Monday, October 6, 2025

Early October brought typical crypto heists and a rug pulls. Different plays, same ending: stolen funds and vanished founders.

Month in Review: Top DeFi Hacks of September 2025 (4 min read)
September turned into a slaughterhouse for DeFi - ten exploits over $1M each drained nearly $111 million, up from just four major hacks in August.

SlowMist: 2025 Q3 MistTrack Stolen Funds Analysis (27 min read)
SlowMist logged 317 stolen fund cases this quarter, recovering $3.7M while exposing the rise of human-driven exploits. Fake hardware wallets, EIP-7702 phishing, malicious GitHub repos, and deepfake job scams topped the list. Phishing domains and hijacked Discord links added to the toll, proving once again that in Web3, trust is the biggest vulnerability.

Security Coordination Across Modular Protocols (7 min read)
As modular blockchains disassemble monolithic security into sequencers, provers, and data layers, trust is no longer a single contract but a choreography of independent actors, each with its own failure modes, governance paths, and off-chain dependencies.

Stablecoin Security: How Design Choices Create Vulnerabilities and Economic Risk (35 min read)
From centralized fiat-backed models with opaque reserves to fully on-chain collateralized systems and algorithmic experiments fueled by market psychology, every stablecoin architecture encodes its own failure modes, where multisigs, oracles, and incentive loops can all decide whether a $1 peg stays sacred or snaps overnight.

AI-Enabled Hacking Evolves from Theory to Reality (7 min read)
From Claude-crafted zero-days to agentic bots running end-to-end campaigns, attackers now use LLMs to write malware, hyper-personalise phishing, and automate bridging/laundering - turning low-skill operators into industrial-scale threat actors across Web2 and Web3.

LLMs Learn to Spot Reentrancy Bugs Before They Strike. A CodeBERT model fine-tuned on 500 handpicked contracts beat every static analyzer at flagging reentrancy flaws, uncovering live drain risks in Connext and Aladdin DAO, where admins could still wipe entire treasuries with a single function call.

Leaked Documents Expose $8 Billion Crypto Web Behind Russia's Sanctions Evasion. New blockchain forensics reveal how a Moscow-linked network allegedly used $8 billion in crypto to evade sanctions and influence elections in Moldova.

EvilAI Masquerades as AI Tools to Infect Organizations Worldwide. Threat actors peddle signed “AI” productivity apps (AppSuite, OneStart, TamperedChef) to plant BaoLoader-style backdoors, steal browser data, and keep AES-encrypted C2 channels open across governments, manufacturers, healthcare and retail.

UK Convicts “Bitcoin Queen” in Record £5.5B Crypto Seizure. Zhimin Qian, a.k.a. Yadi Zhang, pled guilty to laundering 61,000 BTC stolen from a $7B Chinese Ponzi, making it the largest crypto seizure in history.

Fake Signal and ToTok apps spread Android spyware across the UAE. Two spyware families, ProSpy and ToSpy,  posed as Signal plugins and ToTok upgrades, hijacking contacts, SMS, media, and chat backups from Android users via cloned app stores.

Blockchain Security Engineer (Solidity / Rust / Golang), CertiK, US Remote

PhD candidate, Cryptographic Hardware and Design Automation, Leiden University

AI Security Researcher / Engineer, Ethereum Foundation, Remote

Cryptography Expert, Swift, Brussels, Belgium

Sr. Threat Researcher, Proofpoint, Berlin, Germany

Security Researcher, Akamai Technologies, Czechia (Remote)

One year ago, EigenLayer turned “email-based token distribution” into a $6 million phishing masterclass. Their restaking empire was undone by an inbox impersonator who simply swapped an address and walked off with 1.67M EIGEN tokens. The so-called “isolated incident” was a reminder that you can build the future of decentralized finance and still get wrecked by the same trick your grandma fell for in 2003. When your investor relations double as your attack surface, maybe decentralization isn’t your biggest problem.

When the hunter got hunted, the spyware merchants screamed. One hacker tore through Hacking Team’s fortress, dumped 400GB of their darkest secrets, and burned a $17M empire to the ground. What started as righteous revenge became the biggest leak in surveillance history - and the industry still hasn’t recovered.

Skip the bots, hit the brains.

Get your message in front of the sharpest, most battle-tested crowd in crypto.

If they notice you, the whole space will. [Partner with us]

We provide an anonymous platform for whistleblowers and DeFi detectives to present their information to the community. All authors remain anonymous. 
We are all rekt.