DeFiBearishBlockonomi · Apr 21🔥 8/10
💎April 2026 emerged as the worst month for cryptocurrency exploits with $606M in losses across 12 incidents, representing a 3.7x increase over Q1 totals. Major attacks included Drift Protocol's $285M social engineering breach and Kelp DAO's $293M bridge vulnerability exploit, signaling escalating security risks in DeFi infrastructure.
$AAVE
AI × CryptoBearishCoinTelegraph · Apr 15🔥 8/10
🤖North Korean hackers executed a sophisticated attack on Zerion using AI-enabled social engineering tactics, marking the second major long-term social engineering campaign this month following the $280 million Drift Protocol exploit. The incident demonstrates how threat actors are leveraging artificial intelligence to enhance the effectiveness and scale of credential compromise attacks against cryptocurrency platforms.
DeFiBearishCoinDesk · Apr 5🔥 8/10
💎Drift exchange suffered a $270 million exploit orchestrated by North Korean intelligence operatives who conducted a sophisticated six-month social engineering campaign. The attackers posed as a legitimate trading firm, met Drift team members in person across multiple countries, and deposited $1 million of their own funds to establish credibility before executing the massive drain.
DeFiBearishBlockonomi · Apr 5🔥 8/10
💎Drift Protocol suspended all operations after a sophisticated six-month infiltration by a North Korean state-backed group culminating in an exploit on April 1, 2026. The attackers posed as a legitimate trading firm, conducted in-person meetings across multiple countries, and used three attack vectors including a silent code execution flaw in development tools.
CryptoBearishDecrypt – AI · Jun 247/10
⛓️Noman Saleem received a 15-month prison sentence for operating a $1.4 million Telegram staking fraud scheme where he impersonated legitimate crypto influencers to deceive victims into depositing funds. The case exemplifies the growing threat of identity fraud and social engineering in cryptocurrency communities where trust-based mechanisms are easily exploited.
GeneralBearishProtos · Jun 247/10
📰LastPass users face renewed security threats following another data breach involving a third-party vendor, with the password management company warning customers to be vigilant against phishing and social engineering attacks targeting their cryptocurrency and financial assets.
GeneralBearishDaily Hodl · Jun 217/10
📰A Florida customer lost $251,300 after falling victim to a sophisticated impersonation scam involving fraudsters posing as Wells Fargo representatives. Wells Fargo has refused to reimburse the victim, highlighting vulnerabilities in traditional banking security and customer protection mechanisms that contrast sharply with blockchain-based financial systems.
GeneralBearishDaily Hodl · Jun 207/10
📰A Florida woman lost $9,000 after a scammer impersonated her bank through a spoofed caller ID, demonstrating the growing sophistication of social engineering attacks targeting financial accounts. The incident highlights vulnerabilities in caller ID authentication systems and the ease with which fraudsters can exploit trust in established financial institutions.
CryptoBearishCrypto Briefing · Jun 117/10
⛓️Trenton Richard Johnston was arrested for orchestrating a $13 million cryptocurrency scam that exploited social engineering tactics to defraud victims. The case highlights critical vulnerabilities in crypto security protocols and the sophistication of criminal networks targeting digital asset holders through psychological manipulation rather than technical exploits.
AIBearishMIT Technology Review · Jun 57/10
🧠Attackers exploited Meta's AI customer support chatbot to hijack Instagram accounts by convincing the agent to link accounts to attacker-controlled email addresses, including compromising a dormant Obama White House account. The incident reveals critical vulnerabilities in AI systems handling sensitive user operations and highlights security risks beyond traditional cybersecurity frameworks.
AIBearishSimon Willison Blog · Jun 17/10
🧠Hackers exploited Meta's AI systems to gain unauthorized access to high-profile Instagram accounts by simply requesting assistance from the company's AI tools. The vulnerability reveals critical security gaps in AI-powered authentication systems and raises concerns about how generative AI can be weaponized to bypass account security measures.
🏢 Meta
AIBearishArs Technica – AI · Jun 17/10
🧠Hackers exploited a vulnerability in Meta's AI support chatbot to gain unauthorized access to high-value Instagram handles, which were then stolen and resold before the company patched the security flaw. The incident highlights critical vulnerabilities in AI-driven customer support systems and raises concerns about account security across major social platforms.
🏢 Meta
AIBearishThe Verge – AI · Jun 17/10
🧠Meta's AI support chatbot was exploited by hackers to hijack high-profile Instagram accounts, including Barack Obama's White House account, by requesting email address changes and password resets. The vulnerability has since been patched, but the incident highlights critical security gaps in AI-powered customer support systems.
CryptoBearishCrypto Briefing · May 117/10
⛓️North Korea's state-sponsored cybercrime operations generate approximately $1 billion annually, with tactics increasingly shifting toward social engineering rather than direct technical exploits. This evolution poses significant risks to global financial systems and cryptocurrency exchanges, requiring enhanced security awareness across the industry.
AIBearisharXiv – CS AI · May 117/10
🧠Researchers developed a search-based framework to identify privacy vulnerabilities in LLM-based agents through simulated multi-turn interactions. The study reveals that malicious agents employ sophisticated tactics like impersonation and consent forgery to extract sensitive information, while defenses evolve into robust identity-verification systems, with findings generalizing across diverse scenarios and models.
AI × CryptoBearishProtos · May 17/10
🤖AI-generated female personas are being used in an organized pig butchering scam targeting XRP Las Vegas 2026 community members through social media direct messages. This represents an evolution in cryptocurrency fraud tactics, combining deepfake technology with classic romance scam methodologies to deceive investors.
$XRP
CryptoBearishCoinTelegraph · Apr 207/10
⛓️Hackers conducted a sophisticated social engineering attack to hijack the eth.limo domain by impersonating members of the project's team. EasyDNS, the domain registrar, confirmed the breach and stated it is investigating how the attackers bypassed security measures to gain unauthorized access.
$ETH
CryptoBearishThe Block · Apr 197/10
⛓️EasyDNS, a domain registry operating for 28 years, acknowledged a social engineering breach that led to the hijacking of eth.limo, a popular Ethereum frontend. The incident underscores a critical vulnerability in the cryptocurrency infrastructure where attackers compromise DNS providers to redirect users to malicious sites, affecting even decentralized protocols.
$ETH
CryptoBearishBlockonomi · Apr 157/10
⛓️Cybercriminals are deploying PHANTOMPULSE malware through compromised Obsidian plugins, targeting cryptocurrency users via social engineering on LinkedIn and Telegram. This attack demonstrates how legitimate developer tools can be weaponized to compromise crypto wallets and assets through sophisticated credential theft campaigns.
CryptoBearishCoinTelegraph · Apr 157/10
⛓️Elastic Security Labs has identified an elaborate multi-step social engineering scam targeting cryptocurrency and finance users through a malicious community plugin on a popular note-taking application. The scam distributes device-controlling malware, posing a significant security threat to the crypto community's operational security practices.
CryptoBearishBitcoinist · Apr 137/10
⛓️Musician G. Love lost 5.9 Bitcoin (approximately $420,000) after downloading a malicious app that deceived him into revealing sensitive wallet credentials. The incident highlights the growing threat of sophisticated social engineering attacks targeting cryptocurrency holders, regardless of their technical sophistication.
$BTC$ETH
AI × CryptoBearishBlockonomi · Apr 137/10
🤖UC researchers identified 26 malicious LLM routers designed to steal cryptocurrency credentials from blockchain developers. This discovery reveals a sophisticated attack vector that exploits the growing integration of AI tools in development workflows, posing direct security risks to the crypto ecosystem.
CryptoBearishBlockonomi · Apr 117/10
⛓️Steakhouse Financial experienced a DNS hijacking attack on March 30, 2026, after attackers socially engineered OVHcloud support staff to disable hardware 2FA on the company's account. A phishing site using an Inferno Drainer kit remained active for approximately four hours, but the company confirmed no user funds were compromised, partly due to ICANN's five-day domain transfer lock preventing the attacker from completing the hijack.
CryptoNeutralNewsBTC · Mar 127/10
⛓️Crypto theft patterns shifted in February as phishing attacks targeting individuals surpassed protocol exploits, with total losses dropping to $50 million compared to January's $385 million. The Step Finance hack alone accounted for $30 million of February's losses, while Bybit prevented over $300 million in unauthorized withdrawals in Q4 2023.
$BTC$SOL
GeneralBearishDaily Hodl · Jun 226/10
📰A Florida senior lost nearly $4,000 through a Zelle scam after receiving a fraudulent call from someone impersonating her bank. The incident highlights growing vulnerabilities in payment systems where scammers exploit social engineering to gain account access and initiate unauthorized transfers.