hodler

30 Jan 2026, 04:56

Helix had managed over 350000 BTC for customers

The U.S. Department of Justice (DOJ) has finalized the seizure of more than $400 million in cryptocurrencies and related assets tied to the now-defunct darknet cryptocurrency mixer Helix. Before the DOJ’s involvement, Helix worked to combine cryptocurrency from various users and pass it through numerous transactions to obscure its origin , destination, and ownership. Earlier, federal authorities had already seized control of assets belonging to Larry Dean Harmon, who managed Helix as it moved more than $300 million in crypto from 2014 to 2017. In August 2021, Harmon admitted to conspiring to launder money. He was sentenced in November 2024 to 36 months in prison, 3 years of supervised release, and the forfeiture of funds and property. Helix had managed over 350000 BTC for customers Court records show Helix was among the most widely used darknet mixers, especially popular with online drug sellers looking to clean their illegal earnings. The mixer handled close to 354,468 BTC on behalf of users, which at that time was about $300 million. Much of the digital currency was linked to illegal drug platforms on the darknet, and Harmon made money by taking a share of each transaction. Helix and Grams were built to connect with most darknet marketplaces, including the infamous AlphaBay, with Helix’s API making it easy for platforms to route withdrawals through the mixer. Investigators later traced large sums totaling tens of millions of dollars to the service. The Internal Revenue Service Criminal Investigation (IRS-CI) and Homeland Security Investigations (HSI) played a central role in cracking the case. Regarding the Helix asset forfeiture, a federal prosecutor specializing in cybercrime cases said the focus wasn’t solely on punishment but on dismantling the economic networks behind crime. He added, “The inclusion of real estate and traditional financial assets shows investigators are following the money wherever it goes.” The U.S. Treasury had earlier sanctioned Tornado Cash, but later removed the sanctions Earlier, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on Tornado Cash , a platform that has facilitated the movement of billions in virtual currency for illicit purposes. Over $455 million of the laundered total was stolen funds from the Lazarus Group, a North Korean state-backed hacking organization sanctioned by the U.S. The mixer also helped launder more than $96 million from the Harmony Bridge hack on June 24, 2022, and at least $7.8 million from the Nomad hack on August 2, 2022, according to the DOJ records. In 2025, however, the Treasury Department said it had lifted sanctions on Tornado Cash, after the Trump administration examined the unique legal and policy challenges involved. Treasury Secretary Scott Bessent noted, “Digital assets present enormous opportunities for innovation and value creation for the American people. Securing the digital asset industry from abuse by North Korea and other illicit actors is essential to establishing U.S. leadership and ensuring that the American people can benefit from financial innovation and inclusion.” At the time, some crypto executives welcomed the decision, including Coinbase CEO Brian Armstrong. He argued, “No one wants to see bad folks use crypto. But privacy is an important feature for many law-abiding citizens, and you can’t sanction open source code.” Claim your free seat in an exclusive crypto trading community - limited to 1,000 members.

30 Jan 2026, 03:57

Unclaimed Ethereum from The DAO hack to fund new security initiative: Griff Green

While The DAO has an “incredible” team that could build security projects themselves, they would rather focus on security distribution methods, says Griff Green.

29 Jan 2026, 22:35

Ethereum's Oldest Crisis Reborn as a $220 Million Security Fund

Unclaimed Ethereum from a decade-long hack will be staked and distributed to fund audits, tooling, and incident responses.

29 Jan 2026, 19:50

The DAO Returns: From Historic Hack to Ethereum’s New Defense Fund

The DAO, the infamous experiment that nearly broke Ethereum in 2016 and led to the creation of the Ethereum Classic fork, is quietly staging a return — this time as a $220 million security fund aimed at hardening the network it once imperiled. Nearly a decade after the original hack that forced a historic hard

29 Jan 2026, 17:45

Hackers are hijacking unprotected AI models to steal computing power

About 175,000 private servers are reportedly exposed to the public internet, giving hackers the opportunity to carry out their illicit activities. The problem was reported by the security researchers, SentinelOne and Censys, who tracked 7.23 million observations in over 300 days. Hackers exploit Ollama setting A recent report from SentinelOne and Censys found that over 175,000 private AI servers are accidentally exposed to the internet. These systems use Ollama, an open-source software that lets people run powerful AI models, like Meta’s Llama or Google’s Gemma , on their own computers instead of using a website like ChatGPT. By default, Ollama only talks to the computer it is installed on. However, a user can change the settings to make it easier to access remotely, which can accidentally expose the entire system to the public internet. They tracked 7.23 million observations over nearly 300 days and discovered that while many of these AI “hosts” are temporary, about 23,000 of them stay online almost all the time. These “always-on” systems are perfect targets for hackers because they provide free, powerful hardware that is not monitored by any big tech company. In the United States, about 18% of these exposed systems are in Virginia, likely due to the high density of data centers there. China has 30% of hosts located in Beijing. Surprisingly, 56% of all these exposed AI systems are running on home or residential internet connections. This is a major problem because hackers can use these home IP addresses to hide their identity. When a hacker sends a malicious message through someone’s home AI, it looks like it is coming from a regular person rather than a criminal botnet. How are criminals using these hijacked AI systems? According to Pillar Security, a new criminal network known as Operation Bizarre Bazaar is actively hunting for these exposed AI endpoints. They look for systems running on the default port 11434 that don’t require a password. Once they find one, they steal the “compute” and sell it to others who want to run AI tasks for cheap, like generating thousands of phishing emails or creating deepfake content. Between October 2025 and January 2026, the security firm GreyNoise recorded over 91,403 attack sessions targeting these AI setups. They found two main types of attacks. The first uses a technique called Server-Side Request Forgery (SSRF) to force the AI to connect to the hacker’s own servers. The second is a massive “scanning” campaign where hackers send thousands of simple questions to find out exactly which AI model is running and what it is capable of doing. About 48% of these systems are configured for “tool-calling.” This means the AI is allowed to interact with other software, search the web, or read files on the computer. If a hacker finds a system like this, they can use “prompt injection” to trick the AI. Instead of asking for a poem, they might tell the AI to “list all the API keys in the codebase” or “summarize the secret project files.” Since there is no human watching, the AI often obeys these commands. The Check Point 2026 Cyber Security Report shows that total cyber attacks increased by 70% between 2023 and 2025. In November 2025, Anthropic reported the first documented case of an AI-orchestrated cyber espionage campaign where a state-sponsored group used AI agents to perform 80% of a hack without human help. Several new vulnerabilities, like CVE-2025-1975 and CVE-2025-66959, were discovered just this month. They are flaws that allow hackers to crash an Ollama server by sending it a specially crafted model file. Because 72% of these hosts use the same specific file format called Q4_K_M, a single successful attack could take down thousands of systems at once. Claim your free seat in an exclusive crypto trading community - limited to 1,000 members.

29 Jan 2026, 16:10

Ethereum Security Fund: Vitalik Buterin’s $220M Masterstroke to Fortify Blockchain Defenses

BitcoinWorld Ethereum Security Fund: Vitalik Buterin’s $220M Masterstroke to Fortify Blockchain Defenses In a landmark move for blockchain infrastructure, the Ethereum Foundation has established a formidable $220 million security fund, a strategic initiative first reported by Unchained on March 15, 2025. This capital, sourced from unclaimed compensation linked to a historic 2016 hack, represents a significant reinvestment into the network’s long-term resilience. Consequently, this fund aims to systematically bolster the Ethereum ecosystem’s defenses against evolving digital threats. Anatomy of the $220 Million Ethereum Security Fund The newly announced Ethereum security fund originates from a unique and historically significant source. Specifically, the capital comprises unclaimed restitution funds from the 2016 DAO hack, a pivotal event in Ethereum’s early history. The Ethereum Foundation and its co-founder, Vitalik Buterin, have now repurposed these dormant assets. Their goal is to create a sustainable financial mechanism dedicated exclusively to security enhancements. This fund will operate with a dual-purpose strategy. Primarily, it will provide grants and financial support to developer teams and researchers focused on critical security projects. These projects may include smart contract auditing tools, formal verification research, and consensus-layer protection mechanisms. Additionally, a substantial portion of the $220 million will be strategically staked on the Ethereum network. This staking activity will generate yield, therefore creating a self-replenishing revenue stream to ensure the fund’s longevity and operational independence. Historical Context and the 2016 DAO Hack Understanding the origin of this capital requires revisiting a foundational crisis. In June 2016, a decentralized autonomous organization (The DAO) built on Ethereum was exploited, leading to the theft of approximately 3.6 million ETH. This event, valued at around $50 million at the time, threatened the very viability of the nascent Ethereum network. The community’s controversial decision to execute a hard fork, creating Ethereum (ETH) and Ethereum Classic (ETC), ultimately recovered the funds. A portion of these recovered assets was designated as compensation for affected investors. However, not all claimants came forward. These unclaimed funds have remained under the stewardship of the Ethereum Foundation for nearly a decade. The decision to allocate them to a security fund, therefore, closes a historical loop. It transforms a symbol of past vulnerability into a powerful tool for future prevention. Expert Analysis on Strategic Impact Industry analysts highlight the fund’s strategic timing and structure. “Proactive security investment is non-negotiable for a network handling hundreds of billions in value,” notes Dr. Aisha Chen, a blockchain security researcher at Stanford. “This fund moves beyond reactive bug bounties to proactive, grant-based ecosystem development. It’s a mature approach seen in traditional cybersecurity.” The staking component receives particular praise for its financial ingenuity. By allocating capital to staking, the fund leverages Ethereum’s proof-of-stake consensus to generate returns. This model reduces reliance on future donations and creates a perpetual motion machine for security funding. Comparatively, other blockchain ecosystems often rely on intermittent treasury grants or protocol fees, which can be less predictable. Operational Framework and Grant Allocation The Ethereum Foundation will manage the fund’s governance and disbursement processes. A transparent, committee-based approach will likely guide grant approvals, focusing on high-impact areas. Potential focus areas include: Core Protocol Security: Funding for teams auditing Ethereum’s consensus and execution clients. Smart Contract Fortification: Grants for developing advanced auditing languages and formal verification tools. Decentralized Application (dApp) Shields: Support for security frameworks that protect the broader application layer. Quantum Resistance Research: Long-term investment into cryptographic solutions for post-quantum threats. Educational Initiatives: Programs to train the next generation of blockchain security experts. This structured approach ensures resources target both immediate vulnerabilities and long-term, existential risks to the network. Comparative Landscape of Blockchain Security Funding The scale of the Ethereum security fund sets a new benchmark. To illustrate, the following table compares notable security initiatives across major blockchains: Blockchain Security Initiative Approx. Funding Primary Focus Ethereum Ethereum Security Fund (2025) $220 Million Grants & Staked Endowment Solana Solana Foundation Security Grants Ongoing Treasury Bug Bounties & Audits Polkadot Web3 Foundation Grants Tiered Grant System Parachain Security & Research Avalanche Blizzard Fund (Partial Allocation) $200M+ Ecosystem Fund Broad Ecosystem Growth As shown, Ethereum’s dedicated, capital-backed fund is distinct in its size and dedicated purpose. While other ecosystems have large treasury war chests, they often allocate funds across marketing, development, and security. The Ethereum security fund’s singular focus provides concentrated firepower. Potential Impacts on the Broader Cryptocurrency Ecosystem The establishment of this fund sends a powerful signal to the entire digital asset industry. First, it underscores the critical importance of institutional-grade security for mainstream adoption. Institutional investors consistently cite security and robustness as top concerns. A well-funded, permanent security initiative directly addresses these concerns. Second, it may catalyze a trend toward more formalized, endowed security efforts across other Layer 1 and Layer 2 networks. The model of using staking yields to fund core development and protection offers a sustainable blueprint. Finally, for developers, it creates a reliable funding source for high-value, non-commercial security research that might otherwise lack financial support. Conclusion The launch of the $220 million Ethereum security fund marks a pivotal evolution in blockchain governance. By repurposing historical assets, the Ethereum Foundation and Vitalik Buterin have created a sustainable engine for security innovation. This strategic move fortifies the network’s technical foundations against future threats. Ultimately, it reinforces Ethereum’s position as a leading, security-conscious platform poised for the next era of decentralized applications. The Ethereum security fund is not merely an allocation of capital; it is a long-term investment in the trust and reliability of the entire ecosystem. FAQs Q1: Where did the money for the Ethereum security fund come from? The $220 million originates from unclaimed compensation funds related to the 2016 DAO hack. These assets were recovered and held in stewardship, now being repurposed for security. Q2: How will the Ethereum security fund be used? The fund has two main uses: providing grants to projects that enhance Ethereum’s security (like audit tools and research) and staking a portion to generate yield for long-term sustainability. Q3: Who manages the Ethereum security fund? The Ethereum Foundation, in collaboration with its founder Vitalik Buterin, will govern the fund, including the process for evaluating and awarding grants to security-focused projects. Q4: How does this fund compare to other blockchain security efforts? Its scale and structure are unique. At $220 million, it’s one of the largest dedicated security endowments, and its staking-revenue model aims for self-sufficiency, unlike many grant programs reliant on treasury reserves. Q5: What does this mean for the average Ethereum user or investor? It signifies a major commitment to network safety and stability. A more secure underlying protocol reduces systemic risk, potentially increasing confidence for developers, institutions, and users interacting with the Ethereum ecosystem. This post Ethereum Security Fund: Vitalik Buterin’s $220M Masterstroke to Fortify Blockchain Defenses first appeared on BitcoinWorld .