It appears the crypto industry is plagued by hacks. One incident after another, the digital assets industry looks more vulnerable, although innovation, regulations, and pro-crypto moves continue to mold its journey. Here are two major crypto hacks that hit the crypto realm in just 24 hours.
An address actively laundered $7 million worth of crypto funds from multiple wallets on the TRON blockchain to Ethereum. In another exploit, hackers compromised an unverified smart contract and stole nearly $1.4 million in funds.
Hackers exploit TMXTribe smart contract flaw
Blockchain insight provider CertiK Alert reported the hacking incident that caused a $1.4 million loss. The bad actors compromised an unverified smart contract related to TMXTribe on the Arbitrum blockchain. TMXTribe is a blockchain project centered around the Tribe DEX ecosystem and the TMX token.
According to the on-chain analysis platform, hackers minted and staked TMX liquidity pool using USDT stablecoins. They swapped USDT to USDG, a multi-chain stablecoin pegged to the US dollar. Following this method, hackers unstaked the tokens and sold the USDG.
However, the exploitation did not end here. They utilized a bug or flaw in the smart contract to repeatedly drain millions of dollars. It is more like a loop, where attackers repeated the process and earned additional value each time. What’s more, they grabbed real assets such as USDT, WETH (wrapped Ether), and wrapped Solana after repeating the exploitation method.
$7 million in funds drained from wallets on TRON blockchain
PeckShieldAlert, another on-chain investigator, found out that a specific wallet address actively laundered $7 million in funds from multiple wallets on TRON, then bridged the amount to Ethereum via Tornado Cash. In short, bridging is the process of moving funds or digital assets from one blockchain to another.
For the uninitiated, Tornado Cash is a smart-contract-based privacy service running on blockchains like Ethereum. It is typically used by bad actors in the industry to minimize their blockchain trail.
Meanwhile, another investigator, Specter, raised the same incident on X, stating that the funds originated from a “crypto investment pig-butchering scam.” Out of the $7 million, nearly $3.1 million was deposited into Tornado Cash.
In simple terms, all these hacks, including the latest Trust Wallet browser extension hack, are a reminder that security continues to be one of the most critical challenges facing the crypto industry. Although innovations, reliable regulations, and greater adoption are a plus, the lack of sufficient safety barriers is a concern. Smart contract flaws and weak security practices typically trigger most of these hacks.
