hack
945,029 views
577 Discussing
Hot
Latest
#Hack #ResolvLabs
⏳ Ultimatum: Resolv gives hacker 72 hours to return $25 million
The situation surrounding the Resolv Labs hack on Sunday has been resolved in a “bounty or war” format. The Abu Dhabi-based stablecoin issuer has made an official demand to the attacker.
📜 Terms of the deal:
• Offer: The hacker can keep 10% ($2.5 million) as a reward for “white hat” activity.
• Demand: Return 90% of the funds (~$22.5 million in $ETH ) and all remaining USR tokens to the specified address.
• Deadline: Thursday, March 26.
🚨 What will happen in case of refusal?
Resolv is determined. If the funds are not returned, the company will involve:
1. Law enforcement and legal prosecution.
2. Blockchain analysts to publicly track each transaction.
3. Exchanges and bridges to completely freeze the hacker's assets.
🔍 How did the hack happen?
Experts have identified a critical vulnerability: the privileged role of minting (token creation) was controlled by only one wallet without multisigs, limits, or oracle checks. The hacker deposited $200k and “drawn” 80 million USR for himself, which he promptly converted into 11,409 $ETH .
🛡 What about users?
Resolv Digital Assets has already opened the possibility of redemptions for verified users who held USR at the time of the incident. Others are promised an update later.
⏳ Ultimatum: Resolv gives hacker 72 hours to return $25 million
The situation surrounding the Resolv Labs hack on Sunday has been resolved in a “bounty or war” format. The Abu Dhabi-based stablecoin issuer has made an official demand to the attacker.
📜 Terms of the deal:
• Offer: The hacker can keep 10% ($2.5 million) as a reward for “white hat” activity.
• Demand: Return 90% of the funds (~$22.5 million in $ETH ) and all remaining USR tokens to the specified address.
• Deadline: Thursday, March 26.
🚨 What will happen in case of refusal?
Resolv is determined. If the funds are not returned, the company will involve:
1. Law enforcement and legal prosecution.
2. Blockchain analysts to publicly track each transaction.
3. Exchanges and bridges to completely freeze the hacker's assets.
🔍 How did the hack happen?
Experts have identified a critical vulnerability: the privileged role of minting (token creation) was controlled by only one wallet without multisigs, limits, or oracle checks. The hacker deposited $200k and “drawn” 80 million USR for himself, which he promptly converted into 11,409 $ETH .
🛡 What about users?
Resolv Digital Assets has already opened the possibility of redemptions for verified users who held USR at the time of the incident. Others are promised an update later.
BALANCER LABS SHUTS DOWN AFTER HACK OF 110 MILLION USD
#balancer #DEFİ #Hack #CryptoNews #CryptoMarket
#balancer #DEFİ #Hack #CryptoNews #CryptoMarket
🚨 STABLECOIN NIGHTMARE JUST UNFOLDED 🚨
Resolv Labs stablecoin collapses 80% after a $23M exploit. This wasn’t volatility. This was a failure of trust.
1. Attackers used compromised private keys. Result? They minted 80M unbacked $USR with almost no collateral. That’s instant dilution.
2. Once confidence breaks… Liquidity vanishes. Price collapses. Death spiral begins.
3. $23M drained. But the real damage? Contagion across DeFi vaults.
4. This is the dark side of crypto: Smart contracts + key risk = catastrophic failure. No bailout. No safety net.
5. Stablecoin ≠ always stable. If backing fails… it becomes just another token.
6. Lessons: → Security is EVERYTHING
→ Trust is fragile
→ Risk management matters more than hype Survival in crypto isn’t about chasing gains… It’s about avoiding blow-ups.
#Crypto #DeFi #Stablecoins #Hack #Blockchain
Resolv Labs stablecoin collapses 80% after a $23M exploit. This wasn’t volatility. This was a failure of trust.
1. Attackers used compromised private keys. Result? They minted 80M unbacked $USR with almost no collateral. That’s instant dilution.
2. Once confidence breaks… Liquidity vanishes. Price collapses. Death spiral begins.
3. $23M drained. But the real damage? Contagion across DeFi vaults.
4. This is the dark side of crypto: Smart contracts + key risk = catastrophic failure. No bailout. No safety net.
5. Stablecoin ≠ always stable. If backing fails… it becomes just another token.
6. Lessons: → Security is EVERYTHING
→ Trust is fragile
→ Risk management matters more than hype Survival in crypto isn’t about chasing gains… It’s about avoiding blow-ups.
#Crypto #DeFi #Stablecoins #Hack #Blockchain
$🚨 DEFI NIGHTMARE JUST UNFOLDED… 🚨
Resolv Labs has officially paused its protocol after a massive exploit shook the ecosystem 💀
An attacker minted 50–80 MILLION unbacked $USR out of thin air…
Then swapped it into USDC, USDT & ETH like a pro exit scam 🐍
💸 Estimated damage: ~$25 MILLION drained
📉 Result: $USR completely de pegged
This wasn’t just a hack…
This was a liquidity execution ⚔️
👉 Lessons for investors:
• “Stable” doesn’t mean safe ❌
• Always check protocol backing & audits 🔍
• If minting isn’t controlled… it’s a ticking bomb 💣
Whales don’t warn you…
They just take your liquidity silently 🐋
Stay sharp. Stay skeptical.
#defi #hack
#Injective🔥
Resolv Labs has officially paused its protocol after a massive exploit shook the ecosystem 💀
An attacker minted 50–80 MILLION unbacked $USR out of thin air…
Then swapped it into USDC, USDT & ETH like a pro exit scam 🐍
💸 Estimated damage: ~$25 MILLION drained
📉 Result: $USR completely de pegged
This wasn’t just a hack…
This was a liquidity execution ⚔️
👉 Lessons for investors:
• “Stable” doesn’t mean safe ❌
• Always check protocol backing & audits 🔍
• If minting isn’t controlled… it’s a ticking bomb 💣
Whales don’t warn you…
They just take your liquidity silently 🐋
Stay sharp. Stay skeptical.
#defi #hack
#Injective🔥
🚨 USR Collapse: $80M Mint Exploit Hits Resolv
Resolv Protocol suffered a critical smart contract exploit, allowing an attacker to mint over $80M USR with zero collateral 💥
With just $200K, the attacker cashed out ~$23.8M in under 3 hours
USR lost its peg hard, crashing to ~$0.14 and shaking DeFi markets ⚠️
Root cause: broken mint logic with no validation + a single privileged wallet
This proves one thing — protocols don’t need a bear market to collapse… just flawed logic 👀
💭 What do you think — bug or insider job? Drop your thoughts below! 👇
$RESOLV #DeFi #Stablecoin #Hack #Security
Resolv Protocol suffered a critical smart contract exploit, allowing an attacker to mint over $80M USR with zero collateral 💥
With just $200K, the attacker cashed out ~$23.8M in under 3 hours
USR lost its peg hard, crashing to ~$0.14 and shaking DeFi markets ⚠️
Root cause: broken mint logic with no validation + a single privileged wallet
This proves one thing — protocols don’t need a bear market to collapse… just flawed logic 👀
💭 What do you think — bug or insider job? Drop your thoughts below! 👇
$RESOLV #DeFi #Stablecoin #Hack #Security
🚨 $23,660,000 disappeared in minutes… and “stablecoin” collapsed -69%!
💀 What happened today is terrifying:
Hack of Resolv Protocol
Theft 11,422 $ETH
Collapse of USR stablecoin
From $1.00 → $0.29 within minutes!
➡️ “Stablecoin” is no longer stable…
🧠 How did this happen? (In a terrifying nutshell)
The attacker:
Exploited a vulnerability in the smart contract
Withdrew the collateral (ETH)
Without burning USR
= Suddenly … the currency became “worthless”
📉 The catastrophic result:
Holders of USR: -70% in minutes
Liquidity providers: multiplied losses
The protocol? Essentially ended
➡️ One blow = wiped out wealth
⚠️ This is not the first time…
Remember:
Terra ($LUNA ) → $40B disappeared
And today USR
➡️ The same story… repeats
💡 The harsh truth:
Not every stablecoin is safe
USDT / USDC → “relatively safer”
Algorithmic → time bombs 💣
😨 The message to the market:
If $1 can become $0.29…
You do not have “stability”
You have hidden risk
💬 The question:
After this…
Do you still trust DeFi Stablecoins?
🟢 Yes (but only for the big players)
🟡 Very cautiously
🔴 Finished … I won’t touch it
👇 Your opinion
#crypto #DeFi #Stablecoin #Hack #Ethereum
⚠️ Not your keys ≠ Not your risk
💀 What happened today is terrifying:
Hack of Resolv Protocol
Theft 11,422 $ETH
Collapse of USR stablecoin
From $1.00 → $0.29 within minutes!
➡️ “Stablecoin” is no longer stable…
🧠 How did this happen? (In a terrifying nutshell)
The attacker:
Exploited a vulnerability in the smart contract
Withdrew the collateral (ETH)
Without burning USR
= Suddenly … the currency became “worthless”
📉 The catastrophic result:
Holders of USR: -70% in minutes
Liquidity providers: multiplied losses
The protocol? Essentially ended
➡️ One blow = wiped out wealth
⚠️ This is not the first time…
Remember:
Terra ($LUNA ) → $40B disappeared
And today USR
➡️ The same story… repeats
💡 The harsh truth:
Not every stablecoin is safe
USDT / USDC → “relatively safer”
Algorithmic → time bombs 💣
😨 The message to the market:
If $1 can become $0.29…
You do not have “stability”
You have hidden risk
💬 The question:
After this…
Do you still trust DeFi Stablecoins?
🟢 Yes (but only for the big players)
🟡 Very cautiously
🔴 Finished … I won’t touch it
👇 Your opinion
#crypto #DeFi #Stablecoin #Hack #Ethereum
⚠️ Not your keys ≠ Not your risk
RESOLV LABS HIT BY MASSIVE HACK $USR 🚨
News Bulletin: Resolv Labs has confirmed a critical security breach, halting all protocol functions. The exploit resulted in the illegal minting of $80 million in USR stablecoin, with approximately $4.55 million already converted to ETH. The protocol is locked down, preventing further trading or liquidation, as the team undertakes a lengthy audit and fix process.
WHALES ARE BRUTALLY LIQUIDATING POSITIONS. DUMP EVERYTHING. ABSOLUTE PANIC SELLING MODE ACTIVATED. SELL NOW BEFORE IT GOES TO ZERO. DO NOT HESITATE.
Not financial advice. Manage your risk.
#DeFi #Crypto #Hack #Security #Stablecoin
💥
News Bulletin: Resolv Labs has confirmed a critical security breach, halting all protocol functions. The exploit resulted in the illegal minting of $80 million in USR stablecoin, with approximately $4.55 million already converted to ETH. The protocol is locked down, preventing further trading or liquidation, as the team undertakes a lengthy audit and fix process.
WHALES ARE BRUTALLY LIQUIDATING POSITIONS. DUMP EVERYTHING. ABSOLUTE PANIC SELLING MODE ACTIVATED. SELL NOW BEFORE IT GOES TO ZERO. DO NOT HESITATE.
Not financial advice. Manage your risk.
#DeFi #Crypto #Hack #Security #Stablecoin
💥
🤦♂️🤯 NEWBIE ERROR at the Government level! Accidentally exposed keys of $4.8M in Crypto. 🚨
It's not a joke! 💀 In South Korea, a regional tax office made the maximum crypto security error: they accidentally leaked the seed phrase of a wallet that contained $4.8 million in seized assets. 🔥💸
What was the result? The funds were "lost" (or rather, a "good Samaritan" moved them to another wallet before they could be stolen).
Key reflections:
'Not Your Keys, Not Your Coins' is LAW: It applies to you, to me, and to governments! There are no exceptions. 🔐
Need for Professional Custody: States are NOT prepared to custody digital assets themselves. South Korea is now urgently seeking private custodians. 🏗️
Security > Urgency: A single oversight can cost millions. Education in security is the most important.
👇 Mention that friend who still keeps their seed phrase in a WhatsApp photo 👇 Show them this post!
#SeguridadCrypto #NotYourKeysNotYourCrypto #Hack #cripto #BinanceSquare
It's not a joke! 💀 In South Korea, a regional tax office made the maximum crypto security error: they accidentally leaked the seed phrase of a wallet that contained $4.8 million in seized assets. 🔥💸
What was the result? The funds were "lost" (or rather, a "good Samaritan" moved them to another wallet before they could be stolen).
Key reflections:
'Not Your Keys, Not Your Coins' is LAW: It applies to you, to me, and to governments! There are no exceptions. 🔐
Need for Professional Custody: States are NOT prepared to custody digital assets themselves. South Korea is now urgently seeking private custodians. 🏗️
Security > Urgency: A single oversight can cost millions. Education in security is the most important.
👇 Mention that friend who still keeps their seed phrase in a WhatsApp photo 👇 Show them this post!
#SeguridadCrypto #NotYourKeysNotYourCrypto #Hack #cripto #BinanceSquare
🎯️WazirX was hacked, losing more than 230 million USD
💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.
🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.
🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.
📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.
✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.
⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.
#Coinbay #WazirX #hack
💲According to sources from Cyvers Alerts, WazirX's Safe Multisig wallet on the Ethereum network has just been attacked. A total of 234.9 million USD in assets was transferred to the new address. This suspicious address swaps PEPE, GALA, and USDT into ETH and continues to trade other digital assets.
🔓According to Lookonchain, the attack took 17 types of assets. Some prominent names stolen include: 5.433 billion SHIB worth about 102 million USD, 15,298 ETH worth about 52.5 million USD, 20.5 million MATIC worth about 11.24 million USD, 640.27 billion PEPE is worth about 7.6 million USD, 5.79 million USDT is worth 135 million USD, 135 million GALA is worth 3.5 million USD.
🏅️Other unidentified assets worth about 25.78 million USD are continuing to be verified. Wallets with investment starting address "0x04b2" are selling these assets.
📌Transactions are made with the support of the TornadoCash platform. Cyvers Alerts detected and attempted to contact the project but received no response.
✅After the information of being hacked, the exchange's token dropped rapidly from 0.1689 USD to 0.1618 USD. Currently, the project team has no official response to the incident.
⏰WazirX is India's largest and fastest growing cryptocurrency exchange with over 200,000 app downloads with an average rating of 4.5. The project became better known when it opened up access to the global public at the beginning of the year.
#Coinbay #WazirX #hack
🍔 McDonald's Memecoin Hack: Cyber Thieves Steal Around $700,000 in Solana
In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.
💀 The Grimace Memecoin Scam 👾
Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.
📊 Pump & Dump
The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.
💸 The Payout
In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."
⚠️ Aftermath
The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.
#scam #hack #Solana $SOL #RiskManagement
In an unexpected twist, on August 21, scammers hacked McDonald's official Instagram account, using the fast food giant's platform to sell a fake memecoin based on the Grimace mascot. The hackers managed to raise over $700,000 in Solana before the scam was discovered.
💀 The Grimace Memecoin Scam 👾
Taking advantage of McDonald's Instagram page, with 5.1 million followers, the hackers promoted the fake Grimace token as a "McDonald's experiment on Solana." This tactic quickly caught the attention of the crypto community, causing the token's market cap to jump from a few thousand dollars to $25 million in just 30 minutes.
📊 Pump & Dump
The crooks had already secured 75% of the Grimace token supply using the Solana memecoin implementer pump.fun. They then distributed these tokens across 100 different wallets. As the token's value increased, the hackers began selling their holdings, causing the token's price to drop to $650,000 in just 40 minutes.
💸 The Payout
In total, the crooks made off with around $700,000 worth of Solana from this pump and dump scheme. They even edited McDonald's Instagram bio to boast about their success, writing: "Sorry India_X_Kr3w just scammed you, thanks for the $700,000 worth of Solana."
⚠️ Aftermath
The posts and bio were eventually restored, and McDonald's issued a statement acknowledging the hack as an "isolated incident." This incident is a reminder of the dangers in the cryptocurrency world, where even well-known brands can be used to facilitate scams.
#scam #hack #Solana $SOL #RiskManagement
Trezor X Account Targeted by Hackers: Warning Against Fake Offers
The Trezor hardware wallet account on social network X has become a target for attackers who have been posting enticing posts luring users into fraudulent token offers. This situation raises suspicions of a hack, likely through a SIM card exchange attack.
Detectives on the Trail: Alerting Suspicious Activity
Independent blockchain expert ZachXBT and security service Scam Sniffer have alerted to a potential security issue with Trezor, followed by several fake token presale offers of "$TRZR" and requests to send cryptocurrencies to a suspicious address. ZachXBT further stated that attackers stole approximately $8,100 from the Trezor account on the Zapper platform.
Risks Associated with Unsecured Social Accounts
Criticism has been directed at Trezor for the inadequate security of their X account, highlighting the lack of two-factor authentication (2FA). Ironically, a company focused on wallet security failed to protect its own social network accounts from attacks.
Community Response and Recent Security Incidents
The community's response has been mixed, with some comments pointing out the irony of a security-promoting company being unable to secure its own accounts. Trezor has faced security incidents in the past, including breaches that exposed the data of nearly 66,000 users.
Conclusion and User Recommendations
This incident serves as a reminder of the importance of securing digital accounts and using two-factor authentication. Users should remain vigilant and avoid sending cryptocurrencies to unknown addresses or engaging in suspicious offers.
#trezor #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
Detectives on the Trail: Alerting Suspicious Activity
Independent blockchain expert ZachXBT and security service Scam Sniffer have alerted to a potential security issue with Trezor, followed by several fake token presale offers of "$TRZR" and requests to send cryptocurrencies to a suspicious address. ZachXBT further stated that attackers stole approximately $8,100 from the Trezor account on the Zapper platform.
Risks Associated with Unsecured Social Accounts
Criticism has been directed at Trezor for the inadequate security of their X account, highlighting the lack of two-factor authentication (2FA). Ironically, a company focused on wallet security failed to protect its own social network accounts from attacks.
Community Response and Recent Security Incidents
The community's response has been mixed, with some comments pointing out the irony of a security-promoting company being unable to secure its own accounts. Trezor has faced security incidents in the past, including breaches that exposed the data of nearly 66,000 users.
Conclusion and User Recommendations
This incident serves as a reminder of the importance of securing digital accounts and using two-factor authentication. Users should remain vigilant and avoid sending cryptocurrencies to unknown addresses or engaging in suspicious offers.
#trezor #hack
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
North Korean Hackers Target Crypto with Nim-Based Malware Disguised as Zoom Updates
🔹 Fake Zoom meeting invites and update links deceive Web3 teams
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🔹 New NimDoor malware infiltrates macOS with advanced evasion techniques
🔹 Attackers steal browser data, passwords, and Telegram chats
Web3 and Crypto Companies Under Siege by NimDoor Malware
Security experts at SentinelLabs have uncovered a sophisticated malware campaign targeting Web3 startups and cryptocurrency firms. The attacks, linked to North Korean groups, use a combination of social engineering and technical stealth to deploy NimDoor malware, written in the rarely used Nim programming language to bypass antivirus detection.
The Setup: Fake Zoom Meetings Through Telegram
Hackers initiate contact via Telegram, posing as known contacts. They invite victims to schedule meetings via Calendly, then send them links to what appear to be Zoom software updates. These links lead to fake domains like support.us05web-zoom.cloud, mimicking Zoom's legitimate URLs and hosting malicious installation files.
These files contain thousands of lines of whitespace, making them appear "legitimately large." Hidden within are only three crucial lines of code, which download and execute the real attack payload.
NimDoor Malware: Spyware Specifically Targeting macOS
Once executed, the NimDoor malware operates in two main phases:
🔹 Data extraction – stealing saved passwords, browsing histories, and login credentials from popular browsers like Chrome, Firefox, Brave, Edge, and Arc.
🔹 System persistence – maintaining long-term access through stealth background processes and disguised system files.
A key component specifically targets Telegram, stealing encrypted chat databases and decryption keys, giving attackers access to private conversations offline.
Built to Survive: Evasion and Reinstallation Techniques
NimDoor employs a range of advanced persistence mechanisms:
🔹 Automatically reinstalls itself if users try to terminate or delete it
🔹 Creates hidden files and folders that look like legitimate macOS system components
🔹 Connects to the attacker’s server every 30 seconds for instructions, disguised as normal internet traffic
🔹 Delays execution for 10 minutes to avoid early detection by security software
Difficult to Remove Without Professional Tools
Because of these techniques, NimDoor is extremely hard to remove with standard tools. Specialized security software or professional intervention is often required to clean infected systems completely.
Conclusion: Modern Cyberattacks Now Look Like Calendar Invites
Attacks like NimDoor prove how cleverly North Korean groups mimic daily workflows to penetrate even cautious targets. Fake Zoom links and innocent-looking updates can lead to full system compromise.
Users should never download updates from unofficial sources, always verify domain names, and stay vigilant against unexpected software prompts or invitations.
#CyberSecurity , #NorthKoreaHackers , #Web3Security , #CryptoNews , #Hack
Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“
🔥 Scammers on the Rise: How the Meme Coin Boom on Solana Unlocked New Ways to Steal Millions 💸
🌐 The Crypto Market in Shock!
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
In 2024, total Web3 losses exceeded $2.9 billion. From DeFi to metaverses, no sector was spared. 🚨 The main vulnerability? Access control issues, responsible for 78% of all attacks.
💎 DeFi: Fewer losses, but major hacks persist
Losses decreased by 40%, but still reached $474 million. The biggest incident was the hack of Radiant Capital, costing $55 million.
🏦 CeFi in Trouble: Losses Double!
CeFi losses skyrocketed to $694 million. Notable attacks include a key leak at DMM Exchange ($305 million) and a multisignature vulnerability at WazirX ($230 million).
🎮 Games and Metaverses Lose Hundreds of Millions
The gaming sector reported $389 million in losses, accounting for 18% of all attacks. 🎲
🚩 Rug Pulls Shift to Solana
Scammers moved from BNB Chain to Solana, driven by the growing popularity of meme coins. 📈
🎯 Presales Turn into Traps: $122.5 Million Stolen in One Month!
In April 2024, scammers executed 27 fraud schemes using presales. 💰 They also exploited the names of celebrities and influencers to deceive investors.
👨💻 Phishing and North Korean Hackers
Phishing attacks led to $600 million in stolen funds, while North Korean hackers siphoned off $1.34 billion.
⚠️ Stay Alert!
Crypto scams are becoming increasingly sophisticated. 🛡️ Behind every meme coin, a trap could be waiting!
#Hack #scamriskwarning #solana
BE ALERT! ⚠️
#cryptohacks have already reached $3.1B in 2025.
That’s an 8.7% jump from last year, with 4+ months left to go.
#HackerAlert #Hack
#cryptohacks have already reached $3.1B in 2025.
That’s an 8.7% jump from last year, with 4+ months left to go.
#HackerAlert #Hack
🥷💸 Over $280 million was stolen this summer due to crypto hacks!
🔟 This is a list of the top 10 hacks and security breaches:
1️⃣ Nobitex – $82M (Hot Wallet hack)
2️⃣ BtcTurk – $48M (Private key hack)
3️⃣ CoinDCX – $44.2M (Access rights loss)
4️⃣ GMX – $42M (Re-entrancy vulnerability)
5️⃣ BigONE – $27M (Access rights loss)
6️⃣ WOO X – $14M (Phishing)
7️⃣ Resupply – $9.6M (Price oracle manipulation)
8️⃣ ALEX – $8.4M (Malicious transfers)
9️⃣ BetterBank – $5M (Protocol vulnerability)
🔟 CrediX – $4.5M (Private key hack)
⚠️ Total: +280M$ during the summer alone!
👉 Lesson: Security risks in the crypto world are still extremely high, and protection must be a top priority for every investor or institution.
#Hack
#Crypto #Security #DeFi #Hacks #Blockchain #Binance #crypto #Digital_Currencies #ضرار_الحضري
🔟 This is a list of the top 10 hacks and security breaches:
1️⃣ Nobitex – $82M (Hot Wallet hack)
2️⃣ BtcTurk – $48M (Private key hack)
3️⃣ CoinDCX – $44.2M (Access rights loss)
4️⃣ GMX – $42M (Re-entrancy vulnerability)
5️⃣ BigONE – $27M (Access rights loss)
6️⃣ WOO X – $14M (Phishing)
7️⃣ Resupply – $9.6M (Price oracle manipulation)
8️⃣ ALEX – $8.4M (Malicious transfers)
9️⃣ BetterBank – $5M (Protocol vulnerability)
🔟 CrediX – $4.5M (Private key hack)
⚠️ Total: +280M$ during the summer alone!
👉 Lesson: Security risks in the crypto world are still extremely high, and protection must be a top priority for every investor or institution.
#Hack
#Crypto #Security #DeFi #Hacks #Blockchain #Binance #crypto #Digital_Currencies #ضرار_الحضري
Breaking News: Orbit Chain Hackers Unveil $81.4 Million Exploit to Ring in the New Year
The cross-chain bridge of Orbit Chain was compromised by an exploit, which led to the loss of Tether, DAI, USDC, wBTC, and ETH with a combined value of around $81.4 million.
The vulnerability was exploited by the exploiter, who then transferred funds to a new wallet.
A weakness in the bridge or a hack in the centralized server was discovered as the primary reason by the blockchain security company SlowMist which was responsible for the investigation.
It has been revealed that a hack occurred on Orbit Bridge, which is a protocol for interchain communication that is utilized for asset conversion. A total of around $81.4 million worth of cryptocurrency were stolen from the system.
The Orbit Bridge was struck by a number of significant discharges.
An vulnerability that was worth $81.4 million was apparently used by hackers to ring in the New Year with Orbit Bridge. A number of significant outflows were discovered by the blockchain security company SlowMist and the on-chain intelligence service LookOnChain. These outflows were encountered via the cross-chain protocol.
According to the latter, the Orbit Bridge was responsible for the transfer of 30 million Tether (USDT), 10 million DAI, 10 million USDCoin (USDC), 231 wBTC (worth over $10 million), and 9,500 ETH (worth around $21.5 million) in five distinct transactions.
After doing a preliminary examination from the outside, SlowMist came to the conclusion that either the centralized server has been compromised or there is a potential vulnerability in the Orbit Chain bridge. A further in-depth investigation is currently being carried out by the company in order to obtain additional information on the attack.
The hacking of Orbit Chain has been confirmed.
Orbit Chain reported the hack on its protocol in a tweet that was published not too long ago on X. The tweet described the breach as a "unidentified access" to the bridge. A comprehensive investigation into the underlying cause of the assault is currently being carried out by the company, which has said that it is actively collaborating with law enforcement authorities in order to identify the perpetrator of the incident.
#hack #OrbitChain
The vulnerability was exploited by the exploiter, who then transferred funds to a new wallet.
A weakness in the bridge or a hack in the centralized server was discovered as the primary reason by the blockchain security company SlowMist which was responsible for the investigation.
It has been revealed that a hack occurred on Orbit Bridge, which is a protocol for interchain communication that is utilized for asset conversion. A total of around $81.4 million worth of cryptocurrency were stolen from the system.
The Orbit Bridge was struck by a number of significant discharges.
An vulnerability that was worth $81.4 million was apparently used by hackers to ring in the New Year with Orbit Bridge. A number of significant outflows were discovered by the blockchain security company SlowMist and the on-chain intelligence service LookOnChain. These outflows were encountered via the cross-chain protocol.
According to the latter, the Orbit Bridge was responsible for the transfer of 30 million Tether (USDT), 10 million DAI, 10 million USDCoin (USDC), 231 wBTC (worth over $10 million), and 9,500 ETH (worth around $21.5 million) in five distinct transactions.
After doing a preliminary examination from the outside, SlowMist came to the conclusion that either the centralized server has been compromised or there is a potential vulnerability in the Orbit Chain bridge. A further in-depth investigation is currently being carried out by the company in order to obtain additional information on the attack.
The hacking of Orbit Chain has been confirmed.
Orbit Chain reported the hack on its protocol in a tweet that was published not too long ago on X. The tweet described the breach as a "unidentified access" to the bridge. A comprehensive investigation into the underlying cause of the assault is currently being carried out by the company, which has said that it is actively collaborating with law enforcement authorities in order to identify the perpetrator of the incident.
#hack #OrbitChain
Login to explore more contents