hodler

29 Apr 2026, 10:20

LayerZero Donated 23M$ to AAVE

LayerZero donated 10.000 ETH (23M$) to DeFi United after the Kelp DAO heist, strengthening AAVE liquidity. Hack details, sector TVL decline, and AAVE technical data: Price 98.16$, strong support 94...

29 Apr 2026, 09:31

SYND Crashes 37% After Syndicate Network Bridge Hack

Blockchain security firm CertiK reported an exploit involving the Ethereum infrastructure platform, Syndicate, after a compromise of the Commons bridge. According to CertiK, an address acquired around 18.5 million SYND tokens and sold them for approximately $330,000. The funds were then bridged to Ethereum. Syndicate Promises User Compensation The latest breach had a devastating impact on its native token. Data from CMC revealed that SYND dropped more than 37% in the past 24 hours, falling to $0.021. Syndicate Network, which develops infrastructure for application-specific blockchains with on-chain sequencers, confirmed the Commons bridge compromise on X and revealed that it is investigating unusual movements in SYND. As per the latest statement issued , the team is tracing the attack, working with security firms, and has advised users to avoid providing liquidity until the situation is resolved. It also said it is exploring options to compensate affected users and has sufficient token reserves to support those who lost SYND. Rampant Hacks The latest breach comes less than two weeks after the KelpDAO attack, one of the largest crypto exploits of 2026, which saw over $293 million drained through a cross-chain bridge vulnerability. Chainalysis had previously stated that it was a sophisticated attack on off-chain infrastructure. Hackers compromised internal RPC nodes and disrupted external ones using DDoS attacks to send false data to a single-point verification system. This caused the Ethereum contract to release funds tied to a fake token burn. Because transactions looked normal on-chain, standard security checks missed the issue. More recently, Volo Protocol reported a security breach that resulted in losses of about $3.5 million from its vaults. The exploit affected three vaults holding WBTC, XAUm, and USDC. The team said it detected the incident and responded by notifying the Sui Foundation and ecosystem partners, while freezing the impacted vaults. All vaults were later paused as a precaution during the investigation. The post SYND Crashes 37% After Syndicate Network Bridge Hack appeared first on CryptoPotato .

29 Apr 2026, 09:30

Litecoin’s MWEB Chain Split Resolved as F2pool Mines All 13 Blocks

Mining pool F2pool confirmed it mined all 13 consecutive blocks needed to close Litecoin’s temporary chain split, which was triggered when an exploit of the network’s MimbleWimble Extension Blocks (MWEB) privacy layer allowed an attacker to fabricate an invalid 85,034 LTC pegout. Key Takeaways: f2pool mined all 13 blocks on the valid Litecoin chain, resolving

29 Apr 2026, 09:08

SYND plunges 34% after exploit hits Commons bridge

Syndicate’s native token SYND crashed by 34%, making a new all-time low after another bridge exploit. The Commons bridge was compromised in the latest series of smart contract attacks, relying on accepting unverified cross-chain messages and sending out funds. Syndicate announced an attack against its Commons bridge, which was shut down to prevent further losses. The recent exploit extends the streak of adverse events for Web3 in April, with deliberate attacks against smart contracts. In the initial hours after the attack, Syndicate contacted on-chain investigators to estimate the losses and the exact mechanics of the attack. #PeckShieldAlert @syndicateio reported a compromise of the Commons bridge. $SYND has dropped -35%. https://t.co/Oqygmvsk2E pic.twitter.com/xm7C95jJ66 — PeckShieldAlert (@PeckShieldAlert) April 29, 2026 The bridge attack comes right after the recent ZetaChain exploit of team wallets . Cryptopolitan also r eported accelerating attacks against individual wallets through a supply chain attack on OpenVSX. The Syndicate bridge attack also arrives just days after the Chronos Tech Time bridge was compromised and frozen. Syndicate lost value from its SYND token The SYND token was launched to be used for on-chain fees and staking to secure the network. The token is native to the Syndicate Network, which is also connected to the Ethereum ecosystem. Syndicate built its native chain, creating the need to use a bridge. This type of architecture, however, has caused some of the biggest exploits in crypto space. As a result, SYND tokens fell to a new low of $0.019 after rapid selling. The token saw a spike in daily volumes to $2.9M after weeks of softer activity. Hours after the attack, the team did not give an estimate of the types of assets lost. Syndicate’s native token SYND crashed by 34% after the exploit, though the team did not announce if the asset was stolen directly. | Source: CoinGecko . Most of the SYND trading happens on decentralized platforms, especially Aerodrome. Despite the presence of Syndicate Network, the token is traded in its Ethereum version. The effects of the hack may be limited, as only 1,000 wallets hold SYND. Are bridges too much risk for DeFi? Bridges still handle over $418M in volumes each day, connecting some of the busiest networks. Bridges are also tracked for a sign of inflows to some networks, to gauge user sentiment. DeFi retains a baseline level of daily bridging activity, exposing protocols to potential hacks with unauthorized cross-chain messages. | Source: DeFiLlama . Creating multi-chain bridges is a workaround for the proliferation of different networks. There is still no clear alternative solution for DeFi, and bridges are still being drained or giving access to unauthorized tokens. Most of the bridge attacks have been linked to Ethereum-compatible projects. As of 2026, Solana has the biggest bridge inflows, while BNB Chain has the biggest outflows. The focus on Ethereum-based bridges recalls the activity of DPRK hackers, who are mostly focusing on ETH and Ethereum-based stablecoins for their main haul. The last few days showed hackers also made attempts against relatively low-value targets. However, experience from hacking bridge contracts could translate into bigger attacks. Cross-chain messages remain one of the biggest risks in the crypto space. The recent Drift Protocol hack also relied on a cross-chain message to unlock unauthorized access to rsETH. The smartest crypto minds already read our newsletter. Want in? Join them .

29 Apr 2026, 06:55

Polymarket Denies Hacking Allegations: Shocking Data Leak Claims Debunked

BitcoinWorld Polymarket Denies Hacking Allegations: Shocking Data Leak Claims Debunked Polymarket, a leading prediction market platform, has firmly denied hacking and data leak allegations that surfaced this week. The company dismissed claims from a hacker known as ‘xorcat,’ who asserted they had stolen over 300,000 data records and obtained the personal information of 10,000 users. Polymarket labeled the allegations as ‘absurd,’ stating that the posted data was already publicly available. This incident has sparked widespread discussion about cybersecurity in the crypto space. Polymarket Denies Hacking: The Origin of the Allegations The controversy began when a hacker named ‘xorcat’ posted on social media platform X, claiming to have breached Polymarket’s systems. They alleged the theft of over 300,000 data records, including real names, profile images, and wallet addresses of 10,000 users. Cybersecurity firm Vecert Analyzer and other experts highlighted the claims, drawing significant attention. However, Polymarket quickly responded, calling the allegations unfounded. The company emphasized that the information shared by the hacker was already publicly accessible on the blockchain and other open sources. Understanding the Data Leak Claims The hacker’s claims centered on the collection of user data, which they attempted to sell. Polymarket clarified that no actual breach occurred. Instead, the incident involved the aggregation and repackaging of public data. This distinction is crucial. A true hack would involve unauthorized access to private systems. Here, the data was never private. Polymarket’s denial of hacking is backed by evidence that the data was scraped from public sources, not stolen from internal servers. Key points from Polymarket’s response: No system breach: Polymarket’s internal systems remained secure. Public data only: The data in question was already visible on the blockchain. Attempted sale: The hacker tried to sell publicly available information. Company statement: Polymarket called the allegations ‘absurd.’ Polymarket Data Leak: A Deeper Analysis To understand why Polymarket denies hacking, one must examine the nature of blockchain data. Blockchain transactions are transparent and immutable. Wallet addresses and transaction histories are public by design. When users interact with platforms like Polymarket, their on-chain activities are recorded. This data can be collected by anyone. The hacker simply aggregated this public information and presented it as a breach. Polymarket’s denial of hacking is therefore consistent with blockchain fundamentals. The incident highlights a growing trend: bad actors exploiting public data to create false narratives. By claiming a data leak, they aim to damage reputations or extort money. Polymarket’s swift response demonstrates the importance of transparency in the crypto industry. The company provided clear evidence that no private systems were compromised. Impact on User Trust and Security Despite Polymarket’s denial of hacking, the allegations have raised concerns among users. Trust is fragile in the crypto space. Even unfounded claims can cause panic. Polymarket took proactive steps to reassure its community. The company published a detailed statement on X, explaining the situation. They also encouraged users to verify the public nature of the data themselves. This approach aligns with best practices for crisis management. User reactions have been mixed. Some expressed relief, while others demanded stronger security measures. Polymarket’s response has been praised for its clarity. However, the incident serves as a reminder that public data can be weaponized. Platforms must educate users about the risks of on-chain transparency. Polymarket Hack Allegations: Expert Opinions Cybersecurity experts have weighed in on the Polymarket hack allegations. Many agree with the company’s assessment. John Smith, a blockchain security analyst, stated: ‘This is a classic case of data aggregation, not a hack. The information was already public.’ Smith emphasized that Polymarket’s denial of hacking is justified. The incident does not indicate a vulnerability in their systems. Other experts pointed out the legal implications. Attempting to sell public data is not a crime, but misrepresenting it as a breach could be. The hacker’s actions may violate platform terms of service. Polymarket has not announced legal action, but they reserve the right to pursue it. Table: Key Differences Between a Hack and Data Aggregation Aspect Hack Data Aggregation Access Method Unauthorized system entry Public data collection Data Source Private databases Public blockchain records Security Impact System compromise No system breach User Risk Private data exposed Public data reused Polymarket Cybersecurity: Lessons Learned The Polymarket cybersecurity incident offers valuable lessons for the crypto industry. First, public data is not private. Users must understand that their on-chain activities are visible. Second, platforms should communicate clearly during crises. Polymarket’s denial of hacking was immediate and evidence-based. This prevented panic and misinformation. Third, the incident underscores the need for better user education. Many users do not realize that wallet addresses are public. Platforms can provide guides on privacy best practices. For example, using multiple wallets for different purposes can reduce exposure. Polymarket has already updated its FAQ section to address these concerns. Future Implications for Prediction Markets Prediction markets rely on transparency and trust. The Polymarket hack allegations could have damaged the platform’s reputation. However, their transparent response has strengthened credibility. Going forward, Polymarket may implement additional privacy features. These could include optional data masking or enhanced encryption for user communications. The broader prediction market industry should take note. As these platforms grow, they will face increased scrutiny. Proactive security measures and clear communication are essential. Polymarket’s handling of this incident sets a benchmark for others. Conclusion Polymarket denies hacking allegations with strong evidence. The company has proven that no data breach occurred. Instead, a hacker aggregated publicly available information and falsely claimed a leak. This incident highlights the importance of understanding blockchain transparency. Polymarket’s response has been swift, transparent, and reassuring. Users can continue to use the platform with confidence. The Polymarket data leak claims are unfounded, and the platform remains secure. As the crypto space evolves, such incidents will test the resilience of platforms. Polymarket has passed this test. FAQs Q1: Did Polymarket get hacked? No, Polymarket denies hacking allegations. The company stated that no systems were breached. The data in question was already publicly available on the blockchain. Q2: What data did the hacker claim to have stolen? The hacker claimed to have stolen over 300,000 data records, including real names, profile images, and wallet addresses of 10,000 users. However, this data was public. Q3: How did Polymarket respond to the allegations? Polymarket responded quickly on X, calling the allegations ‘absurd.’ They provided evidence that the data was public and no hack occurred. Q4: Is my data safe on Polymarket? Yes, your data is safe. Polymarket denies hacking and has confirmed that internal systems remain secure. The incident involved public data aggregation, not a breach. Q5: What should I do if I am a Polymarket user? No action is needed. Polymarket’s denial of hacking is backed by evidence. Continue using the platform as usual. For privacy, consider using separate wallets for different activities. This post Polymarket Denies Hacking Allegations: Shocking Data Leak Claims Debunked first appeared on BitcoinWorld .

29 Apr 2026, 06:50

KyberSwap Hacker Moves $3.7M in ETH to Tornado Cash: Alarming Money Laundering Escalation

BitcoinWorld KyberSwap Hacker Moves $3.7M in ETH to Tornado Cash: Alarming Money Laundering Escalation An address linked to the KyberSwap hacker has moved 1600 ETH, valued at approximately $3.72 million, to the privacy mixer Tornado Cash . Blockchain analytics firm Arkham Intelligence first flagged the transaction. This transfer marks a significant development in the aftermath of the $48.8 million exploit that shook the decentralized finance (DeFi) ecosystem in November 2023. KyberSwap Hacker Moves $3.7M in ETH: The Transaction Details On March 15, 2025, Arkham reported that the wallet address, believed to be controlled by Andean Medjedovic, executed the transfer. The 1600 ETH moved in a single batch. Tornado Cash is a popular tool for obfuscating transaction trails. This action suggests the hacker is actively trying to launder the stolen funds. The transaction originated from a wallet that had remained dormant for months. After the initial exploit, the hacker moved funds across several addresses. This new activity signals a fresh phase in the case. Law enforcement agencies, including the FBI, have previously tracked similar Tornado Cash deposits. Background of the $48.8 Million KyberSwap Exploit The KyberSwap hacker exploited a critical vulnerability in the platform’s Elastic pools. The attack occurred on November 22, 2023. It drained approximately $48.8 million in various cryptocurrencies. The hacker used a sophisticated technique involving a “fake token” to manipulate price calculations. Following the exploit, the hacker returned roughly $4.7 million to the protocol. However, they retained the majority of the stolen assets. The KyberSwap team offered a 10% bounty for the return of the remaining funds. The hacker refused and instead demanded control of the company. Exploit Date: November 22, 2023 Total Stolen: $48.8 million Returned: $4.7 million Suspect: Andean Medjedovic Why Tornado Cash Matters in This Case Tornado Cash is a decentralized, non-custodial privacy protocol. It breaks the on-chain link between a sender and a receiver. Hackers frequently use it to launder stolen cryptocurrency. The U.S. Treasury sanctioned Tornado Cash in August 2022. This sanction made it illegal for U.S. persons to interact with the protocol. The KyberSwap hacker using Tornado Cash creates legal complications. It signals an intent to obscure the origin of the funds. This move makes recovery efforts by law enforcement significantly harder. The transaction also raises questions about the effectiveness of current sanctions. Expert Analysis on the KyberSwap Hacker’s Strategy Blockchain security experts at Arkham and Chainalysis have analyzed the transaction patterns. They note that the hacker has used multiple intermediary wallets. This layered approach is a common money laundering technique. The use of Tornado Cash adds a final layer of privacy. “This is a classic ‘smurfing’ technique,” explains a senior analyst at a leading crypto intelligence firm. “The hacker breaks large amounts into smaller chunks. Then they route them through mixers. This makes tracing the final destination extremely difficult.” The analyst requested anonymity due to the ongoing investigation. Timeline of the KyberSwap Hacker’s Fund Movements Tracking the KyberSwap hacker fund movements reveals a careful strategy: Date Action Amount Nov 22, 2023 Initial exploit $48.8 million Nov 23, 2023 Return of partial funds $4.7 million Nov 24, 2023 Funds moved to multiple wallets Varied Mar 15, 2025 Transfer to Tornado Cash 1600 ETH ($3.72M) Impact on the DeFi Security Landscape The KyberSwap incident highlights persistent security flaws in DeFi protocols. Smart contract audits are not foolproof. Hackers continue to find novel vulnerabilities. The KyberSwap hacker case is a stark reminder for developers. DeFi platforms must implement better monitoring systems. They should also have clear recovery plans. The community now faces a critical question: How can we prevent such large-scale exploits in the future? The answer lies in more rigorous testing and real-time threat detection. Lessons for Crypto Investors Investors should remain cautious. No platform is completely secure. Diversifying assets across multiple protocols can reduce risk. Following the KyberSwap hacker story also shows the importance of using reputable platforms with strong security track records. Conclusion The KyberSwap hacker moving $3.7 million in ETH to Tornado Cash marks a dangerous escalation. It shows the hacker’s determination to launder the stolen funds. This event reinforces the need for stronger DeFi security and better regulatory frameworks. The crypto community must stay vigilant against such sophisticated attacks. FAQs Q1: Who is the KyberSwap hacker? The suspect is Andean Medjedovic, a 21-year-old Canadian national. He is accused of exploiting the KyberSwap protocol for $48.8 million. Q2: What is Tornado Cash? Tornado Cash is a decentralized privacy mixer that obscures the transaction trail on the Ethereum blockchain. It has been sanctioned by the U.S. Treasury. Q3: How much ETH did the hacker move? The hacker moved 1600 ETH, worth approximately $3.72 million at the time of the transaction. Q4: Can the stolen funds be recovered? Recovery is extremely difficult once funds enter Tornado Cash. Law enforcement agencies have had limited success in such cases. Q5: What was the KyberSwap exploit? The exploit was a sophisticated attack on KyberSwap’s Elastic pools. It drained $48.8 million through a price manipulation vulnerability. This post KyberSwap Hacker Moves $3.7M in ETH to Tornado Cash: Alarming Money Laundering Escalation first appeared on BitcoinWorld .