Unleash Protocol
December 26, 2025
•[ Theft, Cryptocurrency, Smart Contract Exploit ]
Unauthorized multisig takeover allowed attacker to deploy a malicious contract upgrade and drain protocol funds, which were later laundered through Tornado Cash.
BigONE
July 16, 2025
•[ hacked, theft, cryptocurrency ]
BigOne disclosed that hackers stole ~$27M; deposits,trading, and withdrawals were taken offline temporarily.
At least one Crypto firm targeted via macOS malware
June 30, 2025
•[ malware, cryptocurrency, theft ]
Indonesian outlet Liputan6 reports North Korean actors using macOS malware to target cryptocurrency companies, consistent with DPRKs crypto theft campaigns.
Nobitex Cryptocurrency Exchange
June 18, 2025
•[ hacktivism, cryptocurrency, theft ]
Predatory Sparrow (pro-Israel hacktivist group) breached Irans Nobitex cryptocurrency exchange on June 18 2025, transferring roughly $90 million USD in assets to unrecoverable wallet addresses; action was intended to punish Iranian regime-linked financial infrastructure; no evidence of ransom or profit motive.
Infini (Infini Earn)
February 24, 2025
•[ insider threat, financial theft, cryptocurrency ]
A former developer or compromised admin key was used to withdraw $49.5 million from Infinis smart-contract vault on February 24 2025. The attacker converted USDC to ETH and moved the funds off-chain. Infini, a Hong Kong-based stablecoin bank, offered a 20% bounty for fund return and filed legal action against a former developer in Hong Kong.
Undisclosed cryptocurrency market-making firm
October 20, 2024
•[ data exfiltration, cryptocurrency, state-sponsored attack ]
Recorded Future observed C2 reconnaissance followed by FTP exfiltration from a market-making firm in the UAE during the Contagious Interview campaign (OctNov 2024). Attributed to the NGB 3rd Technical Surveillance Bureau (North Korea).
