Crypto Hackers Lose $162M—Turns Out Crime Doesn’t Pay (Mostly)

In a twist that’ll warm the hearts of bagholders everywhere, over 60% of the $257M stolen by hackers last month got frozen or clawed back. Who knew blockchain’s transparency could bite thieves in the ass?

Law enforcement and exchanges moved faster than a degenerate chasing a 100x leverage trade—freezing funds before they could vanish into mixer hell. The remaining $95M? Probably funding some offshore ‘crypto consultancy’ by now.

Moral of the story? Even digital bank robbers face withdrawal issues. (And yes, that’s your quarterly ‘crypto is secure’ hopium dose—now back to watching your portfolio bleed.)

DPRK hackers join the attack on retail and small wallets  

Two smaller hacks involved Demex, with a loss of $950K due to oracle manipulation, and Zunami Protocol, losing $500K from a still unclear exploit. According to SlowMist, smart contract flaws were the main cause of losses in 95% of hacking cases. 

For the past month, a total of six social media accounts were compromised, leading to losses from meme token shilling or social engineering. Hijacked X accounts have slowed down lately, but are still a vector for reaching potential targets.

Individual phishing scams were also active in the past month. A total of $9.6M was stolen from 7,164 victims. According to SlowMist, Lazarus Group is now targeting individuals with large wallets, taking up to $5.2M from a single victim through malware. 

The exploit targeted a merchant with a notable crypto wallet.

SlowMist issued a warning to merchants accepting crypto to avoid exposure of their main wallets. The other potential victim class are retail buyers involved with on-chain merchants. 

Marinade Finance led to SOL reward losses

Although not explicitly a hack, Marinade Finance was also a source of losses in May, due to protocol flaws. The project allowed validators to only bid with dust amounts of SOL while receiving disproportionate rewards. 

As a result, validators took more SOL than they deposited, leading to losses for MSOL holders that staked with Marinade Finance. Marinade Finance allowed validators to bid high for block production, but then drop their bid and only deposit dust.

Despite this, Marinade Finance still allowed the release of rewards for security and block production. This meant that malicious validators could gain significant passive income with minimal investments.

Based on rough estimates, those validators took as much as 3.4M SOL, which was once again staked and received additional rewards. The main reason was that the Marinade Finance code did not in fact remove low bidders as promised. The exploit ran for 126 solana epochs, or more than three months, before the potential for unfair gains was noticed.

KEY Difference Wire helps crypto brands break through and dominate headlines fast