News linked to both this project and an event.
According to Onchain Lens monitoring, Echo Protocol on Monad has been attacked. The attacker minted 1000 eBTC, worth $76.7 million, and withdrew the funds through Curvance via a previously tested attack path.As of now, the attacker has deposited 45 eBTC as collateral into Curvance and borrowed approximately 11.29 WBTC, worth $867,700; the attacker then cross-chained this portion of WBTC to Ethereum, swapped it for ETH, and transferred 385 ETH (worth approximately $818,000) to Tornado Cash. The attacker currently appears to still control a large amount of the minted eBTC.
Vitalik published an article titled “A Shallow Dive into Formal Verification,” introducing recent progress in applying formal verification to Ethereum’s cutting-edge research and development. The article states that developers can write code in Lean, EVM bytecode, or assembly language and verify its correctness via mathematically rigorous proofs that can be automatically checked—thereby improving both code efficiency and security. He notes that formal verification is especially suitable for complex yet well-defined-security systems such as STARKs, Byzantine Fault Tolerant (BFT) consensus, ZK-EVMs, and post-quantum signatures, and mentions related projects including Arklib, VCV-io, and evm-asm. The article also emphasizes that formal verification is not a panacea: it remains subject to limitations such as incorrect specification definitions, unverified code paths, hardware-level constraints, and side-channel attacks.
according to PeckShieldAlert monitoring, the Adshares bridge attacker has returned 256 ETH (worth $540,700) to the deployer, accounting for 86% of the stolen funds.The Adshares bridge was attacked on May 17, 2026, resulting in a loss of approximately $628,000.
Verus confirmed on Platform X that its Verus-Ethereum cross-chain bridge has been attacked, resulting in the theft of ETH, USDC, and tBTC from the contract on the Ethereum chain. Other bridged assets are currently unaffected. The Verus network is now suspended, with most block-producing nodes voluntarily going offline after experiencing the cascading effects of the attack. The development team is fully investigating the scope of the incident, the attack vector, and the subsequent remediation plan, and will provide updates once more information is confirmed. Verus stated that it is willing to cooperate with relevant law enforcement agencies to pursue legal accountability; however, if the attacker returns all stolen funds, the project team is willing to offer a bug bounty and will not pursue further legal action.Verus also reminds users that anyone claiming to be part of the Verus team or community in public channels, private messages, or other avenues, and offering "compensation" or "remediation plans," is a scammer. The official statement emphasizes not to interact with anyone claiming there are compensation projects or offering payouts, and to promptly report such accounts to Discord or Platform X.Previously, it was reported that the Verus-Ethereum cross-chain bridge was attacked, resulting in losses of approximately $11.58 million.
According to PeckShield monitoring, the Verus-Ethereum Bridge has been hacked, resulting in the loss of assets including 103.6 tBTC, 1,625 ETH, and 147,000 USDC. The hacker subsequently swapped the stolen assets for approximately 5,402.4 ETH. The attacker's address received an initial 1 ETH approximately 14 hours ago via the mixing protocol Tornado Cash.
: On-chain analyst Tom Wan stated on platform X that the current ETH utilization rate has dropped below 90%, and the lending APY has fallen to 1.9%. Since the rsETH LayerZero cross-chain bridge was attacked, the deposits of wstETH and weETH have decreased by approximately $1.2 billion and $1.76 billion, respectively. As the strategy of leveraged looping wstETH/weETH against ETH becomes profitable again, market attention is turning to whether demand for ETH leveraged loops will return, or if capital will continue to wait on the sidelines or flow into protocols like Spark and Morpho.
Odaily News: Blockaid posted on platform X, stating that its vulnerability detection system has discovered an attack on the Verus Ethereum cross-chain bridge, which has so far caused losses of approximately $11.58 million.
on-chain analyst Specter stated that the hijacking incidents of investor Keith Gill, Matt Furie, and WinRAR accounts on the X platform are all linked to the same hacker organization. This organization has accumulated over $14 million in profits by hijacking accounts to promote tokens and conducting cross-chain money laundering, with funds flowing through five chains: Solana, BNB Chain, Ethereum, Tron, and Hyperliquid.Specter claims the organization may also be connected to a $2.45 million wstETH phishing attack in 2024. The investigation found that hackers used compromised accounts to issue Pepe imitation tokens, incorporating a built-in 2% automatic fee mechanism to generate profits; related fund flows are associated with the bnbshare.fun platform and multiple Solana, Tron, and Ethereum addresses. Analysis also showed that several tokens (including USOR, VDOR, DROID, WCOR, UGOR) were used to inflate market caps before being dumped to zero.
Odaily Chainalysis posted on X platform, stating that prior to the THORChain theft, wallets suspected to be linked to the attacker had been transferring funds through Monero, Hyperliquid, and THORChain for several consecutive weeks. As early as late April, the attacker-associated wallets deposited funds into Hyperliquid positions via Hyperliquid and the Monero privacy bridge. These funds were subsequently converted to USDC and transferred to Arbitrum, then bridged to Ethereum. Some of the ETH was then moved to THORChain to stake as RUNE for a newly joined node, which is believed to be the source of the attack.Subsequently, the attacker bridged a portion of the RUNE back to Ethereum and split it into four chains. One chain went directly to the attacker, passing through intermediate wallets before transferring 8 ETH to the wallet that would ultimately receive the stolen funds, just 43 minutes before the attack. The funds from the other three chains flowed in reverse. Between May 14 and 15, these wallets bridged the ETH back to Arbitrum again, deposited it into Hyperliquid, and transferred it into Monero via the same privacy bridge, with the final transaction occurring less than 5 hours before the attack commenced. As of Friday afternoon, the stolen funds remain untouched, but the attacker has demonstrated sophisticated cross-chain money laundering capabilities. The Hyperliquid to Monero path may be the next move.
on-chain detective ZachXBT stated that the hacker "Dritan Kapplani Jr" transferred approximately $2.59 million in assets today, including 1.99 million DAI and 259 ETH. The funds were moved from address 0x4487...bba6 to address 0x67ec...125d. The stolen funds currently remain dormant.ZachXBT stated that on May 12, they published an investigation detailing the connection between Dritan Kapplani Jr and Trenton (Trent) Johnson in a social engineering theft involving 185 Bitcoin (approximately $13 million).
According to on-chain analyst PeckShield (@PeckShieldAlert), THORChain has been hacked, resulting in losses of approximately $10 million in crypto assets, including 36.75 BTC (around $3 million) and roughly $7 million in assets from BNB Chain, Ethereum, and Base.
On-chain investigator ZachXBT stated that THORChain appears to have been attacked on the Bitcoin, Ethereum, BSC, and Base networks, resulting in losses exceeding $7.4 million.
Kraken announced on X platform that Chainlink CCIP will become the sole cross-chain infrastructure for kBTC and future wrapped assets, replacing the original LayerZero protocol. This decision followed last month's $292 million LayerZero cross-chain bridge exploit incident at Kelp.Currently, a total of over $3 billion in total value locked has migrated from LayerZero. The migration covers blockchains including Ethereum, Ink, Unichain, and Optimism. The current market cap of kBTC is approximately $260 million. Kraken stated that it will continue to be responsible for the issuance and custody of assets, while Chainlink CCIP will handle cross-chain asset transfers. (coindesk)
Odaily Odaily News Gate Research recently released its "April 2026 Cryptocurrency Market Review" report, indicating that the overall cryptocurrency market saw a volatile upward trend in April, with total market capitalization significantly higher than in March. BTC and ETH ETF trading volumes maintained high volatility overall. The report shows continued divergence in activity across major public chain ecosystems. Solana's daily transaction volume remained in the range of approximately 90 million to 110 million transactions, maintaining its leading position.Regarding trending sectors, the report notes that Pokemon TCG RWA has become one of the fastest-growing on-chain RWA sub-sectors, entering a second explosive growth phase in April. Major trading platforms saw monthly trading volumes exceed $220 million, with weekly revenue briefly approaching $6 million, setting new historical records. Meanwhile, Aave experienced its most severe liquidity crisis ever in April, with TVL outflows reaching tens of billions of dollars within a few days and net outflows exceeding $9 billion for the entire month.In terms of fundraising and security incidents, the Web3 industry completed 51 financing rounds in April, totaling approximately $834 million, with capital further concentrating on leading financial and infrastructure tracks. Among these, Payward ranked first for the month with a $200 million financing round. On the security front, Web3 security incidents in April resulted in losses of approximately $306 million, a month-over-month increase of about 858%, primarily driven by a single cross-chain infrastructure attack on Kelp DAO worth approximately $293 million. The report suggests that against the backdrop of a recovering market, on-chain activity and capital liquidity are both increasing simultaneously. However, the security risks associated with cross-chain infrastructure and high-leverage protocols remain worthy of continued attention.
According to Cointelegraph, a New York judge has postponed the hearing on Aave’s emergency motion to unfreeze approximately $71 million worth of ETH and ordered Aave and Gerstein Harrow LLP to submit additional case briefs. A new hearing is scheduled for June 5. The court noted that Aave previously failed to adequately explain why users’ funds would suffer “derivative losses” if the restraining order remained in effect. The assets in question are linked to the Kelp DAO hack, which involved approximately $293 million and was previously frozen by Arbitrum. The judge also directed both parties to further clarify several legal issues, including the applicable law governing the hacker’s transactions, the legal distinction between fraud and theft, the priority ranking of creditors’ claims, the applicability of constructive trust, and whether assets can be proportionally returned to victims.
the L1 blockchain TAC team stated they have confirmed a security incident on the cross-chain layer resulted in approximately $2.8 million in assets being transferred, involving assets such as USDT, BLUM, and tsTON.TAC stated that if the attacker returns the relevant funds to the designated multi-signature address, the team will consider this incident a "white hat rescue" and will not take legal action against the operator of the involved ETH/BSC, ZEC, and TON addresses.As a reward, the attacker can receive an approximately 10% bounty, equivalent to about 13 ETH and 300 ZEC.
TAC stated that its cross-chain layer on the TON side was exploited by external attackers, resulting in approximately $2.8 million in losses involving USDT, BLUM, and tsTON. TAC confirmed that the TAC token, TON, and all ERC-20 tokens bridged from Ethereum remain unaffected. The bridge has been temporarily suspended, and the team is conducting forensic analysis and implementing fixes. Additionally, the team plans to legally structure a sale of the foundation’s TAC token treasury reserves to restore bridge liquidity and compensate affected users. A post-mortem report and further details will be released within the next 48 hours.
on-chain detective ZachXBT has exposed US threat actor Dritan Kapllani Jr., alleging his involvement in social engineering thefts targeting crypto users, totaling approximately $19 million.ZachXBT stated that Dritan has long been flaunting luxury cars,名牌 watches, private jets, and nightclub lifestyles on social media. On April 23, 2026, during a "Band 4 Band (B4B)" voice call on Discord, in an attempt to prove he was wealthier than another hacker, he publicly displayed an Exodus wallet containing $3.68 million in assets.The relevant ETH address is: 0x4487db847db2fc99372a985743a26f46e0b2bba6ZachXBT's tracking revealed that this address is linked to a social engineering theft incident on March 14, 2026, involving 185 BTC (approximately $13 million). The following day, Dritan's Exodus wallet received about $5.3 million from that theft. By the time of the B4B call six weeks later, approximately $1.6 million had already been spent or laundered.On May 11, the US Department of Justice unsealed a criminal indictment against Trenton Johnson, charging him with participation in the theft of 185 BTC. He faces a potential maximum sentence of 40 years in prison. The indictment refers to "Co-Conspirator 1 (CC-1)," believed to be Dritan, who has not yet been formally charged.ZachXBT also noted that Dritan is connected to hacker John Daghita (Lick), who was previously arrested for stealing $46 million from the US government. John had previously exposed Dritan's old wallet address on Telegram. On-chain analysis shows that this address is linked to multiple high-confidence social engineering thefts in 2025, with a cumulative total exceeding $5.85 million.ZachXBT stated that Dritan has long been active in the "The Com" hacker circle and had seemingly avoided formal prosecution due to being a minor. Now that he has turned 18, his "borrowed time may finally be over."
According to on-chain analyst PeckShield (@PeckShieldAlert), the TrustedVolumes attacker has laundered approximately $278,000 of stolen funds to date, including depositing 10.2 ETH (approx. $23,600) into Tornado Cash and swapping 110 ETH (approx. $250,000) for BTC via THORChain. Additionally, the attacker attempted to deposit 0.5 ETH into Railgun but subsequently withdrew it. TrustedVolumes was attacked on May 7, resulting in losses of approximately $6.7 million.
According to CoinDesk, the floor price of Bored Ape Yacht Club (BAYC) NFTs has risen from approximately 5 ETH to over 10 ETH in the past month, while ApeCoin (APE) rebounded from below $0.10 to around $0.16 during the same period, with trading volume notably expanding. Meanwhile, repeated security vulnerabilities and persistently declining yields in the DeFi sector have driven some capital toward the NFT market. The financialization trend of NFTs is also intensifying: a recent $2.8 million loan collateralized by a CryptoPunk attracted widespread attention, with the lender expected to earn roughly $138,000 in interest over 90 days. Blue-chip collections such as Pudgy Penguins have also strengthened concurrently, and market expectations surrounding a potential token launch by OpenSea have further boosted sentiment.