USDT freezes $72M in relation to a large laundering operation An unknown entity received $120M and began laundering operation by sending funds to KuCoin and BTC. Moreover, according to @zachxbt, this entity created XMR orders which changed the price $330 -> $420. Address linked to this entity was later banned.

Attacker has drained old Raydium pools for ~810 ETH All stolen funds were deposited to Tornado Cash, with 7 ETH deposited to FixedFloat

Attacker responsible for this 56 ETH exploit was funded by changeHero's hot wallet 0x016606acc6b0cfe537acc221e3bf1bb44b4049ee

Tracing Humanity hacker showed he ended up with 19,475 ETH profit All H token on Mainnet was swapped via Uniswap and then sent to separate addresses. We are actively monitoring for new transactions and will sent updates as soon as attacker strart withdrawing the funds

in may, Taylor Hornby (@DefuseSec) used claude opus 4.8 to find a counterfeiting bug in zcash's orchard pool: one missing constraint = unlimited undetectable ZEC. TronZ (@trondao) shielded USDT is "based on zcash", ~$1.02M in the pool. cooked too? spent a day checking. thread

It appears that @gravity_bridge has fallen victim to an exploit leading to at least $5M in damages. Attacker has now laundered the funds via ChengeNOW, Binance and Kucoin and is still holding most of the funds on his address. Moreover, the Binance deposit address he used was active a year before the exploit.

$500k stolen, 297 wallets were drained across several EVM chains. Our tracing shows stolen funds were consolidated at address 0x43D49AeF7aAf0Dcf015b20057C5364E092D66615 and then sent directly to FixedFloat.

Joe Agent was exploited today via reentrancy leading to $190k damage Attacker utilized a reentrancy vulnerability, which is rare in current security landscape, and extracted 302 BNB. After that they were deposited to Tornado Cash.

5 trillion $vsdCRV was maliciously minted today on Arbitrum, which led to $90k of damages. Attacker at first minted the tokens using compromised private key, then bridged everything to ETH Mainnet. We are now monitoring the address and additionally flagged it as malicious.

BTC linked to Mt.Gox were recently sent to BTC burn address More than a 100 BTC were sent to 1111111111111111111114oLvT2 that is used as a burn address. Most of the addresses involved were receiving funds linked to Mt.Gox. The address on the screenshot got 20 BTC and was slowly offloading them to Kraken, until yesterday burning all funds left -- 1.42 BTC.

SquidRouterModule was not affiliated with @squidrouter, but with New Market Trading. According to their website, company uses non- custodial technology to connect investors to the onchain economy. Recent onchain message sent to exploiter's address and firm's connection to Safe technological solution seems to confirm that data.

Another exploit, $3 million lost, unusual laundering tools used. SquidRouterModule has fallen victim to an Access Control attack that is being on the rise on the last few months. What is unique here is the usage of attacker-controlled Uniswap pools for swapping funds to DAI, a token that can never be blocklisted. Despite going to external cross-chain bridges for transfer funds to Mainnet (yellow and red), a lot of Mainnet rare ERCs were swapped to DAI by his own infrastructure.