News Heat Trend
Project Overview
Wasabi Wallet is a free, open-source, and deterministically reproducible software. Anyone can view, verify, and even contribute to the code.
Wasabi Protocol Updates on Security Incident Response: Final User Compensation Plan Not Yet Confirmed
Wasabi Protocol released a security incident update, stating that the attacker exploited a Spring Boot Actuator configuration vulnerability in its AWS infrastructure to steal private keys controlling EVM smart contracts, and subsequently drained approximately $4.8 million in user funds and $900,000 from the protocol’s treasury—totaling roughly $5.7 million in losses. The attack chain originated from a public-facing analysis server whose Actuator heap dump was not properly password-protected, enabling the attacker to obtain credentials for another server and ultimately gain control of the smart contract private keys. This incident affected only EVM deployments—including certain treasuries on Ethereum, Base, Blast, and Berachain—while Solana deployments and the Prop AMM remained unaffected. No final user compensation plan has been announced yet; however, “ensuring all affected users are compensated” remains the team’s top priority. Updates on the investigation will be shared with the community via Discord.
Wasabi Protocol: Users Can Now Safely Interact with Contracts and Withdraw Remaining Funds
Wasabi Protocol announced a security incident update on X, stating that users can now safely interact with the protocol’s contracts to withdraw remaining funds. The team said it is working behind the scenes to the best of its ability to address the issue; however, as the investigation remains ongoing, no further details can be disclosed at this time. The team will share the latest updates with the community as soon as conditions permit.
Wasabi Protocol: Do not interact with the protocol’s smart contracts for now.
Wasabi Protocol announced on X that it has become aware of an issue with the protocol and is actively investigating. As a precautionary measure, users are advised not to interact with the protocol’s smart contracts until further notice. Updates on the security incident will be shared as soon as more information becomes available. Earlier reports indicated that Wasabi Protocol was hacked, resulting in the theft of approximately $2.9 million.
CertiK: Wasabi Protocol Hacked, Approximately $2.9 Million Stolen
According to blockchain security firm CertiK (@CertiKAlert), Wasabi Protocol (@wasabi_protocol) has suffered a security breach, with approximately $2.9 million stolen so far. Preliminary investigations indicate that the attacker gained privileged access after compromising a wallet deployed by Wasabi, enabling the attack. The stolen funds are currently distributed across the following addresses: 0xb8Bb...70dB (approximately $677,000) and 0x6244...f906 (approximately $1.1 million). The incident remains under active investigation.
Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
Berachain Blacklists Reward Vaults and Suspends BGT Rewards in Response to Wasabi Private Key Leak
Odaily, Berachain Foundation issued a warning on the X platform, stating that the Wasabi Protocol experienced a cross-chain security incident due to a deployer's private key leak, which has impacted multiple blockchains including Berachain. To prevent the risk from spreading, Berachain has suspended and blacklisted all affected Wasabi Reward Vaults within its network, immediately halting the distribution of BGT staking rewards to the compromised contracts and blocking the flow of new BGT into the affected vaults.The official team requires all users who have previously interacted with Wasabi on Berachain to immediately revoke token approvals for the specified contracts to avoid the risk of asset theft. Berachain also emphasized that the BGT reward funds within the native Reward Vaults remain secure and users can claim them normally; this incident does not affect core ecosystem interests.
Wasabi Protocol Updates on Security Incident Response: Final User Compensation Plan Not Yet Confirmed
Wasabi Protocol released a security incident update, stating that the attacker exploited a Spring Boot Actuator configuration vulnerability in its AWS infrastructure to steal private keys controlling EVM smart contracts, and subsequently drained approximately $4.8 million in user funds and $900,000 from the protocol’s treasury—totaling roughly $5.7 million in losses. The attack chain originated from a public-facing analysis server whose Actuator heap dump was not properly password-protected, enabling the attacker to obtain credentials for another server and ultimately gain control of the smart contract private keys. This incident affected only EVM deployments—including certain treasuries on Ethereum, Base, Blast, and Berachain—while Solana deployments and the Prop AMM remained unaffected. No final user compensation plan has been announced yet; however, “ensuring all affected users are compensated” remains the team’s top priority. Updates on the investigation will be shared with the community via Discord.
Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
Wasabi Protocol: Users Can Now Safely Interact with Contracts and Withdraw Remaining Funds
Wasabi Protocol announced a security incident update on X, stating that users can now safely interact with the protocol’s contracts to withdraw remaining funds. The team said it is working behind the scenes to the best of its ability to address the issue; however, as the investigation remains ongoing, no further details can be disclosed at this time. The team will share the latest updates with the community as soon as conditions permit.
Wasabi Protocol: Solana Contract Security—Vulnerability Impact Limited to EVM Deployments
Wasabi Protocol stated that the Wasabi smart contracts on Solana are secure and unaffected by this vulnerability. The vulnerability is limited to Wasabi’s EVM deployments. The team is collaborating with leading security firms and has contacted law enforcement and the FBI. Further updates will be shared as they become available.
Berachain Blacklists Reward Vaults and Suspends BGT Rewards in Response to Wasabi Private Key Leak
Odaily, Berachain Foundation issued a warning on the X platform, stating that the Wasabi Protocol experienced a cross-chain security incident due to a deployer's private key leak, which has impacted multiple blockchains including Berachain. To prevent the risk from spreading, Berachain has suspended and blacklisted all affected Wasabi Reward Vaults within its network, immediately halting the distribution of BGT staking rewards to the compromised contracts and blocking the flow of new BGT into the affected vaults.The official team requires all users who have previously interacted with Wasabi on Berachain to immediately revoke token approvals for the specified contracts to avoid the risk of asset theft. Berachain also emphasized that the BGT reward funds within the native Reward Vaults remain secure and users can claim them normally; this incident does not affect core ecosystem interests.
Wasabi Protocol: Do not interact with the protocol’s smart contracts for now.
Wasabi Protocol announced on X that it has become aware of an issue with the protocol and is actively investigating. As a precautionary measure, users are advised not to interact with the protocol’s smart contracts until further notice. Updates on the security incident will be shared as soon as more information becomes available. Earlier reports indicated that Wasabi Protocol was hacked, resulting in the theft of approximately $2.9 million.
Wasabi Protocol Updates on Security Incident Response: Final User Compensation Plan Not Yet Confirmed
Wasabi Protocol released a security incident update, stating that the attacker exploited a Spring Boot Actuator configuration vulnerability in its AWS infrastructure to steal private keys controlling EVM smart contracts, and subsequently drained approximately $4.8 million in user funds and $900,000 from the protocol’s treasury—totaling roughly $5.7 million in losses. The attack chain originated from a public-facing analysis server whose Actuator heap dump was not properly password-protected, enabling the attacker to obtain credentials for another server and ultimately gain control of the smart contract private keys. This incident affected only EVM deployments—including certain treasuries on Ethereum, Base, Blast, and Berachain—while Solana deployments and the Prop AMM remained unaffected. No final user compensation plan has been announced yet; however, “ensuring all affected users are compensated” remains the team’s top priority. Updates on the investigation will be shared with the community via Discord.
Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
Wasabi Protocol: Users Can Now Safely Interact with Contracts and Withdraw Remaining Funds
Wasabi Protocol announced a security incident update on X, stating that users can now safely interact with the protocol’s contracts to withdraw remaining funds. The team said it is working behind the scenes to the best of its ability to address the issue; however, as the investigation remains ongoing, no further details can be disclosed at this time. The team will share the latest updates with the community as soon as conditions permit.
Wasabi Protocol: Solana Contract Security—Vulnerability Impact Limited to EVM Deployments
Wasabi Protocol stated that the Wasabi smart contracts on Solana are secure and unaffected by this vulnerability. The vulnerability is limited to Wasabi’s EVM deployments. The team is collaborating with leading security firms and has contacted law enforcement and the FBI. Further updates will be shared as they become available.
Berachain Blacklists Reward Vaults and Suspends BGT Rewards in Response to Wasabi Private Key Leak
Odaily, Berachain Foundation issued a warning on the X platform, stating that the Wasabi Protocol experienced a cross-chain security incident due to a deployer's private key leak, which has impacted multiple blockchains including Berachain. To prevent the risk from spreading, Berachain has suspended and blacklisted all affected Wasabi Reward Vaults within its network, immediately halting the distribution of BGT staking rewards to the compromised contracts and blocking the flow of new BGT into the affected vaults.The official team requires all users who have previously interacted with Wasabi on Berachain to immediately revoke token approvals for the specified contracts to avoid the risk of asset theft. Berachain also emphasized that the BGT reward funds within the native Reward Vaults remain secure and users can claim them normally; this incident does not affect core ecosystem interests.
CertiK: Wasabi Protocol Hacked, Approximately $2.9 Million Stolen
According to blockchain security firm CertiK (@CertiKAlert), Wasabi Protocol (@wasabi_protocol) has suffered a security breach, with approximately $2.9 million stolen so far. Preliminary investigations indicate that the attacker gained privileged access after compromising a wallet deployed by Wasabi, enabling the attack. The stolen funds are currently distributed across the following addresses: 0xb8Bb...70dB (approximately $677,000) and 0x6244...f906 (approximately $1.1 million). The incident remains under active investigation.
Related news
Wasabi Protocol Updates on Security Incident Response: Final User Compensation Plan Not Yet Confirmed
Wasabi Protocol released a security incident update, stating that the attacker exploited a Spring Boot Actuator configuration vulnerability in its AWS infrastructure to steal private keys controlling EVM smart contracts, and subsequently drained approximately $4.8 million in user funds and $900,000 from the protocol’s treasury—totaling roughly $5.7 million in losses. The attack chain originated from a public-facing analysis server whose Actuator heap dump was not properly password-protected, enabling the attacker to obtain credentials for another server and ultimately gain control of the smart contract private keys. This incident affected only EVM deployments—including certain treasuries on Ethereum, Base, Blast, and Berachain—while Solana deployments and the Prop AMM remained unaffected. No final user compensation plan has been announced yet; however, “ensuring all affected users are compensated” remains the team’s top priority. Updates on the investigation will be shared with the community via Discord.
Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash
According to monitoring by on-chain analyst Specter, the Wasabi Protocol attacker has deposited all stolen funds into Tornado Cash, moving approximately $5.9 million into Tornado Cash. Additionally, North Korean hacking groups have also used Tornado Cash to launder stolen funds from KelpDAO and LayerZero. Their process involved first cross-chaining the assets to Bitcoin, then routing them through Wasabi Mixer, extracting and cross-chaining back to Ethereum, depositing into Tornado Cash, subsequently withdrawing to new wallets and dispersing across multiple addresses. The new wallets then deployed tokens, used the stolen funds to buy in, removed liquidity from the deployment wallet, cross-chained to Tron (USDT), held for several hours or days, and finally sent to OTC-related wallets.
Wasabi Protocol: Users Can Now Safely Interact with Contracts and Withdraw Remaining Funds
Wasabi Protocol announced a security incident update on X, stating that users can now safely interact with the protocol’s contracts to withdraw remaining funds. The team said it is working behind the scenes to the best of its ability to address the issue; however, as the investigation remains ongoing, no further details can be disclosed at this time. The team will share the latest updates with the community as soon as conditions permit.
Wasabi Protocol: Solana Contract Security—Vulnerability Impact Limited to EVM Deployments
Wasabi Protocol stated that the Wasabi smart contracts on Solana are secure and unaffected by this vulnerability. The vulnerability is limited to Wasabi’s EVM deployments. The team is collaborating with leading security firms and has contacted law enforcement and the FBI. Further updates will be shared as they become available.
Berachain Blacklists Reward Vaults and Suspends BGT Rewards in Response to Wasabi Private Key Leak
Odaily, Berachain Foundation issued a warning on the X platform, stating that the Wasabi Protocol experienced a cross-chain security incident due to a deployer's private key leak, which has impacted multiple blockchains including Berachain. To prevent the risk from spreading, Berachain has suspended and blacklisted all affected Wasabi Reward Vaults within its network, immediately halting the distribution of BGT staking rewards to the compromised contracts and blocking the flow of new BGT into the affected vaults.The official team requires all users who have previously interacted with Wasabi on Berachain to immediately revoke token approvals for the specified contracts to avoid the risk of asset theft. Berachain also emphasized that the BGT reward funds within the native Reward Vaults remain secure and users can claim them normally; this incident does not affect core ecosystem interests.
Wasabi Protocol: Do not interact with the protocol’s smart contracts for now.
Wasabi Protocol announced on X that it has become aware of an issue with the protocol and is actively investigating. As a precautionary measure, users are advised not to interact with the protocol’s smart contracts until further notice. Updates on the security incident will be shared as soon as more information becomes available. Earlier reports indicated that Wasabi Protocol was hacked, resulting in the theft of approximately $2.9 million.