tac

According to Cointelegraph, since the $280 million attack on Drift Protocol on April 1, at least 12 DeFi protocols and cryptocurrency companies have been attacked in just over two weeks.Since early April, attacks on crypto protocols or companies include CoW Swap, Hyperbridge, Bybit, Dango, Silo Finance, BSC TMM, Aethir, MONA, Zerion, and the recent Rhea Finance and Grinex exchanges.Among them, the DeFi protocol Rhea Finance reported that the attackers "exploited a vulnerability in Rhea's margin trading feature to execute a coordinated liquidity pool manipulation attack," affecting the Rhea Lend smart contract. According to blockchain security company CertiK, the stolen funds amount to approximately $7.6 million.

In response to the recent attack on the "ListaDAOLiquidStakingVault" contract, ListaDAO officially released a statement clarifying that the attacked contract was not deployed by the official team, but rather was a counterfeit contract created by an unverified third party using a similar name. All official contracts of ListaDAO were not affected by this incident.According to an in-depth analysis by the GoPlus security team, the attack occurred on April 16, 2026, and the root cause was a business logic flaw in the third-party contract. When a token transfer was made, it triggered the Dividend.setShares() function and altered the share accounting within the contract, which in turn affected the reward calculation in the claimReward() function. The attacker exploited this vulnerability to deplete the assets within the contract.GoPlus reminds that since this logical flaw exists in both segments of the contract code mentioned above, any development projects that fork or reuse this code face a high risk of being exploited. It is recommended that relevant developers promptly conduct code inspections and fixes, and implement continuous auditing mechanisms to ensure the security of smart contracts.

The trading platform Grinex, linked to the Russian crypto market, suspended withdrawals and trading on Thursday, citing a "massive cyber attack." The exchange stated that over 1 billion rubles (approximately 13.1 million USD) were stolen, but blockchain analysis firm Elliptic's tracking shows the actual loss is about 15 million USDT.The stolen funds have been exchanged for TRX and ETH through the Tron and Ethereum networks to evade freezing. It is reported that Grinex is seen as the successor to the sanctioned Garantex trading platform, which was targeted by U.S. authorities last year for facilitating the flow of hundreds of millions of dollars in illegal funds.

According to CertiK monitoring, the DeFi protocol Rhea Finance was attacked, with attackers extracting at least $7.6 million in total.The attackers misled the oracle and validation layer to complete the attack by creating fake token contracts and injecting liquidity into newly created funding pools.

CoW Swap tweeted that it has regained control of the cow.fi domain and has been operating normally on cow.finance for some time, and is currently gradually transitioning back to the original domain.The official statement indicated that the attacker deceived the DNS registrar with forged documents on April 14 to gain control of the cow.fi domain; the attacker deployed a highly realistic phishing website, implementing it in two phases: first, inducing users to sign malicious transactions through a wallet stealer, and then stealing mnemonic phrases and passwords through fake wallet pop-ups; this attack targeted the domain registrar and did not involve a breach of CoW Swap's own infrastructure or private keys. Affected users should use tools like Revoke.cash to revoke all authorizations and consider transferring funds to a new wallet.

According to Jinshi citing CCTV reports, U.S. President Trump stated in an interview broadcast on April 15 local time that he believes the war with Iran is "about to end," but also warned that the war could last until the midterm elections in November.Trump again threatened to attack Iranian civilian infrastructure, but at the same time expressed that he "hopes it won't escalate to that point."

According to on-chain analysis platform Arkham (@arkham), attackers exploiting the Bridged Polkadot vulnerability have transferred all stolen funds into Tornado Cash, involving an amount of approximately $269,000.

The crypto wallet Zerion disclosed that North Korean hackers are using AI for long-term social engineering attacks, stealing approximately $100,000 from the company's hot wallet.Zerion confirmed that user funds, applications, and infrastructure were not affected, and has proactively disabled the web application as a precaution. Zerion also stated that the attackers obtained some session and credential information from team members who were logged in, as well as the private keys of the company's hot wallet, and pointed out that AI is changing the way cyber threats operate.

One of the Bitcoin contributors, Jameson Loop, along with other cryptographers, has proposed an initiative that may force Bitcoin holders to migrate their tokens to new quantum-resistant addresses, or else their tokens will be permanently frozen by the network itself. In this scenario, holders technically still own these coins but will lose the ability to transfer them. This is known as Bitcoin Improvement Proposal BIP-361, which was updated on Tuesday in Bitcoin's official proposal repository, titled "Post-Quantum Migration and Old Signature Retirement."BIP-361 builds on the BIP-360 proposal introduced in February. BIP-360 introduced a soft fork (a type of network upgrade) aimed at enabling a new transaction type called "Pay to Merkle Root" (P2MR). This approach draws on Bitcoin's Taproot (P2TR) framework but removes key-based spending paths, thereby eliminating an element widely considered to pose risks in the quantum era.The BIP-361 proposal divides the migration into three phases. Phase A starts three years after activation and prohibits anyone from sending new bitcoins to old, quantum-vulnerable addresses. You can still spend from these addresses, but you cannot receive any coins. Phase B starts five years after activation and will render old signatures (ECDSA and Schnorr) completely ineffective, with the network rejecting any attempts to spend coins from quantum-vulnerable wallets.Essentially, your coins will be frozen. Finally, there is Phase C, which is a rescue plan still under research: holders of frozen wallets may potentially prove ownership through zero-knowledge proofs (a method of proving knowledge of a secret without revealing the secret itself). If successful, the coins frozen in Phase B can be recovered.

According to official news, the Blockaid system has detected a front-end attack targeting Cowswap, and the website COW[.]FI has been marked as a malicious site. If the user's wallet is connected, please revoke authorization immediately and avoid any interaction with this DApp.

According to informed sources, the AI cloud platform FluidStack plans to raise about $1 billion at a valuation of $18 billion, with Leopold Aschenbrenner's institution Situational Awareness in talks to participate and co-lead the investment. This round of financing is expected to be used to accelerate FluidStack's expansion in the fields of AI computing and cloud infrastructure.It is reported that FluidStack has previously signed cooperation agreements with several Bitcoin mining companies, including TeraWulf, Cipher Mining, and Hut 8.

According to market news, a report released by the blockchain security company Hacken shows that Web3 projects lost a total of $464.5 million this quarter due to hacker attacks and scams, with phishing and social engineering attacks accounting for $306 million, becoming the main source of losses.A hardware wallet scam that occurred in January caused a loss of $282 million, accounting for 81% of the total quarterly losses. Smart contract vulnerabilities led to losses of $86.2 million, while access control failures (including breaches of keys and cloud services) caused losses of $71.9 million. The report points out that the largest security incidents often occur in off-chain operations and infrastructure layers, which traditional audits find difficult to cover. The European regulatory frameworks MiCA and DORA are increasing requirements for security monitoring and incident response, and global regulatory agencies are also raising standards for real-time monitoring and emergency response.

According to market news, the UK Liberal Democrats have written to the Financial Conduct Authority (FCA), requesting an investigation into the relationship between Reform UK leader Nigel Farage and the Bitcoin company Stack BTC.The party questions whether Farage's appearance in the company's promotional video, while holding shares in Stack BTC, violates market rules and presents a conflict of interest. Stack BTC recently disclosed that it purchased 37 bitcoins as company reserves, valued at approximately $2.7 million, and Farage holds a 6.31% stake in Stack BTC through his media company. At the same time, the UK government is advancing a proposal to ban political donations in cryptocurrency to prevent external funding from interfering in elections. The FCA stated that it will review the relevant correspondence and respond.

On Monday local time, the San Francisco District Attorney's Office stated that Daniel Moreno-Gama, the suspect who attacked OpenAI founder Sam Altman last week, has been charged with attempted murder. The Department of Justice announced that the suspect also faces federal charges, including attempting to use explosives to damage property and illegal possession of an unregistered firearm.According to the indictment submitted to the San Francisco federal court on Monday, Daniel Moreno-Gama was arrested after the attack on Friday, and officers from the San Francisco Police Department found a document on him detailing his intentions. In the document, Daniel Moreno-Gama expressed his intent to kill Altman and warned that humanity would be "on the verge of extinction" due to artificial intelligence.

The blockchain interoperability protocol Hyperbridge disclosed details of the previous DOT attack incident, resulting in a loss of approximately $237,000. The root of the vulnerability lies in the HandlerV1 contract's VerifyProof() function, which lacks input validation and does not verify the leaf_index leafCount, allowing attackers to forge Merkle proofs.Using this, the attacker gained administrator privileges for the DOT token bridging contract on Ethereum, subsequently minting 1 billion bridged DOT (which is about 2800 times the legitimate circulation of approximately 356,000) and cashing out on decentralized exchanges. Hyperbridge stated that it is currently working with security partners to trace the funds, and cross-chain functionality will remain suspended until the investigation is completed.

According to on-chain analyst @ai_9684xtpa, a trader spent 0.2 ETH ($436) on the Ethereum mainnet to buy 77,000 DOT using Uniswap and sold it on a CEX for $10,042.Subsequently, they used the same method to spend a total of 1.1 ETH to buy DOT, attempting various cross-chain methods while buying low and selling high in different liquidity pools. Ultimately, they successfully crossed from the ETH mainnet to the Base network via Hyperbridge, selling 503,000 DOT for 68.72 ETH in one transaction, making a profit of $150,000.

UK-listed company Stack BTC Plc (stock code: STAK) announced that as part of the company's Bitcoin treasury strategy, it has recently purchased 37.1898 Bitcoins at a price of approximately £53,778 (about $72,385) each. Following this increase, the company's total Bitcoin holdings have risen to 68.1898 Bitcoins.Stack BTC Plc focuses on building a high-quality, cash-rich business portfolio while simultaneously advancing its Bitcoin treasury layout.

The Web3 asset data platform RootData has outlined the business partners of Crypto.com. Its strategy goes beyond exchange expansion, advancing through multiple paths such as payments, custody, and brand collaborations, aiming to create a comprehensive digital asset platform covering both institutional and consumer ends.Payment Infrastructure: Crypto.com has integrated with Stripe, Mastercard, Yuno, TripleA, Lynq, etc., covering the complete link from checkout crypto payments to institutional-level real-time clearing.Institutional Trading and Custody: VerifiedX has entrusted Crypto.com with institutional custody for its $1.5 billion digital assets; CoinRoutes provides smart order routing, CryptoStruct connects high-frequency trading, and Doblox offers AI trading terminals.Corporate Crypto Treasury: Crypto.com collaborates with several Nasdaq-listed companies executing treasury strategies, including SOL Strategies, Sharps Technology, and IP Strategy.On the brand side, Crypto.com has formed deep ties with top sports IPs—renewing its partnership with F1 until 2030 and sponsoring the Miami Grand Prix, as well as UEFA Champions League, UFC, NBA Philadelphia 76ers, AFL, and South American CONMEBOL; the long-term partnership with the LeBron James Family Foundation marks an extension of its brand collaboration into the celebrity family philanthropy sector.Additionally, Crypto.com has signed collaborations in the Middle East with Dubai Islamic Bank, DMCC, e& money, Tawasal Al Khaleej super app, and Emarat gas station network, becoming an important participant in the local digital asset compliance ecosystem. Related compilation: 【Crypto.com Web3 Partner Network Compilation (Continuously Updated)】Cryptocurrency projects actively showcasing their partner networks have become a key way to enhance transparency and market trust. It is reported that RootData welcomes Web3 project parties to claim data and continues to track and open more project business relationship disclosure channels. The platform has continuously released multiple issues of the cryptocurrency project ecosystem map, nominating Web3 ecosystem partners for upstream clients such as Visa, Stripe, and Coinbase.If you wish to nominate your project in future ecosystem maps, please fill out the 【RootData 2026 Industry Ecosystem Mapping】 form to supplement your important clients and partners.