CertiK has detected a significant exploit on Binance Smart Chain (BSC), where a perpetrator siphoned nearly $2 million by misusing a smart contract function known as printMoney(). Exploiter Manipulates Authorized Contract to Loot Funds Twitter Link A recognized attacker carried out the exploit from address 0xd5c6f3…122c. This person repeatedly activated the printMoney() function on their authorized attack contract. The unauthorized intrusion originated from a compromised victim contract associated with address 0xb5cb0, which had unknowingly authorized the malicious contract approximately eight hours before the attack.

CertiK suspects the victim contract deployer’s private key was either phished or compromised in some other way, leading to the unauthorized approval transaction. This allowed the attacker to fully transfer the victim’s tokens. Hacker Transforms Funds and Possesses Nearly $2M Twitter Link Once the attacker had access, they quickly transformed the stolen derivative tokens into BNB and stablecoins. Currently, the exploiter holds about $1.96 million worth of assets at their address.

The crypto community is urged to remain vigilant as several major crypto hacks have been reported this year. Coinbase lost $400 million, Cetus on the Sui network was hit for $220 million, and other platforms like Phemex and UPCX have also suffered significant losses. These incidents demonstrate the high risk involved in the crypto space if not properly managed. According to CertiK, trusting unverified smart contracts or having weak security for private keys are among the biggest blunders. In a recent BSC hack, these were the exact issues that led to the theft of millions.

CertiK is actively monitoring the hacker’s wallet and is on the lookout for suspicious activity. They’ve also reminded users and developers to consistently verify contract approvals, use thoroughly audited code, and avoid rushing transactions. CertiK’s advice is straightforward – be cautious, stay vigilant, and don’t rush decisions.

The post Binance Smart Chain Faces $2M Crypto Exploit: CertiK Monitors Attack appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Lido DAO members have stated that an address tied to the Chorus One oracle was infiltrated. The Ether (ETHUSD) balance attached to this oracle was depleted in an event currently under scrutiny. Lido Finance, however, clarified that the problem is limited to the Chorus One oracle and is not a system-wide issue. It also mentioned that the issue does not stem from a coding error in any specific blockchain oracle or software.

Chorus One has inferred that the breach was likely caused by a hot wallet private key leak. Meanwhile, they are installing a new machine to bolster security in the future.

This incident underscores the importance of robust cybersecurity within decentralized finance (DeFi) as the world’s monetary, commerce, and business structures transition onto increasingly sophisticated digital systems with wide attack surfaces.

Despite the growth of digital finance, cybersecurity breaches, hacks, and other malevolent attack techniques persist as a significant issue. According to a report by cybersecurity firm Hacken, more than $2 billion in cryptocurrency was lost to malicious activity in Q1 2025.

A significant portion of these stolen funds resulted from the $1.4 billion Bybit hack in February 2025, which heavily influenced the findings of the report. The firm also stated that crypto hacks were responsible for $357 million in losses in April 2025, a substantial increase from March’s losses.

The CEO of Hacken, Dyma Budorin, asserted that the crypto sector needs to adopt more stringent cybersecurity and code auditing measures to combat the increasing instances of hacks and exploits.

The threat of cyber attacks in the crypto space has become so severe, particularly from hacking groups affiliated with the Democratic People’s Republic of North Korea (DPRK), that the G7 nations may discuss the influence of these hackers and strategies to neutralize these threats at the forthcoming G7 Summit.

The post Emergency Vote Initiated by Lido DAO to Replace Breached Oracle appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

“This is an unending game of cat and mouse,” states Ian Rogers, the Chief Experience Officer at Ledger, when discussing the relentless pursuit between crypto wallet companies introducing new security measures and hackers devising more sophisticated methods to breach victims’ wallets.

Rogers laments that the simplest scams often yield the best results, as they exploit users’ common mistakes. “Every day, people give away their 24-word phrases. As long as that continues, scammers will opt for the least expensive attack,” he warns, stressing, “If someone asks for your 24 words, they’re a criminal.”

Rogers points out a frequent crypto scam where unsuspecting victims are lured into responding to replies under any crypto-related Twitter post. These messages typically read, “Direct message me, I can assist you.”

He warns, “You must remember, scammers are always attempting to get your 24 words.” Jason Jiang, CertiK’s Chief Business Officer, recently shared with Cointelegraph that a heightened awareness of phishing attacks on social media can significantly boost a user’s crypto security.

In a more sinister turn, scammers sometimes compromise the accounts of influential industry figures to post malicious links, making it increasingly difficult for users to identify the scam. In September 2023, a fraudulent NFT giveaway was conducted through the compromised account of Ethereum co-founder Vitalik Buterin, resulting in over $691,000 drained from followers’ wallets.

Rogers underscores that such threats will persist, just as scams are not exclusive to the crypto world. He recalls the infamous “Nigerian president” email scams that have been around for years. “The cost of the attack always matches the potential reward,” Rogers notes. In 2024, crypto-related hacks surged by 15% from the previous year, totaling over $3 billion in stolen assets.

Meanwhile, a new threat known as ‘pig butchering’ scams has surfaced as a major concern for crypto investors. This complex phishing ploy has tricked investors into voluntarily transferring their assets to scam crypto addresses, resulting in a staggering loss of $5.5 billion across 200,000 identified cases on the Ethereum network in 2024 alone.

The post The Eternal Struggle for Crypto Security: Insights from a Wallet Executive appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.