hodler

1 Feb 2026, 12:07

Security Breaches Crash Step Finance’s Altcoin by 95%

Step Finance faced a major security breach affecting its treasury wallets. The breach resulted in a significant devaluation of STEP Coin by 95%. Continue Reading: Security Breaches Crash Step Finance’s Altcoin by 95% The post Security Breaches Crash Step Finance’s Altcoin by 95% appeared first on COINTURK NEWS .

1 Feb 2026, 09:22

Meta faces New Mexico trial tied to platform safety lapses

A landmark legal battle against Meta kicked off Monday in New Mexico, where the social media giant stands accused of turning its platforms into hunting grounds for predators targeting children. Jury selection began this week in Santa Fe, marking the first independent trial by state officials in a growing wave of legal action against the company for Feb. 9, with proceedings expected to stretch nearly two months. State builds case o n un dercover investigation State Attorney General Raúl Torrez brought the lawsuit in 2023 after investigators went undercover, setting up fake accounts pretending to be minors. The operation documented various advances directed at these accounts and tracked how Meta handled reports of inappropriate behavior. According to Torrez, the company put profits before protecting young users. The accusations center on Meta allegedly building a space where adults seeking to exploit children can operate, while hiding what the company understood about these dangers. “So many regulators are keyed up looking for any evidence of a legal theory that would punish social media that a victory in that case could have ripple effects throughout the country, and the globe,” Eric Goldman said. Goldman works as co-director of the High Tech Law Institute at Santa Clara University School of Law. “Whatever the jury says will be of substantial interest.” Meta has pushed back hard against these claims, calling the state’s case “sensationalist” and arguin g of ficials are cherry-picking documents. Though CEO Mark Zuckerberg is no longer named as a defendant, he sat for a deposition and court filings reference him. A different legal strategy New Mexico prosecutors say they are not holding Meta responsible for what users post. Instead, they point to the company’s algorithms, claiming these systems spread material that hooks kids and causes harm. This approach might get aroun d le gal shields that typically protect social media companies. Section 230, a part of the Communications Decency Act, has historically prevented tech firms from being held liable for user-posted content. The undercover work involved creating multiple accounts for supposed children aged 14 and under. Investigators watched as various advances, then monitored what Meta did when alerted. Torrez has pushed Meta to use better age verification systems and kick bad actors off the platform. He also wants changes to algorithms that can deliver harmful content and has criticized privacy encryption that makes it harder to monitor conversations with minors. In a related move, Torrez filed felony criminal charges against three men in 2024 for electronically soliciting children. Meta released a statement sayin g la wsuits across the country wrongly blame social media for teen mental health problems. The company highlighted new account settings and safety tools, including features that give teenagers more information about who they are chatting with. Goldman note d Me ta is throwing massive resources into courtroom fights this year. “If they lose this,” he said, “it becomes another beachhead that might erode their basic business.” More than 40 states have filed similar lawsuits More than 40 state attorneys general have sued Meta with claims the company harms young people and fuels a youth mental health crisis by intentionally creating features that get children addicted to its platforms. Most of these lawsuit s la nded in federal court. A separate trial is happening this week in California. That case in Los Angeles County Superior Court involves personal injury claims and could shape how thousands of similar lawsuits proceed. A 19-year-old woman claim s ea rly social media use got her hooked on technology and made her depression and suicidal thoughts worse. The case initially included Meta’s Instagram, Google’s YouTube, TikTok and Snapchat, though TikTok and Snap Inc. settled. New Mexico also sued Snap Inc., allegin g it s platform enables child exploitation. Snap says i t bu ilt safety protections and “deliberate design choices to make it difficult for strangers to discover minors.” A jury drawn from Santa Fe County residents will decide if Meta engaged in unfair business practices and to what degree. However, a judge will make the final call on civil penalties and other consequences. Under the state’s Unfair Practices Act, penaltie s re ach $5,000 per violation, thoug h ho w violations will be counted. “The reason the damage potential is so great here is because of how Facebook works,” said Mollie McGraw, a plaintiff’s attorney based in Las Cruces. “Meta keeps track of everyone who sees a post. …The damages here could be significant. “ Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.

1 Feb 2026, 09:14

Step Finance Hack: $30M SOL Stolen, STEP Token Crashes 90%

Step Finance suffers $27-30M SOL treasury breach on Solana. Attackers stole 261,854 SOL from wallets. STEP token drops 80-90%. Investigation underway amid DeFi security concerns. The post Step Finance Hack: $30M SOL Stolen, STEP Token Crashes 90% appeared first on CryptoCoin.News .

1 Feb 2026, 08:39

Step Finance Hack: $27M SOL Stolen, STEP Crashes 93%

Step Finance treasury hacked for 261K SOL ($27M). STEP token crashes 93% to $0.001578. CertiK verifies onchain theft. SOL at $105.22 (-9.11%), RSI oversold. Remediation underway; user funds unclear...

1 Feb 2026, 08:29

$30M Stolen as Step Finance Treasury Wallets Compromised

Step Finance, a major Solana DeFi platform, confirmed multiple treasury and fee wallets were compromised by a sophisticated attacker during Asian Pacific trading hours, resulting in the theft of approximately 261,854 SOL tokens worth roughly $30 million. The breach sent shockwaves through the Solana ecosystem as blockchain security firm CertiK flagged that the stolen SOL “ has been withdrawn after stake authorization had been transferred ” to an unknown wallet address. The incident triggered immediate market panic, with the platform’s native STEP token plummeting over 90% within 24 hours. Source: CoinGecko While the team insists user funds remained unaffected, questions swirl over whether the breach represents a genuine security failure or a disguised exit scam, particularly given that the attacker appeared to have direct wallet access rather than exploiting smart contract vulnerabilities. Earlier today several of our treasury wallets were compromised by a sophisticated actor during APAC hours. This was an attack facilitated through a well known attack vector. Immediate remediation steps have been taken, and we are working closely with top security professionals.… — Step (@StepFinance_) January 31, 2026 Emergency Response and Damage Control Step Finance disclosed the security breach through a series of urgent social media posts, stating “ several of our treasury and fee wallets were compromised by a sophisticated actor ” and confirming the attack leveraged “ a well known attack vector. “ The platform immediately activated emergency protocols and reached out to cybersecurity firms for assistance. Solana media firm Solana Floor reported that on-chain data showed the stolen 261,854 SOL was “ unstaked and moved during the incident ,” suggesting the attacker had obtained authorization to control staking operations. The team emphasized it had “ notified the relevant authorities ” and implemented immediate remediation steps while working with top security professionals around the clock. We are contacting Cybersecurity firms to assist. Any firms who can assist feel free to slide into DMs https://t.co/uNN5l6TYVL — Step (@StepFinance_) January 31, 2026 Ripple Effects Across Linked Protocols The breach extended beyond Step Finance’s own operations, impacting connected platforms including Remora Markets. The protocol disclosed that as “ majority LP, Step Finance experienced a hack of treasury wallets earlier today ” with some affected assets including Remora rStocks. Remora assured users that despite the incident, “ Remora assets remain held 1:1 in our brokerage account ” while constructing a process for handling redemptions. The market’s swift verdict on Step Finance came through brutal price action, with the STEP token losing most of its value as traders fled amid uncertainty about the platform’s future viability and the legitimacy of the breach. Remora Markets majority LP, Step Finance experienced a hack of treasury wallets earlier today. Some of the assets involved in the incident are Remora rStocks. An investigation is currently underway. Remora assets remain held 1:1 in our brokerage account. A process for handling… — Remora Markets (@RemoraMarkets) January 31, 2026 January’s Relentless Wave of DeFi Exploits The Step Finance hack marks the latest in what security firms describe as a devastating month for cryptocurrency security. According to CertiK’s comprehensive January 2026 security report , “ combining all the incidents in January, we’ve confirmed ~$370.3M lost to exploits ” across multiple attack vectors. Major January incidents included Truebit’s $26.6 million smart contract exploit , SwapNet’s $13.3 million breach affecting Matcha Meta users, Saga’s $6.2 million exploit that forced the Layer-1 protocol to pause its SagaEVM chain, and Makina Finance’s $4.2 million loss through flash loan manipulation. CertiK’s analysis revealed that phishing incidents accounted for $311.3 million of January’s losses, while code vulnerability attacks totaled $51.5 million. #CertiKStatsAlert Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits. ~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam. More details below pic.twitter.com/uXhi0P6dl5 — CertiK Alert (@CertiKAlert) January 31, 2026 Notably, the Step Finance breach continues a troubling pattern affecting Solana-based protocols. Swiss crypto platform SwissBorg lost $41.5 million worth of SOL tokens in September 2025 after hackers compromised partner API provider Kiln, while South Korea’s Upbit exchange suffered a $36 million Solana exploit in November 2025, exactly six years after its 2019 hack attributed to North Korean actors. Beyond individual protocol failures, January also witnessed the largest single crypto theft of 2026, when a victim lost over $282 million in Bitcoin and Litecoin through a hardware wallet social engineering scam, as blockchain investigator ZachXBT described it, surpassing the previous record of $243 million set in August 2024. The attacker “ immediately began converting the stolen assets into Monero through multiple instant exchanges, ” obscuring the trail across multiple blockchain networks. CertiK’s data shows that despite these massive losses, less than 2-5% has been recovered so far , as investigations into many cases have only recently begun. Even government-held crypto assets came under scrutiny, as the US Marshals Service confirmed it is investigating a possible hack of federal digital-asset accounts. Patrick Witt, executive director of the President’s Council of Advisors for Digital Assets, acknowledged that the government seizure addresses were among the wallets from which hackers stole more than $60 million in late 2025. The post $30M Stolen as Step Finance Treasury Wallets Compromised appeared first on Cryptonews .

31 Jan 2026, 20:45

Step Finance loses around $30 million in SOL after attackers compromised several treasury wallets

Step Finance, a Solana-based DeFi platform that handles portfolio management, analytics, and dashboards for the ecosystem, has suffered a serious security breach that saw the attackers get away with millions. It is not uncommon for treasuries in the DeFi sector to get attacked on Solana or other chains; however, the scale on which this one happened has once again reignited debates about security practices for project-held funds. Step Finance was hacked According to the Step Finance team on X, several of its treasury and fee wallets were compromised in the attack, which saw the attackers unstake and transfer about 261,854 SOL to unknown addresses. At the time of the incident, the price of all that Solana amounted to roughly $30 million in value. The team claimed in their X post that an investigation is underway, and some hours later, they reached out to cybersecurity firms for assistance, encouraging affected users or anyone with means to help to contact them. The phrasing from the post makes it seem the incident was a targeted compromise of the protocol’s treasury wallets rather than a smart contract exploit that affected user funds directly. Since the attack, Defillama shows Step Finance’s TVL at zero. Step Finance’s TVL is at zero since the hack. Source: Defillama While the situation is still developing, the market has already reacted to the news. According to data from Coingecko, the native $STEP token has dropped by about 84% at the time of this writing, with prices hovering around $0.4241. Recent attacks have targeted admin vulnerabilities Attacks on DeFi protocols on Solana are nothing new, but the recent attacks all seem to have common vectors like treasury wallet compromise, private key leaks, access control flaws, and smart contract exploits. The Step Finance exploit follows the pattern of operational compromise as its treasury was the target rather than user funds. Some other notable and recent DeFi-related hacks with similar vectors include the CrediX protocol exploit , the Loopscale exploit, and the Upbit Solana-related hack. The CrediX incident saw the protocol lose $4.5 million in a breach where attackers gained control of an administrator’s wallet. The case mirrors Step Finance’s current predicament closely, as it also did not involve direct user funds. However, many hope things will end differently than they did with CrediX because it was a disaster. The team had promised refunds within a day or two of the exploit, claiming it had entered a parley with the hacker. However, rather than follow through on that, the team went off the grid, deleting their X and taking down the website, which triggered allegations of a rugpull. The Loopscale incident also had a similar attack vector, losing over $5 million not long after launch due to an exploit, although it ultimately reached a parley with the hacker, settling for a 10% bounty agreement. The most high-profile attack was the Upbit Solana-related hack , which occurred in November 2025 and resulted in the South Korean exchange losing over $35 million from a hot wallet. The incident was linked to insufficient access controls on withdrawals, and it affected assets in the Solana ecosystem, echoing risks associated with treasury and hot wallets. Sharpen your strategy with mentorship + daily ideas - 30 days free access to our trading program