Polymarket hit by $2.9M theft, users to be refunded
Polymarket said it contained the compromise and removed the affected dependency after attackers injected a malicious script into its frontend. Go to Source
Phishing
Auto Added by WPeMatico
$45 Million in Crypto Fraud Mapped as Operation Atlantic Identifies Victims Across US, UK, Canada
International law enforcement agencies led by the U.K.’s National Crime Agency froze more than $12 million in suspected criminal proceeds and identified more than 20,000 victims during a coordinated crackdown on cryptocurrency investment fraud. Key Takeaways: The NCA’s Operation Atlantic froze over $12 million in criminal crypto proceeds and identified 20,000 victims across 3 countries. … Read more
Kraken User Loses $18.2M in Crypto Social Engineering Attack as Funds Move via Thorchain: ZachXBT
A Kraken user appears to have lost roughly $18.2 million in cryptocurrency after a suspected social engineering attack, with stolen funds now moving across blockchains. Kraken Account Targeted in $18M Scam as Funds Bridge to Bitcoin Blockchain investigator ZachXBT flagged the incident on March 31, 2026, via his Telegram channel, pointing to a coordinated theft … Read more
Samourai Wallet Domain Hijacked: Scam Site Targets Bitcoin Users
A seized bitcoin privacy wallet domain has resurfaced in 2026 under criminal control, reviving a defunct project as a phishing trap targeting unsuspecting users. U.S. Seized Crypto Domain Falls Into Scammers’ Hands, Users Warned The domain tied to Samourai Wallet, once a well-known non-custodial bitcoin privacy tool, is now being used to distribute malicious software … Read more
ENS Lead Developer Reveals Flaw Allowing Phishers to Mimic Official Google Alerts
Nick Johnson, a well‑known Ethereum Name Service (ENS) engineer, disclosed a cunning phishing campaign that preyed on weak spots within Google’s backbone, notably a recently patched OAuth flaw. Google’s Guard Down: ENS Engineer Tracks Phishing Exploit The scheme, according to Johnson’s testimony, kicked off with a persuasive email, seemingly dispatched by an official Google alert, … Read more
Crimeware-as-a-service: A new threat to crypto users
Crimeware-as-a-service fuels cybercrime in crypto. Explore its impact, tactics used and key steps to safeguard your wallets and transactions. Go to Source
Fake OKX plugins found on the Firefox browser store
According to cybersecurity firm CertiK, the number of crypto hacks and exploits rose to 303 incidents in 2024, up from 282 in 2023. Go to Source
Virtuals Protocol Discord server hacked, fake Google links posted
The security incidents occurred days after a researcher discovered a critical bug in a Virtuals Protocol audited contract, which was fixed. Go to Source
Phishing fears as trade in crypto event attendees’ details revealed
Cointelegraph obtained data set samples packed with sensitive information of crypto conference attendees that could be a treasure trove for scammers. Go to Source
Ledger Users Targeted in New Data Breach Phishing Campaign
Users of the Ledger series of hardware wallets are being targeted as part of a widespread phishing campaign that takes advantage of earlier data leaks. Some users have received emails alerting them to a data breach that could have exposed their seed phrases to attackers. Ledger Users Receiving Data Breach Emails in Phishing Campaign Attackers … Read more