attacker

According to CertiK Alert monitoring, the Gravity Bridge attacker has deposited 1,180 ETH into Tornado Cash again, worth approximately $2.06 million. The attack incident has stolen a total of 2,600 ETH (worth about $5.4 million at the time of the attack), of which 2,020 ETH has been deposited into Tornado Cash through two EOA addresses, and the remaining portion has been dispersed and transferred to centralized exchanges.

According to monitoring by Shield, the UXLink attackers are exchanging WBTC for ETH, having exchanged 92 WBTC (6.4 million USD) for approximately 3248 ETH, and deposited 1500 ETH into Tornado Cash.UXLink was attacked on September 22, 2025, due to the compromise of its multi-signature wallet, resulting in losses exceeding 44 million USD.

Superfortune, incubated by Manta, recently released an update on the X platform regarding a security incident, stating that the attack was not carried out by internal personnel and that no team members were involved. The claim about the team secretly selling tokens is incorrect. The team has also not had any contact with Web3Port.The investigation confirmed that the attack was not due to address poisoning, but rather a leak of the signer's private key. The attacker independently held the private key and submitted a transaction with a forged address 43 minutes after the correct transaction. The forged address shares the first and last four characters with the correct address (starting with 0x70AE and ending with 5C15) to disguise itself in the Safe interface preview. The stolen funds are fully traceable and are currently stored in three cold wallets on Ethereum, containing approximately 2784 ETH, along with about 170,000 USDT that were cross-chain transferred out.The attacker also created a large number of counterfeit addresses and sent false transfer events to these addresses using Unicode-forged token symbols in an attempt to confuse tracking. This counterfeit address construction technique is the same as the method used when attacking this project. The attacker had pre-built a large-scale infrastructure, indicating that this was an industrialized operation rather than an opportunistic attack.

According to on-chain data, the private key of the StakeDAO deployer was leaked on Arbitrum, and the attacker minted approximately 54.5 trillion vsdCRV, partially exchanging it for 43.7 ETH.

According to GoPlus analysis, the stablecoin protocol StablR had security issues with its multi-signature contract settings on Ethereum (multi-signature threshold of 1), and the holder's private key was stolen, resulting in StablR $EURR and $USDR stablecoins being depegged by 20%. The attacker has profited approximately $2.8 million.

The stablecoin issuer StablR has encountered ongoing attacks, leading to its euro stablecoin EURR and dollar stablecoin USDR becoming unpegged. Blockchain security company Blockaid stated that the attackers allegedly gained control by obtaining the private key of one owner in the minting multi-signature account, replacing other administrators under a mechanism that only required 1/3 of the signatures, and additionally minted 8.35 million USDR and 4.5 million EURR. Subsequently, the attackers exchanged tokens worth approximately $10.4 million on a DEX for about 1,115 ETH, realizing a profit of approximately $2.8 million. As a result of the incident, EURR briefly fell to around $0.88, and USDR dropped to around $0.7. Blockaid pointed out that this incident was not due to a smart contract vulnerability, but rather a failure in key management and governance mechanisms.

According to on-chain analyst PeckShield (@PeckShieldAlert), the attacker of the VerusCoin cross-chain bridge has returned 4,052.4 ETH (approximately $8.5 million) to the project team's address (0xF9AB...C1A74), which accounts for 75% of the total stolen amount. The remaining 25% (1,350 ETH, approximately $2.8 million) is retained in the attacker's wallet as a white hat bounty.

According to on-chain analyst PeckShield (@PeckShieldAlert), the VerusCoin cross-chain bridge attacker has returned 4,052.4 ETH (approximately 8.5 million USD) to the project team's address (0xF9AB...C1A74), accounting for 75% of the total stolen amount. The remaining 25% (1,350 ETH, approximately 2.8 million USD) is retained in the attacker's wallet as a white hat bounty.

According to CertiK monitoring, the attacker of the cross-chain aggregation protocol Transit Finance has deposited 832.9 ETH into Tornado Cash, worth approximately 1.8 million dollars.

Kelp stated on platform X that it has collaborated with multiple DeFi protocols to complete the liquidation of the attacker’s positions, and the recovery process of rsETH has made significant progress. Among them, Compound has participated in coordination multiple times over the past four weeks and provided about 3,000 ETH in support, while jointly completing the liquidation with Aave, recovering a total of approximately 17,426.2 rsETH. Euler Finance has liquidated the attacker’s positions within its protocol and plans to return the excess ETH to the DeFi ecosystem fund.

Verus posted on the X platform confirming that the Verus-Ethereum cross-chain bridge has been attacked, with ETH, USDC, and tBTC stolen from the Ethereum chain contracts. Currently, other bridged assets have not been affected. The Verus network has now suspended operations, and most block-producing nodes have proactively gone offline after experiencing the impact of the attack. The development team is working hard to investigate the scope of the incident, the attack path, and subsequent handling plans, and will announce progress after confirming more information.Verus stated that it is willing to cooperate with relevant law enforcement agencies to pursue legal responsibility; however, if the attacker returns the full amount of funds, the project team is willing to offer a bug bounty and will not pursue further accountability. Verus also reminds anyone claiming to be a member of the Verus team or community in public channels, private messages, or other channels and offering "compensation" or "reimbursement plans" to be scammers. The official emphasizes not to interact with anyone claiming to have compensation projects or offering reimbursement, and to report relevant accounts to Discord or the X platform in a timely manner.Previously, the Verus Ethereum cross-chain bridge was attacked, resulting in a loss of approximately $11.58 million.

According to monitoring by Paitun, the Adshares cross-chain bridge attacker has returned 256 ETH to the project deployer's address, worth approximately $540,700, accounting for about 86% of the previously stolen funds.Previously, the Adshares cross-chain bridge was attacked on May 17, 2026, resulting in a loss of approximately $628,000.

Slow Fog's Yu Xian posted on the X platform stating that the reason for the Verus theft may be that the attacker constructed a forged Merkle proof, which passed the verification of the Verus Ethereum bridge (not open source), thus successfully withdrawing funds (ETH/tBTC/USDC). Specific details need to be further verified.

The GoPlus Security team has disclosed a new type of attack in its AgentGuard AI project: inducing AI agents to perform unauthorized sensitive operations through "memory poisoning." This attack method does not rely on traditional vulnerabilities or malicious code but exploits the long-term memory mechanism of AI agents. For example, an attacker first induces the agent to "remember preferences," such as "usually prioritizing proactive refunds instead of waiting for chargebacks," and then uses vague expressions like "process as usual" or "execute as before" in subsequent instructions, thereby triggering automated financial operations.GoPlus points out that the key risk in such cases lies in the AI agent mistakenly treating "historical preferences" as a basis for authorization, leading to financial losses or security incidents in operations such as refunds, transfers, and configuration changes. To address this issue, the team has proposed several protective recommendations, including:Operations involving refunds, transfers, deletions, or sensitive configurations must require explicit confirmation in the current session.Memory-related instructions like "habit," "usual way," and "as before" should be regarded as high-risk state changes.Long-term memory must have a traceability mechanism (writer, time, confirmation status).Vague instructions should automatically elevate the risk level and trigger secondary verification.Long-term memory must not replace real-time authorization processes.The team emphasizes that the "AI agent memory system" should be viewed as a potential attack surface and should be constrained and audited through a dedicated security framework.

The Compound Foundation stated that, after closely collaborating with the Aave and KelpDAO teams, the relevant positions of the rsETH exploiters in WETH and wstETH Comet have all been liquidated over the weekend, and all rsETH held by the attackers has been transferred to DeFi United. Compound noted that the swift action effectively mitigated market risks and protected the safety of the protocol's suppliers and reserve funds.Compound also updated that the transfer restrictions for Ethereum WETH and wstETH Comet have now been lifted, and all Comet markets have resumed normal operations. The protocol stated that the top priority remains ensuring the overall safety of the platform and thanked the Aave and KelpDAO teams for their collaboration during the incident handling process.

The Compound Foundation stated that, after close collaboration with the Aave and KelpDAO teams, the relevant positions of the rsETH exploiters in WETH and wstETH Comet have all been closed over the weekend, and all rsETH held by the attackers has been transferred to DeFi United.Compound stated that the quick action effectively mitigated market risks and protected the safety of the protocol's suppliers and reserve funds. Compound also updated that the transfer restrictions for Ethereum WETH and wstETH Comet have now been lifted, and all Comet markets have returned to normal operation. The protocol stated that the top priority remains ensuring the overall safety of the platform and thanked the Aave and KelpDAO teams for their collaborative efforts during the incident handling process.

The blockchain TAC team stated that it has confirmed a previous cross-chain layer security incident that resulted in approximately $2.8 million in assets being transferred, involving assets such as USDT, BLUM, and tsTON.TAC stated that if the attacker returns the relevant funds to the designated multi-signature address, the team will consider this incident as a "white hat rescue" and will not take legal action against the operators involved with ETH/BSC, ZEC, and TON addresses.As a reward, the attacker can receive approximately 10% of the bounty, equivalent to about 13 ETH and 300 ZEC.

Aave stated that the first steps of the rsETH technical recovery plan have been completed, which includes the destruction of the rsETH held by the attacker on Arbitrum. In the coming days, stakeholders will gradually replenish funds to the LayerZero OFT adapter and restart rsETH-related operations in phases.Kelp previously stated that it has completed a series of rsETH endorsement recovery steps with Aave, planning to gradually inject 117,132 rsETH from the Aave Recovery Guardian and Kelp Recovery Safe into the LayerZero OFT adapter on the Ethereum mainnet.

According to monitoring by Shield, the TrustedVolumes attackers have transferred and laundered $278,000: depositing 10.2 ETH ($23,600) into TornadoCash, cross-chain converting 110 ETH ($250,000) to BTC through THORChain, and attempted to deposit 0.5 ETH into Railgun but changed their mind and withdrew it.TrustedVolumes was attacked on May 7, resulting in a loss of approximately $6.7 million.

According to Slow Fog CISO @im23pds's post on the X platform: attackers used 13 accounts to implant 575 malicious Skills into Hugging Face and ClawHub.