hodler

23 Jan 2026, 21:42

Crypto IPO boom grows as CertiK plans public listing

CertiK is now among crypto companies planning to go public. It’s seeking to be the first public web3 cybersecurity company. CertiK is aiming for a $2 billion valuation. The on-chain analytics firm supported by Binance, will launch an initial public offering (IPO), co-founder Ronghui Gu said. He added, “We still do not have a very concrete IPO plan. But this is definitely the goal we are pursuing.” Gu, an associate professor of computer science at Columbia University, told Acumen Media at Davos this week that this is clearly the goal they are aiming for. Going public is the next logical step, says CertiK chief Gu said in a statement that going public is the next logical step to grow CertiK’s products and technology. “We remain focused on strengthening the trust, security, and transparency that regulators, institutions, and users expect from the Web3 ecosystem,” said the co-founder of CertiK. Established in 2018, CertiK, located in New York, reviews blockchain smart contracts and collaborates with cryptocurrency companies to enhance product security. Gu stated the firm has served more than 5,000 clients and reviewed code protecting around $600 billion in assets. CertiK often secures substantial funding. Since its founding in 2018, the firm raised $296 million and reached a $2 billion valuation by early 2022. Among the investors are crypto exchange Binance, SoftBank Vision Fund 2, Tiger Global, Sequoia Capital, and Goldman Sachs. Binance is CertiK’s largest backer Gu stated that Binance was CertiK’s first and largest financial supporter, and the company has also secured funding from Coinbase and SoftBank Vision Fund 2. At the start of this month, CertiK formed a key alliance with YZi Labs, the family office of Binance founder Changpeng Zhao. Gu said in the interview that Binance recently made another multi-eight-figure investment in CertiK, becoming their largest investor. A surge in initial public offerings is taking place in the web3 space. CertiK announced this as more crypto companies plan to go public due to rising institutional investor interest. Circle, the issuer of USDC, raised $1 billion in its IPO last year. Investors were eager to join the growing stablecoin market. More IPOs from Bullish, Gemini, Galaxy Digital, Figure, and Exodus raised large amounts by meeting crypto demand. On Thursday, BitGo , a crypto custodian, began the year by securing $213 million in its IPO from investors. Kraken, Ledger, Consensys, and Aminoca Brands plan to launch public offerings later this year. The year 2026 appears poised for major success. Gu said many expect IPOs from web3 native firms, especially infrastructure ones like CertiK, which aims to be the first public Web3 cybersecurity company. CertiK tries to fix past operational mistakes CertiK aims for an IPO while striving to restore trust following multiple mistakes. The company faced criticism recently for auditing code tied to cybercriminals, mishandling a Kraken exchange exploit, and its X account being hacked. CertiK said a phishing attack on an employee led to the compromise of its X account. The company faced heavy criticism for admitting that its employees found and exploited a $3 million bug in the crypto exchange Kraken. CertiK said the event was a “whitehat” action meant to check Kraken’s security. In 2025, CertiK issued an apology for collaborating with a Cambodian marketplace connected to illegal activity. According to a Cryptopolitan report , the web3 firm was misled to audit the code of a stablecoin released by Huione Guarantee. The stablecoin, USDH, was created as a censorship-resistant alternative to Tether’s USDT. Huione Guarantee operates as a marketplace where cybercriminals launder stolen funds, trade hacking tools and personal data, and sell shock collars and stun batons linked to forced labor scams in Southeast Asia. Claim your free seat in an exclusive crypto trading community - limited to 1,000 members.

23 Jan 2026, 17:00

Hackers claim data breach at crypto tax app Waltio, exposing 50,000 users

Users of the Waltio app, used to calculate crypto capital gains and realized earnings, reported a hacker attack. A group reached out to claim a data leak, stealing the personal details of around 50,000 customers. The French app Waltio, used for crypto portfolio accounting, reported an attack by the hacker group ‘Shiny Hunters’. The hackers set a ransom demand for the company, claiming they hold the data of approximately 50,000 clients. Waltio has not commented on the hack on its social media profile . Most of the users of Waltio are French residents, reflecting the recent threat of exposing the identities of crypto holders. According to Le Parisien reports , up to 150,000 total users had Waltio accounts to calculate taxes owed on their crypto. France has become the venue of crypto kidnappings, after the leaking of sensitive information exposing holders . Hackers present proof of Waltio hack Waltio is relatively unknown to the general public, but it is one of the widely used performance trackers for crypto portfolios. The company also holds data for filing tax returns. As a result, the hacker group was able to present samples of the stolen personal data. Waltio has filed a legal complaint for attempted extortion. At the same time, the data is still in the hands of the hackers. For now, there is no information on the data leaking to a wider circle of potential exploiters. No crypto has been stolen, as Waltio itself only calculates and tracks portfolio value. According to Waltio, the hackers managed to steal email addresses and data about crypto balances for customers using the platform in 2024. The app team states that the hackers did not manage to steal banking, tax, or administrative data, partially protecting the user identities. Even stolen emails have been used in the past to spread crypto phishing scams. French authorities to investigate crypto attack The National Cyber Unit of the Gendarmerie will investigate the attack. Authorities have been concerned about crypto holders after the high-profile abduction of David Balland, founder of Ledger. In recent weeks, French police reports point to around ten home invasions and kidnappings across the country. Authorities are investigating other ways in which the addresses of the holders have been exposed, even without signs of outward wealth. Authorities are still investigating the potential link between the Waltio hack and recent attacks against crypto holders. Waltio is more widely used in European countries, and the effect may be regionally limited, making it even easier to target local holders. The attacks arrived just as Waltio saw increased demand, with the recent EU regulations on crypto reporting. Waltio aims to simplify reporting, but the EU proposal requires users to consolidate all their data, including information on all other platforms used. The DAC-8 proposal for detailed tax reporting may also mean even more vulnerable user data, as even idle holdings have to be reported. Claim your free seat in an exclusive crypto trading community - limited to 1,000 members.

22 Jan 2026, 19:30

South Korean prosecutors investigate loss of $48 million in seized Bitcoin

South Korean prosecutors lost approximately 70 billion won ($48 million) to a low-level phishing scam during a routine security check. Despite South Korea’s increased efforts to stop cryptocurrency scams, the country’s officials are investigating yet another theft and attempting to recover some of the stolen funds. South Korean prosecutors investigate loss of $48 million in seized Bitcoin The Gwangju District Prosecutor’s Office in South Korea lost a massive amount of seized digital assets, including Bitcoin, that the government had taken during recent criminal investigations. The exact number of lost Bitcoins has not been officially confirmed, but internal reports from within the prosecutor’s office suggest the value is around 70 billion won (approximately $48 million). The Gwangju District Prosecutor’s Office keeps seized cryptocurrency safe by storing private keys and passwords on mobile storage devices, such as USB drives. However, during a scheduled security check, an official accessed what is known as a “fake” or “scam” website while the USB device was in use. This allowed hackers or malicious software to steal the digital keys. Without these keys, the prosecutor’s office can no longer access the Bitcoin. The office has launched an internal investigation to find out exactly how the security breach happened and if any money can be recovered. South Korean authorities have been working hard to stop crypto scams since late 2025 and early 2026. In one instance, South Korean customs investigators broke up an international money laundering network on January 19 this year. That network had moved 148.9 billion won ($101.7 million) using cryptocurrency. Cryptopolitan recently reported that South Korea’s Crime Fund Tracking Team exposed an illegal operation that had been running for four years and was responsible for the illegal exchange of about $113 million. The Gwangju District Prosecutor’s Office is currently checking other seized assets to ensure no other funds have been compromised. For now, the $48 million in Bitcoin remains missing. What are South Korea’s crypto seizure laws? On December 11, 2025, the South Korean Supreme Court decided that Bitcoin held on centralized exchanges is “electronic property” with economic value. This means it can be legally seized under the Criminal Procedure Act, just like cash or physical property. Due to this ruling, the amount of cryptocurrency being seized by the government has grown rapidly. Reports from the Financial Supervisory Service show that cryptocurrency seizures increased by 40% throughout 2025. The South Korean government also recently lifted a nine-year ban that prevented corporations from investing in digital assets. Now, about 3,500 public companies can put up to 5% of their capital into the top 20 cryptocurrencies. The ban was only removed this January, but Bitplanet already got a head start when it started gathering Bitcoin in October 2025 through a regulatory loophole. The company has already accumulated over 265 BTC and is targeting a total of 10,000 BTC. Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free .

22 Jan 2026, 17:58

Makina recovers majority of funds from exploit as whitehat process returns 920 ETH

Makina confirmed the recovery of most funds linked to its January exploit, with 920 ETH out of the 1,299 ETH exploit amount.

22 Jan 2026, 10:41

Saga pauses SagaEVM after $7M exploit drains bridged assets

Saga, a Layer-1 blockchain protocol designed for high-throughput decentralized applications, has suspended its SagaEVM chainlet following a major security incident that resulted in the unauthorised transfer of approximately $7 million in bridged assets to Ethereum. The protocol confirmed the breach in a Jan. 21 announcement , stating that the exploit involved a carefully orchestrated series of contract deployments, cross-chain operations, and liquidity extractions. According to the project team, the decision to halt the Ethereum-compatible SagaEVM chain was taken “out of an abundance of caution,” freezing the chain at block height 6,593,800 while investigations continue. In the meantime, Saga has confirmed that the core infrastructure remains intact, noting there was “no consensus failure, validator compromise, or signer key leakage.” Further, its mainnet, Saga SSC, and other chainlets were not impacted, and protocol-level consensus continues to function without issue. The impact of the attack was immediately visible across the protocol’s ecosystem. Saga Dollar, the network’s flagship stablecoin pegged to the US dollar, lost its peg at approximately 10:16 pm UTC on Jan. 21, falling to a low of $0.75, according to CoinGecko. Meanwhile, the total value locked on the network also dropped sharply as network users started moving funds out. Data from DeFiLlama showed that TVL on Saga collapsed from over $37 million to just $16 million within 24 hours of the exploit. A coordinated attack While Saga has yet to publish an official post‑mortem, several community‑led theories have emerged around the exploit. One such assessment came from threat researcher Vladimir S, who suggested the attacker may have executed a multi‑step strategy involving IBC mechanisms and custom message payloads, potentially allowing Saga’s stablecoin to be minted without corresponding collateral. According to Vladimir, the exploit appeared to bypass bridge validation by abusing precompile logic, enabling the attacker to mint Saga Dollar ($D) “out of thin air.” Another theory came from a pseudonymous X user going by Spectre, who speculated that the attack may have been the result of a private key compromise. The incident also affected Saga’s Colt and Mustang environments, which were tied into the same cross-chain infrastructure. Post incident safeguards in play While full technical details are yet to be disclosed, an on-chain wallet, 0x2044697623afa31459642708c83f04ecef8c6ecb, has been identified as the destination of the stolen funds. Saga said it is working with exchanges and bridge operators to blacklist the address and prevent further movement of the assets. In the meantime, it has enacted several emergency safeguards, including restricting relevant cross-chain activities and reviewing execution traces and archive node data to fully understand the exploit’s scope. Engineers are now working to patch vulnerabilities and strengthen SagaEVM’s components before any potential restart. The chainlet will remain offline until the remediation process is completed and the team is confident that no further risk exists. No timeline has been provided for resuming operations. “We recognize that a pause is disruptive. We made this decision because the safety of our community comes first,” the team wrote in its latest status update. The Saga incident adds to a growing list of targeted attacks in the crypto space. Chainalysis estimates that total crypto hack-related losses reached $3.41 billion in 2025 . The post Saga pauses SagaEVM after $7M exploit drains bridged assets appeared first on Invezz

22 Jan 2026, 10:32

Vitalik Buterin Proposes Fix to Ethereum Staking — No More Single-Node Risk

Vitalik Buterin, the co-founder of Ethereum, has suggested the fundamental alteration to the staking system in the network to eliminate the dependency on one validator node. In a detailed post published Wednesday on the Ethereum Research forum, Buterin introduced the idea of “native distributed validator technology,” or native DVT. Source: ethresear.ch The idea would allow stakers to split validator responsibilities across multiple nodes directly at the protocol level rather than relying on complex external setups. Ethereum’s Staking Boom Brings New Security Questions The proposal comes as Ethereum staking reaches record scale with more than 36 million ETH now staked across nearly one million validators, with the total value of staked assets exceeding $118 billion. Source: ValidatorQueue . While this growth has reinforced Ethereum’s security, it has also amplified long-standing concerns around centralization, operational risk, and the technical barriers faced by solo stakers. For much of Ethereum’s proof-of-stake history , running a validator meant placing 32 ETH behind a single machine and a single private key. Any failure, from a power outage to a software bug or security breach, could result in inactivity penalties or slashing. These risks pushed many users toward large staking providers and liquid staking platforms, concentrating control of consensus among a relatively small group of operators and cloud providers. Buterin’s proposal directly targets that single-node risk, as under the proposed native DVT, a validator with a larger balance would be allowed to register multiple keys, up to a maximum of 16, and define a threshold for signing duties. Validator actions, such as block proposals or attestations, would only be considered valid if a minimum number of those keys signed off together. As long as more than two-thirds of the nodes behave honestly, the validator would continue operating normally without penalties. Buterin’s Native DVT Idea Targets Easier, Safer ETH Staking Unlike existing DVT solutions such as Obol or ssv.network, which rely on external tooling, networking layers, and the linear properties of BLS signatures, Buterin’s design would be embedded directly into Ethereum’s consensus rules. He argued this would dramatically simplify staking operations, reduce setup complexity, and remove dependencies that may not be compatible with future cryptographic upgrades . @VitalikButerin unveils "The Splurge," a bold plan to prepare Ethereum for a quantum future! #Ethereum #QuantumComputing https://t.co/vvRijeahpS — Cryptonews.com (@cryptonews) October 29, 2024 From a user perspective, Buterin described the experience as running multiple standard validator nodes with minimal configuration changes. Most of the added complexity would be limited to block production, where one node would act as a temporary leader and others would co-sign its output. The proposal is explicitly aimed at medium- to large-sized ETH holders , including institutions and individual “whales,” who currently face a choice between running fragile single-node setups or outsourcing control to staking providers. By making multi-node staking simpler, Buterin said native DVT could increase client diversity, improve measurable decentralization metrics, and encourage more self-custodial staking. Ethereum Developers Debate Practical Challenges of the DVT model The discussion quickly drew technical feedback from the community. Ethereum developer Alonmuroch raised questions around coordination during block production, the possibility of multiple proposers racing to collect signatures, and the need for protocol-level key rotation to handle compromised keys without forcing validators to exit and re-stake. Buterin largely agreed, noting that instant key changes should be feasible and that reducing operational headaches is central to the proposal’s motivation. The proposal also fits into a broader shift in Buterin’s recent public messaging. Earlier this month, he declared 2026 the year Ethereum would reclaim lost ground on self-sovereignty and trustlessness, calling for fewer compromises in favor of convenience. Days later, he warned that Ethereum risks becoming an “unwieldy mess” if developers continue layering complexity onto the protocol without deliberate simplification. The post Vitalik Buterin Proposes Fix to Ethereum Staking — No More Single-Node Risk appeared first on Cryptonews .