ChainCatcher message, crypto detective ZachXBT shared on his personal channel that, "One of the most outrageous cases that occurred in 2025 is undoubtedly the recent cyber attack on Brazilian central bank service provider C&M Software, with losses amounting to approximately $140 million (800 million reais).Six financial institutions were unauthorizedly accessed on June 30, 2025, with attackers breaching their reserve accounts at the central bank. The hackers then converted fiat currency into BTC, ETH, and USDT through over-the-counter (OTC) dealers and cryptocurrency exchanges in the Latin American region. I estimate that at least $30 million to $40 million was converted into cryptocurrency.According to subsequent reports from Brazilian law enforcement, the hackers paid only about $2,760 (15,000 reais) to purchase the company login credentials from an employee of C&M Software. I have been assisting in tracking the funds, freezing accounts, and identifying unmarked OTC dealers, and when it is possible to disclose, I will publish the addresses related to this theft. Currently, this incident has received little attention from media outside of Brazil."

ChainCatcher news, according to Decrypt, Australian cryptocurrency billionaire Tim Heath successfully escaped from a meticulously planned kidnapping attempt by biting off one of the attacker's fingers.According to a hearing in an Estonian court last week, the attacker disguised as a painter, used a GPS tracker and a disposable phone to monitor Heath's movements. After the incident, Heath has invested approximately €2.7 million to enhance his personal security.

ChainCatcher message, Slow Mist CISO @im23pds tweeted to remind that the Chrome V8 engine vulnerability CVE-2025-6554 allows attackers to execute malicious code through specially crafted web pages. The related exploit PoC has been made public and is currently being exploited. Users should pay attention to upgrading to avoid phishing attacks that could lead to asset loss.

According to ChainCatcher news, the Polyhedra ecosystem announced the launch of the Phoenix Revival Program after suffering a liquidity attack on June 15, to thank the users who supported them during this critical time.The program offers two exclusive benefits for users who staked ZKJ on-chain at the time of the attack: incentives and rewards for future Polyhedra products, as well as whitelist access for future ecosystem project airdrops. The proportion of future earnings for users will be calculated based on their SP (staking power) share at the snapshot time (June 15, 2025, 13:00 UTC).Future products from Polyhedra include ZKML (Zero-Knowledge Machine Learning), Regulatable Privacy-Stablecoin, and Dark Pool, among others. These projects aim to provide verifiable AI systems, privacy-preserving decentralized stablecoin systems, and privacy-protecting decentralized exchange protocols, etc.

ChainCatcher message, the encryption wallet provider OneKey released a statement in its X community stating that it has never incited, organized, or manipulated any KOL or user in any form to launch public opinion attacks against Curve or any project. In response to the malicious accusations and false statements spread by certain individuals on current social platforms, OneKey will pursue legal accountability and will not tolerate such behavior.In addition, founder Yishi is participating in the investment entirely in a personal capacity, which is a personal action, and no official resources from OneKey have been involved in this project.At the same time, all products of OneKey are designed to be open source, with no backdoors, and have been fully audited by professional security teams such as SlowMist.

ChainCatcher message, according to on-chain detective ZachXBT's monitoring, a user is suspected to have been attacked by the North Korean hacker group Lazarus Group on May 16, resulting in a loss of approximately 3.2 million dollars in assets. The stolen assets were sold on the market, and the stolen funds were subsequently cross-chained from Solana to Ethereum. On June 25, 400 ETH was deposited into Tornado Cash; on June 27, 400 ETH was deposited into Tornado Cash.

ChainCatcher message, Resupply released a hacker attack analysis report, which pointed out that the attack on the crvUSD-wstUSR trading pair of Resupply resulted in approximately 10 million USD in reUSD bad debt, but the vulnerability only exists in specific token trading pairs, and other token trading pairs are unaffected. The Resupply market is operating as usual.Currently, the debt limit for the affected token trading pairs has been set to 0, and withdrawals from the insurance pool have been suspended, requiring a formal governance vote to lift the suspension. Resupply noted that the problematic code segment has undergone multiple security audits, and independent researchers have been hired to review the codebase, but no reports of the issue were made. At this stage, the stolen funds remain on-chain, and they are monitoring the situation and will take necessary measures.

ChainCatcher news, on the X platform, on-chain detective ZachXBT stated that Pepe creator Matt Furie and his platform ChainSaw's associated projects Replicandy, Peplicator, etc., were attacked in mid-June, allegedly by mistakenly hired North Korean IT personnel.The attackers took over contract permissions to mint and sell NFTs, causing the floor price to drop to zero, with initial estimated total losses exceeding 1 million dollars, of which approximately 310,000 dollars were stolen from ChainSaw-related projects.

ChainCatcher news, Slow Mist founder Yu Xian stated that the attacker of the decentralized stablecoin protocol Resupply exploited an interest rate inflation vulnerability to steal assets. The attacker triggered price inflation by donating to the Controller contract of the new treasury, causing the exchangeRate to drop to 0, thereby bypassing collateral verification. Ultimately, the attacker was able to borrow a large amount of reUSD using only 1 wei of collateral. The hacker's funds have currently been converted to ETH, worth approximately over 9.5 million USD, and the hacker's Gas came from Tornado Cash.

ChainCatcher news, OneKey founder Yishi publicly stated about "Curve ecosystem DeFi protocol Resupply suffering a price manipulation attack resulting in a loss of $9.6 million," demanding that Curve provide a fair solution for every investor and return the user funds lost due to serious technical errors by the project team.Yishi revealed that he is one of the three major investors in Resupply, and the losses from this incident amount to millions of dollars. He accused the team of banning reasonable questioners on Discord and lacking the necessary accountability. He emphasized that the vulnerability stemmed from the failure to destroy the initial shares when deploying the ERC4626 vault, allowing attackers to mint shares at almost zero cost and drain the vault, which constitutes a protocol-level design and deployment error.Yishi stated that it is unreasonable for the Resupply team to shift the losses onto the insurance pool depositors, as the insurance pool is meant for black swan events and market fluctuations, not to cover the team's technical negligence. He also pointed out that Curve, Convex, and Yearn had participated in supporting Resupply in various forms and had gained actual benefits from it, and should not shirk responsibility afterward. He called for the relevant parties to bear the necessary costs and return user assets.In response to the incident, Curve stated this morning, "Although Resupply was not developed by the Curve team, its creators are experienced, and we believe they will do their best to address the issue. The insurance pool is intended to provide protection for such security incidents, and any recovered assets should be prioritized for processing."

ChainCatcher news, according to Cointelegraph, the blockchain intelligence company TRM Labs stated that in the first half of 2025, cryptocurrency losses due to attacks could reach as high as $2.1 billion, most of which are caused by the leakage of crypto private keys and front-end intrusions.TRM Labs released a report on Thursday indicating that of the 75 cryptocurrency hacking incidents that have occurred so far this year, over 80% of the stolen funds came from so-called infrastructure attacks. These types of attacks, on average, siphon off 10 times more funds than other types of attacks.Infrastructure attacks target the technical backbone of systems, aiming to gain unauthorized control, mislead users, or redirect assets. They include hijacking the private key mnemonic phrases of crypto wallets or exploiting the user interface components of crypto protocols (i.e., the front end).

ChainCatcher news, according to PeckShield monitoring, the attacker address of Silo Finance transferred 225.1 ETH to Tornado Cash, worth approximately $548,000.

ChainCatcher message, the official website information of the cryptocurrency exchange XeggeX shows, "Notice: Due to the hacker attack in February and recent other issues, Xeggex is shutting down and applying for bankruptcy. More information and legal contact will be provided soon."According to previous news, the cryptocurrency exchange XeggeX suffered a hacker attack in February this year, and users were unable to log into their personal accounts.

ChainCatcher message, after the Cork Protocol attacker transferred 4,520 ETH to Tornado Cash yesterday and donated 10 ETH to the Tornado Cash developer legal fund.Tornado Cash co-founder Roman Storm posted on the X platform: "My lawyer cannot accept these funds, and these funds will be returned to the Cork team."

ChainCatcher news, according to the crypto security research organization BlockSec Phalcon, the Resupply protocol has been attacked, resulting in a loss of approximately 9.5 million dollars.

ChainCatcher news, according to PeckShield monitoring, the unmanaged lending protocol SiloFinance has been attacked, resulting in a loss of approximately $545,000.

ChainCatcher message, according to monitoring by Pie Shield, an address marked as "Cork Protocol Exploiter 2" has transferred 4,520 ETH (worth approximately 11 million USD) to Tornado Cash and donated 10 ETH to "Free Alexey & Roman" (Tornado Cash developers' legal aid fund) on Juicebox.

ChainCatcher news, according to monitoring by PeckShield, the address marked as "Cork Protocol Exploiter 2" has transferred 1,410 Ethereum (approximately 3.4 million USD) to Tornado Cash.

ChainCatcher news, according to official sources, GoPlus has issued a security alert indicating that the lending protocol Venus Protocol on the BNB Chain is suspected to have been attacked, resulting in a loss of approximately 2 million dollars. The stolen assets include a large amount of vToken (such as vUSDT), and the reason for the attack is related to MEV and permission management vulnerabilities.

ChainCatcher news, according to official sources, the Web3 phishing attack simulation platform "Unphishable," jointly developed by SlowMist Team, DeFiHackLabs, and ScamSniffer, will officially launch on July 1. This platform is designed to provide users with a realistic phishing attack simulation experience, helping users enhance their fraud prevention skills in a safe and gamified environment.Unphishable is completely browser-based, supporting English, Simplified Chinese, and Traditional Chinese, and operates on the MetaMask test network to ensure the safety of user assets. The platform will offer over 30 phishing simulation levels, covering common attack types from beginners to advanced users, including fake airdrops, mnemonic phrase phishing, and malicious authorizations.