News linked to both this project and an event.
On-chain investigator ZachXBT stated that THORChain appears to have been attacked on the Bitcoin, Ethereum, BSC, and Base networks, resulting in losses exceeding $7.4 million.
Odaily Odaily News Gate Research recently released its "April 2026 Cryptocurrency Market Review" report, indicating that the overall cryptocurrency market saw a volatile upward trend in April, with total market capitalization significantly higher than in March. BTC and ETH ETF trading volumes maintained high volatility overall. The report shows continued divergence in activity across major public chain ecosystems. Solana's daily transaction volume remained in the range of approximately 90 million to 110 million transactions, maintaining its leading position.Regarding trending sectors, the report notes that Pokemon TCG RWA has become one of the fastest-growing on-chain RWA sub-sectors, entering a second explosive growth phase in April. Major trading platforms saw monthly trading volumes exceed $220 million, with weekly revenue briefly approaching $6 million, setting new historical records. Meanwhile, Aave experienced its most severe liquidity crisis ever in April, with TVL outflows reaching tens of billions of dollars within a few days and net outflows exceeding $9 billion for the entire month.In terms of fundraising and security incidents, the Web3 industry completed 51 financing rounds in April, totaling approximately $834 million, with capital further concentrating on leading financial and infrastructure tracks. Among these, Payward ranked first for the month with a $200 million financing round. On the security front, Web3 security incidents in April resulted in losses of approximately $306 million, a month-over-month increase of about 858%, primarily driven by a single cross-chain infrastructure attack on Kelp DAO worth approximately $293 million. The report suggests that against the backdrop of a recovering market, on-chain activity and capital liquidity are both increasing simultaneously. However, the security risks associated with cross-chain infrastructure and high-leverage protocols remain worthy of continued attention.
on-chain detective ZachXBT has exposed US threat actor Dritan Kapllani Jr., alleging his involvement in social engineering thefts targeting crypto users, totaling approximately $19 million.ZachXBT stated that Dritan has long been flaunting luxury cars,名牌 watches, private jets, and nightclub lifestyles on social media. On April 23, 2026, during a "Band 4 Band (B4B)" voice call on Discord, in an attempt to prove he was wealthier than another hacker, he publicly displayed an Exodus wallet containing $3.68 million in assets.The relevant ETH address is: 0x4487db847db2fc99372a985743a26f46e0b2bba6ZachXBT's tracking revealed that this address is linked to a social engineering theft incident on March 14, 2026, involving 185 BTC (approximately $13 million). The following day, Dritan's Exodus wallet received about $5.3 million from that theft. By the time of the B4B call six weeks later, approximately $1.6 million had already been spent or laundered.On May 11, the US Department of Justice unsealed a criminal indictment against Trenton Johnson, charging him with participation in the theft of 185 BTC. He faces a potential maximum sentence of 40 years in prison. The indictment refers to "Co-Conspirator 1 (CC-1)," believed to be Dritan, who has not yet been formally charged.ZachXBT also noted that Dritan is connected to hacker John Daghita (Lick), who was previously arrested for stealing $46 million from the US government. John had previously exposed Dritan's old wallet address on Telegram. On-chain analysis shows that this address is linked to multiple high-confidence social engineering thefts in 2025, with a cumulative total exceeding $5.85 million.ZachXBT stated that Dritan has long been active in the "The Com" hacker circle and had seemingly avoided formal prosecution due to being a minor. Now that he has turned 18, his "borrowed time may finally be over."
According to on-chain analyst PeckShield (@PeckShieldAlert), the TrustedVolumes attacker has laundered approximately $278,000 of stolen funds to date, including depositing 10.2 ETH (approx. $23,600) into Tornado Cash and swapping 110 ETH (approx. $250,000) for BTC via THORChain. Additionally, the attacker attempted to deposit 0.5 ETH into Railgun but subsequently withdrew it. TrustedVolumes was attacked on May 7, resulting in losses of approximately $6.7 million.
Solv Protocol has announced the migration of over $700 million in tokenized Bitcoin assets to Chainlink's cross-chain protocol CCIP, and will gradually phase out LayerZero's bridging support across multiple chains. The migration involves core assets such as SolvBTC and xSolvBTC. Solv stated that the decision is based on the latest security reviews and recent cross-chain security incidents, and CCIP will become its standard cross-chain infrastructure. This move follows Kelp DAO's migration of approximately $290 million in assets to Chainlink, further strengthening the trend of "cross-chain infrastructure shifting toward security-first migration." (CoinDesk)
According to on-chain data platform Santiment (@SantimentData), as Bitcoin’s price reclaimed the $80,000 level, the ratio of bullish-to-bearish comments on social media rose to 1.37:1.00—the highest in nearly four months—signaling a notable surge in market optimism. However, Santiment cautions that historically, sharp increases in bullish sentiment often serve as warning signs rather than buy signals. When retail FOMO dominates social media discussions, traders tend to enter positions late in the trend, raising the likelihood of local tops, profit-taking, and sudden price volatility. Santiment notes that peak market euphoria frequently coincides with the onset of waning momentum. By comparison, following the Kelp DAO vulnerability incident in mid-April, social sentiment plunged into deeply bearish territory; the exit of “weak-handed investors” instead laid a healthier foundation for the current rally. With sentiment now having reversed dramatically, Santiment advises traders to remain vigilant against potential risks stemming from excessive leverage and overly concentrated positions.
: Bitcoin Core developers have disclosed a high-risk vulnerability numbered CVE-2024-52911, affecting versions 0.14.1 through 28.4. Attackers can exploit this vulnerability by constructing a special block to remotely crash other nodes and execute code. The vulnerability was discovered and privately reported by developer Cory Fields in November 2024. The fix was merged in December 2024 and officially launched in the v29 release in April 2025.Currently, support for the last vulnerable version in the 28.x series ended on April 19, 2026. However, since upgrading Bitcoin nodes is voluntary, it is estimated that approximately 43% of nodes are still running vulnerable old versions, posing a potential security risk.
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
On-chain investigator ZachXBT replied that PolyArb is a fake prediction market product whose website contains a wallet-stealing script. Previously, PolyArb claimed on X that the Hyperliquid HIP-4 outcome market achieved $6.15 million in daily BTC trading volume within 48 hours. William LeGate, Head of User Growth, questioned its claims regarding Polymarket’s fee structure. ZachXBT warned that replying to the relevant account could generate further exposure and increase the number of potential victims.
Paradigm researcher Dan Robinson proposed a new scheme called PACT (Prove Address Control with Timestamp), aimed at protecting long-dormant Bitcoin, including Satoshi Nakamoto's early addresses, from future quantum computing attacks.The mechanism allows users to prove control over an address via a timestamp without transferring assets or exposing on-chain activity. Should a future quantum attack occur, assets can be recovered based on this proof within a quantum-resistant version of the Bitcoin network.Compared to mandatory migration schemes such as BIP-361, PACT avoids the privacy exposure issues caused by proactively transferring assets, offering long-term holders a more flexible proactive protection path.
According to The Block, blockchain intelligence firm TRM Labs released a report stating that North Korean hacker groups stole approximately $577 million in crypto assets during the first four months of 2026—accounting for 76% of global hacking losses over the same period. All these losses stemmed from two major incidents that occurred in April: KelpDAO was attacked by the TraderTraitor group, resulting in $292 million in losses; and Drift Protocol was compromised by another North Korean sub-group, suffering $285 million in losses. Preparations for the latter attack began as early as March 11, and funds were fully extracted within 12 minutes. The two incidents employed distinct money-laundering pathways: stolen funds from Drift remain largely dormant on Ethereum, whereas funds stolen from KelpDAO were rapidly swapped into BTC via THORChain, with subsequent laundering facilitated by Chinese intermediaries. TRM Labs noted that since 2017, North Korea’s cumulative crypto theft has exceeded $6 billion—and its share of global losses has risen steadily, from less than 10% in 2020 to 64% in 2025.
According to an official announcement by Tropykus, the decentralized lending protocol Tropykus has initiated a phased shutdown of its current protocol version. Deposit and lending functionalities will be permanently discontinued. Users may withdraw funds and repay loans via tropykus.com until the deadline of July 27, 2026; thereafter, such operations will only be supported through direct interaction with smart contracts. The team stated that this shutdown decision stems from long-term strategic evolution—not from the security report previously received by Money on Chain, a partner of Tropykus. That report had prompted the protocol to proactively suspend deposits and new lending activities. However, the team emphasized that internal discussions regarding the shutdown predated the security incident, and the incident merely accelerated the decision. Technically, the team noted that the original architecture was designed for an earlier technological environment and is no longer capable of meeting long-term development needs in the face of emerging security challenges posed by technologies such as artificial intelligence. The team advises all users to complete withdrawals and settle their lending positions via tropykus.com before July 27, 2026. After this date, users will need technical proficiency to interact directly with smart contracts to perform these operations.
Paul Sztorc, a developer who has long focused on Bitcoin scaling solutions, proposed a Bitcoin hard fork named eCash, set to occur at block height 964,000 in August 2026. Users holding BTC at the time of the fork will receive eCash on a 1:1 basis, and the new chain will introduce the Drivechains sidechain architecture. The controversy mainly centers on the plan to pre-allocate a portion of the eCash corresponding to the Satoshi Nakamoto address on the new chain to early investors, a move that has drawn criticism from the community, with some accusing it of "stealing" tokens. Paul Sztorc stated that this initiative aims to provide incentives for development and collaboration before the project's launch.
QCP Group’s analysis states that U.S.-Iran negotiations have once again collapsed, while the Middle East ceasefire continues, leaving the overall geopolitical landscape relatively static. A shooting incident occurred at the White House Correspondents’ Dinner, with Trump suspected as the target. Following Asia’s market open, BTC briefly surged past $79,000 and ETH above $2,400—but gains quickly reversed amid concerns triggered by news of Iran’s Foreign Minister traveling to Russia for talks with Putin. Since early April, BTC has rallied over 14% cumulatively, marking four consecutive weeks of positive closes. Spot ETFs recorded nine straight days of net inflows totaling approximately $2.11 billion. Strategy funds added over $3.8 billion worth of BTC in the past month. The current key resistance level for BTC lies near the CME gap around $82,000. BTC perpetual contract funding rates remain persistently negative; a breakout above this level could trigger short-covering. Implied volatility continues declining, and risk-reversal skew has narrowed somewhat, signaling gradually rising market interest in upside exposure. Key events this week: - April 29: Earnings reports from Microsoft, Amazon, Meta, and Google, plus the FOMC interest-rate decision. - April 30: Apple earnings report, U.S. Q1 GDP data, and March PCE inflation data.
according to Onchain Lens monitoring, a Balancer attacker has exchanged 21,000 ETH for 617.43 BTC over the past three days, worth $48.72 million. The attacker currently still holds 1,000 ETH, worth $2.32 million, and may conduct further sell-offs.
According to CoinDesk, while quantum computers cannot break Bitcoin’s mining mechanism or blockchain ledger, they could potentially crack the elliptic curve cryptography (ECC) that secures wallet ownership—using Shor’s algorithm. Currently, approximately 6.9 million BTC—roughly one-third of the total supply—are at potential risk because their public keys are already visible on-chain; this includes Satoshi Nakamoto’s estimated early holdings of about 1 million BTC. Transactions generated after Ethereum’s 2021 Taproot upgrade are similarly exposed due to public key disclosure. Ethereum has maintained an official post-quantum migration plan since 2018, with four full-time teams and over ten independent development groups, and operates a dedicated progress website at pq.ethereum.org. In contrast, Bitcoin currently lacks a unified roadmap for quantum resistance: existing proposals such as BIP-360 and BitMEX Research’s detection framework have not gained broad support among core developers. Prominent Bitcoin advocate Nic Carter has bluntly labeled Bitcoin’s quantum response “the worst,” while Blockstream CEO Adam Back acknowledges that current quantum systems remain confined to laboratory settings—but still endorses deploying optional upgrade paths in advance. Analysts note that Bitcoin’s decentralized governance culture makes coordinating large-scale security upgrades extremely difficult, and resolving historical issues—such as how to handle Satoshi’s holdings—presents a particularly thorny dilemma. A related Google paper warns that once quantum attacks become feasible, the window for effective response may already have closed.
According to Odaily, independent researcher Giancarlo Lelli was awarded the Q-Day Prize and 1 Bitcoin by quantum security startup Project Eleven for successfully cracking the encryption keys protecting Bitcoin. Giancarlo Lelli utilized publicly available quantum hardware and a variant of Shor's algorithm to crack a 15-bit encryption key among 32,767 possibilities. The difficulty of this quantum attack is 512 times greater than the 6-bit key record set in September 2025. Project Eleven CEO Alex Pruden stated that the resource requirements for such attacks continue to decline, with approximately 6.9 million Bitcoins currently held in vulnerable static addresses, including 1 million Bitcoins owned by Satoshi Nakamoto. The Bitcoin network has proposed BIP-360 to introduce quantum-resistant address types, while platforms such as Ethereum, Ripple, and Tron have also begun releasing plans for transitioning to post-quantum defenses.
According to on-chain analyst Yujin (@EmberCN), the hacker who stole approximately $98 million worth of assets from Balancer last November has been continuously swapping ETH for BTC via THORChain. To date, the hacker has swapped a total of 14,300 ETH for 419.3 BTC (approximately $32.51 million). The hacker currently holds 7,700 ETH on the Ethereum chain and 419.3 BTC on the Bitcoin chain, with a combined value of approximately $50.4 million. Since the price of ETH has fallen significantly from around $3,600 at the time of the theft, the value of the hacker’s holdings has shrunk by nearly half—from the original $98 million.
According to Onchain Lens monitoring, the Balancer attacker (0xa6d6...BDaA) exchanged 13,191 ETH for 386.52 BTC, worth $30.54 million, over the past 15 hours. The attacker currently still holds 8,000 ETH, valued at $18.52 million.
According to on-chain analyst Yujin (@EmberCN), the hacker who stole approximately $98 million in assets from Balancer last November is today exchanging ETH for BTC via THORChain. So far, 7,000 ETH have been swapped for 204.7 BTC—valued at roughly $15.88 million—and the process continues. Additionally, it has been disclosed that this address currently holds 15,000 ETH on Ethereum, valued at approximately $34.65 million, and 204.7 BTC on Bitcoin.