A recent security breach at the crypto liquid restaking platform Bedrock resulted in a loss of around $2 million due to a smart contract vulnerability in its uniBTC vaults.
This exploit was flagged by Web3 security firm Dedaub on September 26, but despite early warnings, Bedrock’s team failed to take timely action before the breach occurred.
The hacker had the potential to steal up to $75 million but only took $2 million. In response to the incident, Bedrock is formulating a reimbursement strategy for affected investors and collaborating with audit teams to recover the lost assets.
They even reached out to the hacker via an on-chain message on Etherscan, offering a reward for the return of the stolen funds, but as of now, there has been no reply.
Meanwhile, other platforms like Shezmu have successfully negotiated the return of stolen funds by offering bounties.
After a similar exploit, Shezmu managed to recover nearly $5 million by agreeing to a higher bounty than initially proposed, illustrating a growing trend of on-chain negotiations following hacks.
The U.S. Department of Justice has sentenced Dwayne Golden, 57, of Pennsylvania to 97 months in prison for orchestrating a fraudulent crypto investment scheme that stole over $40 million from investors.
The first half of 2025 has become the most damaging six-month period in crypto history, with over $2.1 billion stolen across 75+ separate incidents, according to new data.
A new breed of cyber-attack is sweeping through crypto media, exploiting site pop-ups and wallet-connect prompts instead of smart-contract bugs.
CoinMarketCap, one of the most widely used crypto data tracking platforms, is reportedly facing a front-end security breach, with multiple users encountering a suspicious prompt to verify their wallets.