hodler

2 Mar 2026, 13:30

If You Hold XRP, Then You Should See This Message From A Developer

An on-chain developer has announced that a new wave of deceptive non-fungible token (NFT) scams is sweeping across the XRP Ledger (XRPL) , putting wallet holders on high alert. The attacks, which rely entirely on human error, have prompted growing concern within the XRP community about the threat of social engineering in the crypto space. Developer Sounds Alarm On New XRP Scam XRP wallet holders are facing new sophisticated scam attempts as fraudsters flood the XRP Ledger with fake NFT passes designed to trick users into surrendering control of their funds. Wietse Wind , the developer behind the Xaman wallet and a prominent figure in the XRP community, has sounded the alarm on X, urging members to stay vigilant. Wind made it clear that neither he nor his team is distributing passes or NFTs of any kind. He warned that anything claiming otherwise is the work of bad actors. Notably, the new scam tactic relies on social engineering. Fraudsters send unsolicited NFTs to Xaman wallet owners and then wait for victims to engage with an offer tied to those assets. When a user willingly accepts or signs the transaction, they may unknowingly hand over something of value in exchange for a worthless or malicious token. Wind described the mechanic plainly, likening it to a situation where someone presents a bad deal, and the victim voluntarily accepts it, walking away with something useless. Security observers have warned that the attacks are not the result of any hack, technical breach, or flaw in the XRP Ledger itself. Instead, the entire scheme depends on one moment of human error. They caution that a random NFT appearing in a wallet should be treated as a red flag and strongly advise users not to engage, sign, or click anything related to unexpected tokens. Wind confirmed that changes at the NFT code level alone would not fully resolve the scam problem since the vulnerability lies in user behavior rather than the underlying technology. For now, the safest course of action is to cancel any unsolicited offers immediately and spread awareness throughout the XRP community . How To Cancel Scam Offers Wind has offered guidance to affected users on how to protect themselves. He directed wallet holders to navigate to the ‘Events’ and ‘Requests’ sections to locate the suspicious offer, then hit the ‘Cancel’ button. While the developer reassured the community that simply ignoring the offer without any interaction would also prevent loss of funds, he has nonetheless strongly urged users to take the extra steps of canceling any suspicious offers outright. Meanwhile, on the ground level, members of the XRP community have begun sharing their own encounters with the new scam. A blockchain enthusiast on X, going by the name Crypto Analytics, revealed that he personally received one of the fraudulent offers via his Bithomp wallet. He noted that the team at XRPL Labs had flagged the NFT offers as fraudulent on the wallet, giving users additional warning when they encounter the malicious scams .

2 Mar 2026, 05:47

February Crypto Hack Losses Lowest: 26.5M$

February crypto hack losses fell to 26.5M$, the lowest level. YieldBlox and IoTeX the biggest events. BTC market correction was effective. Phishing still a threat. Technical: BTC 66,747$, downtrend.

1 Mar 2026, 07:41

Crypto losses from hacks fall to lowest level since March 2025

February 2026 ended with the lowest recorded figure in monthly losses from cryptocurrency scams since March 2025 at $37.7 million, despite address poisoning scams on the rise. The cryptocurrency sector frequently suffers attacks from bad actors targeting liquidity-rich environments with social engineering and phishing tactics, but despite these sophisticated threats, February 2026 has formally ended with the lowest monthly losses to cyberattacks and exploits in nearly a year. February’s $37.7 million loss was notably less than other months as there were no big incidents to drive up the total. Top crypto exploits in February 2026 February’s $37.7 million loss was spread across several notable incidents. The largest confirmed exploit involved the SOF token, which lost $10.5 million. This was followed closely by the IoTeX bridge hack , which security analysts at Halborn and PeckShield explained involved a private key compromise of the ioTube cross-chain bridge, leading to a loss of approximately $8.9 million. The IoTeX founders initially estimated the loss to be lower, around $2 million, but on-chain data confirmed a larger theft across multiple assets, including USDC and WBTC. Also in February, Foom , Ploutos, and CrossCurve lost $2.2 million, $2.1 million and $1.4 million, respectively. Phishing incidents alone accounted for roughly $8.5 million of the monthly total. Losses are down, frequency is up In 2025, the monthly averages of cryptocurrency losses were heavily affected by massive individual incidents, such as the Bybit hack in February 2025, which saw roughly $1.5 billion in Ethereum stolen by the North Korean-linked Lazarus Group. And so in 2026, without a recorded billion-dollar loss to drive up the totals, the underlying security of the DeFi and exchange ecosystems appears more stable, even as smaller, more targeted attacks continue to plague individual users. While the total dollar amount stolen has dropped, the frequency of address poisoning is reaching record highs. Cryptopolitan recently reported that a trader lost $600,000 on February 17, 2026, after falling victim to this exact tactic. In an address poisoning attack , a scammer monitors the blockchain for active wallets. Once they find a target, they send a tiny, zero-value transaction to that wallet using a “vanity address” generated to look almost identical to one the victim has recently used. Most crypto users verify addresses by checking only the first few and last few characters. Scammers use open-source tools like Profanity to create addresses where the first and last five characters match the victim’s regular contacts. Because many wallets abbreviate the middle of an address with an ellipsis (…), the fake address looks perfect at a glance. The attacker’s goal is to “poison” the victim’s transaction history so that the next time the user goes to copy their own address or a friend’s address for a transfer, they accidentally copy the scammer’s address instead. Security firms now estimate that over one million address poisoning attempts occur every day on the Ethereum network alone. Recent upgrades to the Ethereum network, such as the Fusaka upgrade in late 2025, have lowered transaction fees, making it significantly cheaper for attackers to spam thousands of wallets with these poisoned transactions. In December 2025, another trader lost $50 million in USDT after they copied a fake address from their history just minutes after sending a successful $50 test transaction. Experts target address poisoning vectors CZ, the former CEO of Binance, recently suggested that all crypto wallets should include a feature that automatically checks if a destination address is a known “poison address” and blocks the user from sending funds to it. Other developers are exploring pre-execution risk assessments, which simulate a transaction and show the user a clear, human-readable summary of where the money is going before they send it. For the average user, experts recommend saving frequent addresses in their wallet’s built-in address book rather than copying them from transaction history. Whitelisting should be enabled on exchanges so that funds will only be sent to pre-approved addresses. Users are also encouraged to verify every single character of an address or use Ethereum Name Service (ENS) names. Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.

28 Feb 2026, 23:45

The End of Step Finance: How a Wallet Compromise Killed the Solana DeFi Aggregator

Solana-based DeFi aggregator, Step Finance, along with two other affiliate projects, SolanaFloor and Remora Markets, announced plans to shut down all operations with immediate effect. The decision follows the aftermath of a major security incident earlier this year. Hack, Halt, Shutdown In a statement shared on X, the teams said the decision came after exploring multiple paths forward, including fundraising and acquisition discussions. However, none resulted in a viable solution after the hack that occurred in late January. The incident involved an estimated $30 million in assets being drained from Step Finance’s wallets on the Solana network. Subsequent disclosures indicated that the breach stemmed from compromised devices belonging to members of the project’s executive team. Access to these devices likely exposed private keys or enabled malware that interfered with internal transaction approval processes, which allowed attackers to initiate and approve malicious on-chain transactions. Once access was obtained, the attackers unstaked roughly 261,854 SOL and transferred the funds out of project-controlled wallets. This triggered an immediate market reaction that saw the STEP token fall by more than 80%. Following detection of the exploit, the team halted certain components of the platform to limit further damage and later reported that approximately $4.7 million in Remora-related assets and other holdings were recovered. As part of the shutdown process, Step Finance said it is working on a buyback program for STEP token holders based on a snapshot taken prior to the incident, while Remora Markets is preparing a redemption process for rToken holders. Over 200 Hack Incidents in 2025 The hack involving Step Finance ranked among the most expensive DeFi incidents in January 2026, amidst a broader rise in crypto-related losses over the past year. According to data from blockchain security firm PeckShield, scams and hacks drained more than $4.04 billion from users and platforms in 2025, which is an increase of almost 34% compared to 2024. Of that total, $2.67 billion was attributed to hacks, while $1.37 billion originated from scams, as scam-related losses rose about 64% year-on-year. PeckShield found a pivot from purely technical exploits toward targeted social engineering, often aimed at centralized entities and high-value individuals, thereby resulting in higher losses per incident. More than 200 hack cases were recorded during the year, excluding scams. February stood out as the costliest month, driven by a $1.51 billion breach at Bybit. The post The End of Step Finance: How a Wallet Compromise Killed the Solana DeFi Aggregator appeared first on CryptoPotato .

28 Feb 2026, 23:01

Mark Karpelès Proposes Bitcoin Hard Fork to Recover 79,956 BTC Stolen From Mt Gox

Mark Karpelès has proposed a Bitcoin hard fork to recover nearly 80,000 BTC tied to the 2011 Mt Gox hack — and the idea was swiftly shut down on Bitcoin Core’s Github as spam. Karpelès Seeks Consensus Rule Change to Unlock Dormant 2011 Mt Gox Coins Mark Karpelès, former CEO of the now-defunct Mt Gox,

28 Feb 2026, 16:41

Mt Gox Ex CEO Proposes Bitcoin Hard Fork to Recover $5.2B BTC

The former chief executive of Mt. Gox, Mark Karpelès, has proposed a Bitcoin hard fork to recover nearly $5.2 billion in stolen funds. The plan targets about 79,956 BTC linked to the exchange’s 2011 hack. The proposal has reopened debate about Bitcoin’s core rules and governance. Source: Mempool Mark Karpelès published the draft on GitHub on February 27, 2026. He asked the Bitcoin community to consider a one-time consensus change. The change would allow the locked coins to move without the original private key. Mt Gox Ex-CEO Proposal Targets 2011 Hack Address The draft focuses on a single address known as 1Feex...sb6uF. That wallet received nearly 80,000 BTC after Mt. Gox suffered a system breach in June 2011. The coins have not moved for more than 15 years. Under current Bitcoin rules, only the holder of the private key can spend those funds. Karpelès proposed adding a special consensus rule for that address. The rule would allow spending the outputs using a signature from a designated recovery address. The draft states that the recovered funds would enter the existing court-supervised rehabilitation process. Creditors would then receive distributions under Japan’s civil rehabilitation framework. Karpelès described the draft as “an attempt to start a discussion” about an exceptional case. He also wrote that the change would apply only to that specific address. The rule would activate at a future block height if adopted by the network. Hard Fork Mechanics and Network Risks The proposal would require a coordinated hard fork. A hard fork changes consensus rules and makes previously invalid transactions valid. Node operators would need to upgrade before the activation block. The draft acknowledges the risk of a chain split. Some network participants may refuse to adopt the change. That outcome could create two competing versions of Bitcoin. Critics argue that altering ownership rules could weaken the network’s immutability. One forum user warned that special exceptions could invite similar requests after future hacks. Others questioned who would decide which cases qualify for protocol intervention. Karpelès responded that this case is unique. He noted that the coins have remained inactive for 15 years. He also said law enforcement and many community members recognize the funds as stolen Mt. Gox assets. Existing Mt Gox Repayments Continue The 79,956 BTC referenced in the proposal are not part of current creditor repayments. After the 2014 collapse, about 200,000 BTC were recovered. Those coins came under the control of trustee Nobuaki Kobayashi. Repayments began in mid-2024 under a court-approved plan. As of early 2026, the estate holds about 34,689 BTC in its wallets. As we reported, the trustee has extended the final repayment deadline to October 31, 2026. Past wallet movements have often preceded distribution rounds. In November 2025, the trustee moved more than 10,000 BTC between wallets. Analysts viewed that activity as internal preparation rather than market sales. Repayments occur through partner exchanges, including Kraken, Bitstamp, and BitGo. Creditors receive Bitcoin and Bitcoin Cash, and some also receive fiat in Japanese yen. Mt. Gox once handled around 70% of global Bitcoin trading. The exchange collapsed in 2014 after losing about 750,000 customer Bitcoin. More than a decade later, the case continues to shape debates around Bitcoin governance and recovery efforts.