News linked to this event type.
According to on-chain analyst Ai Yi's monitoring, the Venus attacker transferred 2,301 ETH (approximately $5.32 million) to address 0xa21…23A7f 11 hours ago. Subsequently, the funds were laundered in batches via Tornado Cash. Currently, there is still $17.45 million worth of ETH remaining on-chain.
The Economic Daily published an article titled “Leveraging China’s Token Advantages,” which points out the need to clearly recognize potential risks associated with tokens, including identity theft due to token leakage, unauthorized access and theft of sensitive data through forged permissions, and user exploitation via agent-based commission schemes. Some lawbreakers have begun targeting tokens, setting up consumer traps disguised as “discounted token packages” or “token agents.” It is essential to continuously improve policy frameworks, regulations, and standards, and to standardize token trading秩序 by cracking down on price monopolies, false advertising, and illegal financial activities. Illegal and non-compliant activities—including speculative “hoarding for appreciation” and over-the-counter trading—must be resolutely curbed, guiding tokens back to their fundamental roles in technical services, value settlement, and rights transfer.
Odaily News Wall Street investment bank Jefferies' analysis indicates that the approximately $293 million attack on Kelp DAO on April 18 exposed critical infrastructure risks, which may prompt traditional financial institutions to reassess the pace of blockchain and tokenization advancement.Jefferies believes the attacker triggered market sell-offs and liquidity stress by minting unbacked tokens and borrowing across platforms. The incident is suspected to be potentially linked to the Lazarus Group and also highlights the single point of failure in the validation mechanisms of cross-chain bridges. As institutions accelerate the tokenization of assets (such as funds, bonds, and deposits), related risks may cause some banks and asset management firms to temporarily pause deployments, prioritizing a review of system security. Especially in scenarios reliant on cross-chain infrastructure, security vulnerabilities could lead to market fragmentation, undermining the practical utility of tokenized assets.Despite short-term confidence being shaken, Jefferies still emphasizes that the long-term trend remains unchanged. Against the backdrop of regulatory progress and continuous infrastructure improvement, use cases like stablecoins still hold growth potential. However, the industry as a whole is still in its early development stage and requires time to enhance system robustness. (CoinDesk)
According to an official announcement by Volo, a security vulnerability occurred today on the Sui network involving Volo—a BTCFi and LST protocol—resulting in the theft of approximately $3.5 million in assets (including WBTC, XAUm, and USDC) from three specific vaults. Immediately after the incident, the team notified the Sui Foundation and ecosystem partners and froze all vaults to prevent further losses. Volo stated that the vulnerability affected only these three vaults; the remaining vaults are not exposed to the same attack vector, and the other ~$28 million in TVL remains secure. The official announcement emphasized that Volo will bear the loss entirely and will not pass it on to users. A comprehensive post-mortem report and remediation plan will be released upon completion of the investigation.
According to on-chain analyst Yu Jin, the KelpDAO hacker began laundering and transferring ETH yesterday afternoon, and by now should have laundered 34,500 ETH (worth $80 million).Most of this ETH was cross-chain swapped into BTC via THORChain, which consequently earned a significant amount in "toll fees":1. THORChain's trading volume surged to $360 million over the past 24 hours, compared to an average daily volume of only $20 million previously.2. THORChain's platform fee revenue reached $420,000 over the past 24 hours, whereas its daily fee income was only $5,000 before.
According to on-chain analyst Specter (@SpecterAnalyst), the North Korean hacking group TraderTraitor began laundering stolen funds from KelpDAO at approximately 3 a.m. Beijing time today—just three hours after the Arbitrum Council froze 30.7 ETH (approximately $71 million). The attackers split the remaining funds across three wallets, holding roughly 25,000 ETH (~$57.6 million), 25,700 ETH (~$59.2 million), and 25,000 ETH (~$57.9 million), respectively. The third wallet immediately initiated laundering operations and now holds only about 3,800 ETH (~$8 million). The majority of the funds were bridged to the Bitcoin network via THORChain, with approximately 99% flowing through this protocol. As a result, THORChain’s daily trading volume surged to $211 million—more than ten times its 30-day average—and generated roughly $189,000 in fees. During this laundering process, the illicit proceeds were also commingled with funds stolen in the BTC Turk (2025) and Bybit (2025) hacks. To date, approximately 442 BTC (~$33 million) linked to these incidents have been traced on the Bitcoin network, and over 400 addresses have been utilized throughout the entire laundering operation.
Odaily News Trump's pick for Fed Chair, Powell, went all out during his confirmation hearing: refusing to answer whether Trump lost the election, being angrily called a "puppet" by Warren; countering by blasting the Fed for "losing its way and playing politics"; and repeatedly denying promising low interest rates to the President. Nick Timiraos, often referred to as the "Fed's mouthpiece," wrote that Massachusetts Democratic Senator Elizabeth Warren, in her opening statement, characterized Powell as both Trump's "puppet" and an opportunist. Warren's argument was that a Fed Chair who wouldn't even dare state a simple fact that might displease the President who nominated him would not stand up to that President at critical moments. This theme ran throughout the hearing, with Democrats returning to it multiple times.Powell also stated that the Fed needs "fundamental policy reform," including a new inflation framework, new tools, and new communication methods. While Powell sidestepped Trump's public attacks on the Fed, he repeatedly denied to senators from both parties that Trump had ever sought any promises on interest rates. "The President never asked me to pre-determine, promise, commit to, or decide on any interest rate decision, not in any of our discussions, and I would never agree to do so." (WSJ)
Bybit’s Security Operations Center has identified a multi-stage malware campaign targeting macOS users of Claude Code, an AI-powered search and development tool. Attackers used search engine optimization (SEO) poisoning to push malicious domains to the top of Google search results, luring users to counterfeit installation pages. Once installed, the malware steals browser credentials, macOS Keychain data, Telegram sessions, VPN configurations, and cryptocurrency wallet information. Bybit stated that the malware can also establish persistent access via backdoor functionality and attempts to target over 250 browser wallet extensions and multiple desktop wallet applications. This malicious infrastructure was identified on March 12, and related analysis, mitigation, and detection measures were completed the same day.
According to Cointelegraph, DefiLlama data shows that there have been 518 hacking incidents in the crypto space over the past decade, resulting in cumulative losses exceeding $1.7 billion. A significant portion of these losses stemmed from private key leaks, phishing attacks, and other credential-based attacks. As smart contract security continues to improve, attackers are increasingly shifting their focus toward wallet security, signature infrastructure, development tools, and user operations. Recently, Kelp DAO’s rsETH cross-chain bridge was attacked, with approximately 116,500 rsETH tokens stolen—valued at roughly $290–293 million at the time of the incident.
Security researcher Doyeon Park announced on X that he discovered and disclosed a high-severity CVSS 7.1 zero-day vulnerability in the Cosmos consensus layer (CometBFT). This vulnerability could cause network nodes to stall during block synchronization, thereby affecting system operation—but it cannot directly lead to asset theft. Doyeon Park stated that he made every effort to follow the Coordinated Vulnerability Disclosure (CVD) process; however, due to the project team’s lack of cooperation and “irresponsible decisions,” he ultimately chose to publicly disclose the vulnerability details, adding that any resulting security risks would be borne by the relevant project teams.
Odaily News According to monitoring by crypto analyst Ai Yi @ai_9684xtpa, the KelpDAO attacker has transferred 50,700 ETH to 2 new addresses, valued at approximately $118 million.
Odaily Seer Channel monitoring shows that Polymarket has launched a new market: "When will the next cryptocurrency hack exceeding $100 million in losses occur". This market primarily references the Rekt News leaderboard as the adjudication source, and can also use publicly recognized reliable reports as a basis. Currently, this prediction market has set four time nodes: April 30, June 30, September 30, and December 31.The event contract rules are: This is a market regarding whether any crypto project or exchange suffers an attack or hack valued at a minimum of $100 million equivalent between the market creation and 11:59 PM Eastern Time on the date specified in the title. Otherwise, this market will ultimately resolve to "No". Hacks on decentralized exchanges and lending protocols will be counted.Odaily Seer Channel continues to monitor prediction markets, seeing changes before they are priced in.
On-chain investigator ZachXBT updated that funds related to the KelpDAO attack have begun moving: approximately $1.5 million has been cross-chained from Ethereum Mainnet to the Bitcoin network via Thorchain, and roughly $78,000 has been transferred via Umbra. The attacking address initially sourced its funds from Tornado Cash, and fund laundering and cross-chain transfers are ongoing.
According to PeckShield’s monitoring, the KelpDAO attacker has transferred 75,700 ETH to two new addresses.
Odaily News KelpDAO stated in a post on X platform that it will continue to explore all feasible avenues to support rsETH holders and mitigate the impact of the related security incident on the DeFi ecosystem.It mentioned that over the past two days, the team has collaborated with the Arbitrum Security Council and multiple ecosystem participants, providing context on the incident and assisting with the assessment efforts, while also expressing gratitude for the coordination and support from teams like SEAL 911. Previously, the Arbitrum Security Council had frozen approximately 30,700 ETH, involving assets related to the KelpDAO attacker.
The mother of an ASTEROID-related creator posted that her social media account had been compromised, and that multiple accounts—including her phone, email, and Facebook—were attacked that evening. She emphasized that the cryptocurrency-related content circulating recently was not posted by her.
Odaily News According to on-chain analyst Yu Jin's monitoring, the Arbitrum chain project team has frozen the 30,766 ETH ($70.97 million) that the KelpDAO hacker had placed on the Arbitrum chain. Through technical means, they transferred these 30,766 ETH from the hacker's wallet to the address 0x0000000000000000000000000000000000000da0, which is controlled by the Arbitrum chain. After the recovery of these 30,766 ETH, the hacker still holds 75,700 ETH ($175 million) on the Ethereum chain.
According to an official Arbitrum announcement, the Arbitrum Security Council took emergency action at 11:26 PM ET on April 20, successfully freezing and transferring 30,766 ETH held at addresses associated with the KelpDAO vulnerability. This operation was conducted with assistance from law enforcement agencies, and the funds have been moved to an intermediate frozen wallet—rendering the original addresses unable to access the funds. The subsequent disposition of these funds will be coordinated by the Arbitrum governance mechanism in collaboration with relevant stakeholders. The Security Council stated that the entire operation had no impact whatsoever on any other on-chain state or Arbitrum users.
According to monitoring by PeckShield, the Kelp DAO attacker transferred 30,765 ETH (approximately $70.92 million) to a special address starting with 0x00000, suspected to be a burning action.
Odaily News Cryptography engineer Filippo Valsorda wrote an article pointing out that the impact of quantum computing on current cryptographic systems is mainly concentrated on asymmetric algorithms (such as ECDSA, RSA, etc.), while its effect on symmetric encryption (like AES, SHA series) is limited. Grover's algorithm does not significantly weaken the security of 128-bit keys in practical scenarios.Although Grover's algorithm can theoretically accelerate brute-force attacks, it is difficult to parallelize, making the actual attack cost extremely high. Even under ideal quantum computing conditions, the resources required to break AES-128 are far greater than the cost of using Shor's algorithm to attack elliptic curve encryption.Furthermore, standards bodies including the National Institute of Standards and Technology (NIST) unanimously agree that AES-128 still meets post-quantum security requirements and does not need to be upgraded to 256-bit keys. Industry views suggest that focusing resources on replacing asymmetric encryption schemes vulnerable to quantum attacks is a more urgent task at present.