exploit through a recent tweet. Reports suggest the attackers are swapping stolen assets like PEPE, GALA, and USDT to Ethereum (ETH) and potentially continuing swaps with other cryptocurrencies.

The post BREAKING: Cryptocurrency Exchange WazirX Suffers $234 Million Hack appeared first on Coin Engineer.

According to SlowMist’s chief information security officer, a hacker from Lazarus Group created a fake LinkedIn profile under the name “Nevil Bolson” claiming to be the co-founder of Fenbushi Capital. It was determined that the profile picture used by the fraudster belonged to the real Fenbushi Capital partner Remington Ong.

It has been confirmed that the fake LinkedIn page remains active and the fraudster is soliciting discussions from software developers. Lazarus Group often conducts private conversations on LinkedIn pretending to be an investor and then tries to schedule meetings with its targets.

SlowMist warns that Lazarus Group’s strategy involves gaining the victim’s trust before adding malicious links disguised as meeting invitations or event pages that, when clicked, will lead to phishing attacks.

By comparing IP addresses and observing similarities in attack methods, the security firm determined that “Nevil Bolson” was part of the Lazarus Group.

As reported by the UN Security Council, North Korea’s state-sponsored crypto hacker groups allegedly generate significant revenue for the country, a large portion of which is allocated to the development of weapons of mass destruction.

According to Chainalytics, approximately $1.7 billion worth of funds have been stolen from the cryptocurrency space through 231 hacks.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Lazarus Group Targets DeFi via Fake Fenbushi Capital Profile on LinkedIn, Says SlowMist appeared first on Coin Engineer.

According to the security firm PeckShield, the DeFi yield aggregator Zunami Protocol has suffered an hack attack that will result in losses exceeding $2.1 million.

On Monday morning, PeckShield disclosed an assault involving two big transactions. PeckShield reported that the hacking of funds from Zunami Protocol occurred through the mixing service Tornado Cash.

Following PeckShield’s warning, the Protocol stated, “zStables seems to have faced an attack.”‘ However, they added that the collateral is safe and the team has started investigating.

You might like: Polygon-based Y00TS NFTs to Move to Ethereum

Zunami Protocol Price Manipulation Attack

In a tweet, the security company pointed out that the Zunami Protocol hack exploited a price manipulation issue, which could be further leveraged through donations to inaccurately calculate the price.

Xian Yu, the founder of SlowMist, said today that their firm detected the security vulnerability two months ago. This project fell victim to price manipulation attacks, suffering losses exceeding $2.1 million. Yu, also known as Cos, emphasized, “What’s crucial is our system identifying this risk two months ago and them informing us proactively.”

You can share your opinions in the comments about the topic. Also, follow us on Telegram, Twitter, and YouTube for more content like this.

The post Zunami Protocol Hit by $2.1 Million Price Manipulation Hack! appeared first on Coin Engineer.