CRYPTO ROAST

🤎 Stellar Blade: when a game for horny gamers becomes bait for crypto scams 🟠While fans were busy drooling over glossy photo mode shots of Eva, someone quietly hijacked their cozy shrine of digital eye candy. The official Stellar Blade X account suddenly started promoting “the biggest airdrop in gaming” — with a $10M promise, shady links, and the usual generous display of cheeks. 🟠The trick? Presentation. The scammers knew exactly who they were targeting: gamers with Twitch open on one screen and one hand free. The crypto posts were dripping with cleavage and latex — so you’d click before even reading. 🟠Classic playbook: the bio was changed, the links redirected to fake sites. The game’s director had to step in, saying Stellar Blade never launched a token — and that it’s all just bait for the overly excited. 🟠The good news? X flagged the profile for “inappropriate content.” The bad? 177,000 followers are still caught in the middle of a tug-of-war between Shift Up and crypto scammers. 😝 Make a game that looks like interactive OnlyFans — and don’t be surprised when scammers start fighting over the audience. ➡️CRYPTO ROAST

💵 From India, With Exploits 🟠While everyone was busy watching altcoins tank, Indian crypto exchange CoinDCX quietly lost $44 million in what they called a “sophisticated server breach.” Translation: someone found a way in and drained a liquidity-linked internal account. 🟠The good news? User funds are untouched. CEO Sumit Gupta claims the hack only affected a segregated operational wallet and that all losses will be absorbed by CoinDCX’s treasury. Clean PR move — but we’ve heard that line before. 🟠Of course, onchain investigator ZachXBT traced the attacker’s address: funded with 1 ETH via Tornado Cash, then used to bridge funds from Solana to Ethereum. You know the drill — Tornado, bridge, vanish. 🟠If this date rings a bell, it’s because exactly one year ago WazirX, another major Indian exchange, was hacked for $235 million. Apparently, July 16th is the Black Friday of Indian crypto security. 🟠This wasn’t a one-off: — Iran’s Nobitex lost $100M in a politically charged hack just weeks ago. — GMX V1 got drained for $40M — but got it back after paying a $5M white hat bounty. — Arcadia Finance? $3.5M gone via a smart contract exploit. 🇮🇳Bottom line? No matter how big or “segregated” your wallets are, if your infrastructure sleeps, someone’s coming for your coins. Cybercriminals are evolving — if your security stack isn’t evolving faster, you’re next. ➡️CRYPTO ROAST

🤘 Rugby, Rigs, and a $900K Rugpull 🟠When rugby didn’t pan out, Shane Donovan Moore pivoted to crypto. But instead of mining Bitcoin, he mined gullibility — raising $900K from 40+ investors for hardware that never existed. 🟠Through his company Quantum Donovan LLC, Moore promised 1% daily returns — the kind of too-good-to-be-true math that screams Ponzi. Spoiler: it was. Classic scheme — rob Peter to pay Paul, but with ASICs as the prop. 🟠Prosecutors say he used his “rugby connections” to pitch the scam, then spent the cash on high-end apartments, designer bags, and gadgets. No mining rigs. Just ego and electronics. 🟠After getting charged in March 2024, Moore finally got sentenced to 2.5 years in federal prison. The judge noted not just the financial loss, but the emotional wreckage left behind. 🟠Another week, another ex-something peddling Ponzi promises in the crypto world. This one just happened to tackle his victims financially instead of on the field. 🙏 Moral? If someone promises 1% a day, you’re not investing — you’re donating. ➡️CRYPTO ROAST

🅰️ $530M in Tether, Fake Docs, and Zero Oversight 🟠Meet Iurii Gugnin — Russian national, New York resident, and now the alleged mastermind behind a $530 million crypto laundromat. Through two companies, Evita Investments and Evita Pay, he quietly moved money for sanctioned Russian banks, using USDT like a magic eraser to scrub away inconvenient details. 🟠Gugnin positioned himself as a compliant crypto CEO. In reality, he submitted fake AML documents, doctored invoices to hide Russian origins, and used U.S. banks and crypto exchanges to funnel funds linked to entities like Sberbank and Rosatom. While others struggled with regulations, he just bypassed them entirely. 🟠The scale? Over half a billion dollars moved through U.S. infrastructure. The method? Stablecoins, fake Florida licenses, and PDFs bold enough to claim “no ties to sanctions.” He even got a real money transmitter license with that paperwork. No AML program. No SARs. No accountability. 🟠At some point, he realized the walls might be closing in — and started googling “am I being investigated?” and “money laundering penalties.” Not the best move when federal agents are watching your browser history. 🟠Now he’s facing 22 charges — from wire fraud to money laundering — and could get decades in prison if convicted. Authorities say he helped Russian clients acquire U.S. export-controlled tech and funneled cash from blacklisted banks through Tether without raising alarms. 🟠This isn’t just one bad actor. It’s a case study in how stablecoins and regulatory blind spots can be exploited at scale. While regulators debate definitions, crypto’s darker use cases are already several moves ahead. 🏃‍♂️The lesson? Compliance theater might work for a while — until your entire act is subpoenaed. ➡️CRYPTO ROAST

😈 BigONE hacked for $27M — and they probably can’t recover 🟠Crypto exchange BigONE has been hit with a $27 million exploit after a third-party attack compromised their hot wallet infrastructure. Suspicious outflows triggered alarms, but by then, the damage was done. 🟠The stolen stash includes 120 BTC, 350 ETH, millions in USDT across multiple chains, and other tokens like SHIB and CELR. BigONE brought in SlowMist to trace the attacker’s wallets, but history tells us: once it’s gone, it’s gone. 🟠The exchange claims private keys are safe and vows to fully compensate users. But unlike Binance or Bybit, BigONE doesn’t have billion-dollar reserves or insurance. Covering a $27M loss out-of-pocket? Highly unlikely. 🟠According to Cyvers, the attack likely originated via compromised CI/CD pipelines or server management, allowing hackers to bypass risk checks, drain funds, and consolidate everything into a single laundering wallet. 🟠The funds were swapped into WETH and funneled through fresh addresses — classic laundering prep. Cyvers also flagged multiple security flaws: poor code integrity checks, single-point wallet vulnerabilities, and weak server segmentation. 🟠Withdrawals are frozen, PR statements are flowing, and users are expected to stay calm. But with reserves likely too thin to cover the hole, many may be stuck waiting for a miracle — or a buyout. 🎯 The BigONE exploit follows a $3.5M DeFi hack just a day earlier, pushing 2025’s total crypto losses past $2.47 billion. Centralized exchanges are starting to look less like custodians — and more like targets. ➡️CRYPTO ROAST

🔤 Abacus took your Bitcoin and vanished 🟠Classic dark market playbook: dominate the scene, rake in the cash, vanish without a trace. Abacus held over 70% of the Western darknet market, pulling in $6.3M a month — until one day, poof. No site, no mirror, no goodbye. 🟠Admin “Vito” insisted it was just DDoS and new users flooding the platform. Turns out, it was just the familiar scent of an exit scam. TRM Labs estimates up to $400M may have been siphoned in BTC and Monero. 🟠If you’ve been around the block, this isn’t new. First came ASAP, then Evolution, Agora… and now Abacus joins the Hall of Fade. Reputation builds the trap, greed triggers the escape. 🟠Some say law enforcement quietly seized it. Maybe. But more likely — the admins saw Archetyp get nuked, got spooked, and chose freedom over more millions. 💬💬 If your go-to marketplace suddenly becomes “too smooth,” it’s probably time to grab your coins and run. Before someone else does it for you. ➡️CRYPTO ROAST

💵 Ziglu: From $170M fintech darling to a $2.7M shortfall 🟠UK crypto platform Ziglu, once valued at $170 million and backed by a former Starling Bank co-founder, is now under special administration after a $2.7 million hole was discovered in customer funds. Around 4,000 users had their money frozen in Ziglu’s “Boost” product — a high-yield scheme promising up to 6% returns that was neither protected nor ring-fenced. 🟠The FCA stepped in after it became clear that customer deposits were used for daily operations and to plug cash flow gaps. Boost was essentially a yield product with no safety net — and when the tides turned, withdrawals were suspended and Ziglu collapsed. 🟠Court filings accuse directors of misusing customer funds before filing for administration. Of the $3.6M locked in Boost, most could be lost unless a last-minute rescue or acquisition emerges. 🟠This isn’t just a one-off failure — it’s a symptom of the UK’s regulatory limbo. While the EU moves forward with MiCA and the US progresses on the GENIUS Act, the UK’s FCA has yet to provide a clear timeline for crypto regulations. 📈 When someone promises “6% returns” with no risk — it’s not a yield, it’s a warning sign. Ziglu shows that even fintechs with banking pedigree can crumble in a regulatory vacuum. In crypto, promises mean nothing without protection. ➡️CRYPTO ROAST

🤎Love, Crypto & Laundering — the $36.9M Romance Scam that Led to Cambodia 🟠It starts with a “Hi” on a dating app. Flirty texts. A few late-night calls. Some crypto talk. Then — a link to a “trading platform” where “your money works for you.” But in this story, your money is gone, and you’re the pig in the pig butchering scheme. 🟠In 2025, five men from four countries — US, China, Spain, and Turkey — ran a polished romance scam that laundered $36.9M in crypto through shell companies and bank accounts. Victims were seduced into depositing funds into fake crypto platforms. From there, Axis Digital — a front company — converted the money into USDT, and routed it straight to wallets in Cambodia. 🟠This wasn’t petty fraud. This was organized crime wrapped in love bombing and fake dashboards. Victims thought they were gaining profits, but their deposits were being funneled through Tether to Telegram laundering rings with links to sanctioned entities. 🟠The DOJ stepped in, seizing $225M connected to similar scams. And they’re not done. Because the pig butchers are global now, and the knives are sharper — corporate fronts, banking loopholes, KYC-free domains, and AI-generated proof of “gains.” 👋 If someone on a dating app talks crypto — run. The modern romance scam isn’t a sad love story. It’s an international money laundering operation in disguise. And the next message that melts your heart might just be draining your wallet. ➡️CRYPTO ROAST

🅰️ “Amen to the rug” — Vatican token presale turns out to be divine-level scam 🟠Scammers launched a fake crypto project called Vatican Chamber Token (VCT), claiming it was backed by the Vatican Bank. The site offered “elite memberships” and exclusive access to a presale tied to a made-up institution — the Vatican Chamber of Trade. Real phone numbers, fake Wikipedia edits, and even a Coinbase wallet link. Holier-than-thou vibes with zero legitimacy. 🟠The Vatican officially denied any connection. The “Chamber” doesn’t exist. The whitepaper promised tokenized assets, investor intros, and €25 tokens backed by… absolutely nothing. Eligibility? Just show you’re a good person with a 6-figure business and some vague sense of “financial stewardship.” 🟠The token page linked to a Coinbase ENS subdomain — a free feature that doesn’t even require KYC. Translation: scammers used basic tools and some branding cosplay to dress up a rugpull in robes. 🙏 When a “holy token” promises wealth, credibility, and divine investment returns — remember: if God wanted you to 100x your ETH, He wouldn’t send you to a phishing site. ➡️CRYPTO ROAST

⚡️ $10M DeFi Disaster — stopped just in time 🟠Crypto researchers just defused a ticking time bomb. A stealth backdoor, hidden inside thousands of smart contracts, nearly let attackers drain over $10 million from DeFi protocols. It all hinged on one overlooked mistake: uninitialized ERC-1967 proxy contracts — a setup glitch that opened the door for hijacking. 🟠The attacker wasn’t your average rugpuller. They preloaded malicious code into contracts before projects even launched. Once the contracts were live, the exploit was undetectable — a ghost with the keys to every vault. It sat dormant for months, waiting for the perfect moment to strike. 🟠But a 36-hour rescue op led by Venn Network, Dedaub, Seal911 and others secured the bag — literally. They quietly traced the vulnerable contracts, moved the funds, and patched the holes before the attacker could act. According to researchers, this could’ve escalated fast and compromised a much larger portion of DeFi’s total value locked. 🟠Some believe Lazarus Group — yes, that Lazarus — may be behind the operation. Why? The sheer scale, sophistication, and patience. The backdoor was deployed across every major EVM chain, waiting for a high-value payday. It’s classic nation-state hacking behavior. 💭 This wasn’t just another DeFi bug. It was a surgical, scalable, months-long infiltration. And it nearly worked. If devs weren’t watching, $10M would’ve vanished without a trace. Welcome to DeFi in 2025 — where the biggest threats aren’t loud. They’re quiet, invisible, and already inside. ➡️CRYPTO ROAST

❓ $42M Vanishes From GMX 🟠GMX, the decentralized perp exchange on Arbitrum, just took a $42M punch to the gut. Early Wednesday, an unknown attacker exploited the GLP liquidity pool, siphoning millions in USDC, FRAX, WBTC, WETH, and more. Funds were funneled through ETH and parked into DAI—clean, quiet, and devastating. 🟠The hacker’s wallet now holds around $44M, according to Arkham. And GMX? They’re waving a white flag—offering a 10% bounty and promising no legal heat if the funds are returned within 48 hours. Classic DeFi diplomacy. 🟠GMX isn’t some back-alley protocol. It processes over $305B in volume and lets users trade with 100x leverage. But none of that helped when the code turned on them. 🙏 In DeFi, it’s not just the traders playing high-stakes. Sometimes, the protocol itself rolls the dice—and loses. ➡️CRYPTO ROAST

🔤 “Elon sent me a Cybertruck” — and took my $10,000 🟠72-year-old Richard Lyons from Chicago thought he was talking to Elon Musk. Profile photo? Check. Voice messages with Musk’s voice? Also check. The scammer even promised to send him a Cybertruck. Everything looked like a golden ticket to crypto wealth. Weeks later — $10,000 in crypto gone and a fake investment site that showed his “profits” growing to $50,000. 🟠The setup followed a classic formula: a fake profile, investment pitches, a fake platform showing rising profits, and then — poof — total radio silence. The calls used a spoofed number showing “Elon Musk” as the caller ID, and the voice memos were generated using AI voice cloning. 🟠According to the FBI, $6 billion was stolen in 2024 through similar celebrity, financial expert, and romance-based crypto scams — and that’s just the reported cases. 🟠The more convincing the con, the more likely you are to fall for it. Crypto isn’t the problem — it’s the perfect tool: anonymous, fast, irreversible. 🚗 Bottom line: If a billionaire slides into your DMs with a get-rich offer, take a breath. The real Elon Musk isn’t asking you for crypto. And if he is, it won’t be through an AI voice note. In the age of deepfakes and AI, you’re not an investor. You’re the target. ➡️CRYPTO ROAST

⚡️$400M in crypto, frozen by the feds 🟠While influencers were shilling meme coins, the U.S. Secret Service quietly built one of the largest cold wallets in the world — stuffed with nearly $400 million in seized crypto. 🟠Behind the scenes, their Global Investigative Operations Center (GIOC) was tracking fraudsters through blockchain traces, whois data, and — yes — VPN slipups. One mistake, and the whole scam unraveled. 🟠These weren’t elite hackers. We’re talking pig butchering romance scams, sextortion cases, fake trading platforms — the same old tricks. But victims were sending millions. In one case, a teenager got extorted for $300… which led to $4.1M in traced crypto under a Nigerian passport. 🟠Some of the seized funds were laundered through unsuspecting teens, shady residency programs, or OTC desks. But the result was the same: the blockchain doesn’t lie. And when it does talk, the Secret Service is listening. 🟠The scale? Insane. In 2024 alone, $9.3B was lost to crypto scams in the U.S. — over half of all internet crime losses. 💥 Lesson? The next time someone messages you with “just click this link,” remember: the feds are watching. And they’ve got a $400M cold wallet to prove it. ➡️CRYPTO ROAST

🔤$140M stolen from Brazil’s central bank partner — all it took was a login 🟠C&M Software, the firm linking Brazil’s central bank with commercial banks, just got wiped. Six institutions lost a combined $140M after a C&M employee reportedly sold his login for $2,700. 🟠That tiny bribe unlocked reserve accounts. The hackers moved fast: $30–$40M were flipped into BTC, ETH, and USDT — then laundered via Latin American OTC desks. ZachXBT confirms the trail. 🟠The breach shows how fragile centralized finance really is. One login = total access. One employee = systemic failure. 🟠The rise of AI makes it even easier: tools for phishing, password cracking, social engineering — all automated now. Centralized systems? They’re sitting ducks with targets painted on their back. 🟠Web2 architecture keeps getting breached. Meanwhile, ZK tech and decentralized rails don’t offer hackers the same ROI. No honey pot, no jackpot. 💣 This wasn’t just a breach — it was a $140M reminder that centralization is the attack vector. ➡️CRYPTO ROAST

➕ Thought you were downloading a Solana trading bot? Turns out, the bot was trading your seed phrase 🟠A slick-looking GitHub repo popped up, claiming to be a Solana pump-farming bot. Stars? Forks? Open source? Looked legit — until users started losing their funds. 🟠Behind the scenes, it was just obfuscated malware. Once installed, it scanned your files for wallet credentials — seed phrases, private keys, anything it could find — and quietly uploaded them to a hacker-controlled server. 🟠The trick? The malware came from a shady dependency, one that had already been pulled from the official NPM registry. But the fake bot downloaded it from a different GitHub repo — no red flags, no questions asked. 🟠Turns out, the attacker ran multiple GitHub accounts, cloning legit projects and sneaking malware into them. Stars and forks were artificially boosted to appear trustworthy — but the payload was pure theft. 🟠Security firm SlowMist cracked the case after a victim reported missing tokens. They found not just one repo, but an entire campaign — multiple fake bots, fake libraries, and a strategy built to fool non-tech crypto users. 🔐 If you’re not a dev, don’t download random “open-source” bots from GitHub. That’s not a yield farm — it’s a credential harvest. In crypto, anything that feels like a shortcut… is probably a scam. ➡️CRYPTO ROAST

😈 North Korea goes Nim: Mac users are no longer safe 🟠Forget the myth that Macs are immune. North Korean hackers just dropped a new malware strain — built in the obscure Nim language — targeting crypto wallets on macOS. It’s fast, silent, and deeply invasive. 🟠The attack starts with a friendly Telegram message. A fake “Zoom call” via a Google Meet link. Then — boom — a bogus update file installs “NimDoor,” a backdoor that quietly steals your wallet info, browser passwords, and even Telegram keys. 🟠Nim is the real game-changer here: cross-platform, fast, and almost invisible to most antivirus tools. This isn’t a sloppy script kiddie op — it’s a full-spectrum, state-backed cyberweapon disguised as a Zoom update. 🟠Even worse, the malware delays activation by 10 minutes to avoid detection. It waits, watches, and then exfiltrates everything. 🟠Security pros say this is just the beginning. The same exploit bypasses Apple’s memory protections, logs keystrokes, and digs into browser extensions like a pro. From BlueNoroff to CryptoBot, DPRK’s arsenal is getting leaner, meaner, and cross-platform. ⚠️ Mac ≠ Safe anymore. Especially if you’re in crypto. Trust no one on Telegram, double-check every download, and assume any “update” could be the start of a breach. ➡️CRYPTO ROAST

🅰️ Welcome to 2025 — where the real hacks target your brain, not your wallet. 🟠Forget contract exploits. The most dangerous crypto attacks today are pure psychological warfare. Social engineering is the new zero-day — and it’s working flawlessly. SlowMist’s Q2 report shows it: no technical breakthroughs, just disturbingly clever manipulation. 🟠Browser extensions like “Osiris” masquerade as security plugins, but silently swap your legit downloads with malware. You think you’re installing Zoom or Notion? Nope — you’re handing over your keys, one .zip at a time. 🟠Meanwhile, TikTok “giveaways” send tampered cold wallets right to your door. One poor holder loaded in $6.5M and lost everything. Others got urgent calls: “Your wallet is compromised — transfer everything here now.” Clean. Simple. Brutal. 🟠Even revoker tools aren’t safe. Attackers cloned Revoke.cash down to the pixel. Just one mistake — pasting your private key into that interface — and boom: full drain. The site looked perfect. The language? Urgent. The trap? Flawless. 🟠They’re also exploiting Ethereum’s latest EIP-7702 upgrade and hijacking WeChat accounts to push fake USDT deals from “friends.” The attack surface isn’t just your wallet — it’s your entire digital behavior. 🟠These aren’t technical hacks. They’re human hacks. Attackers don’t need your protocol — they need your panic, your trust, your split-second bad decision. 💥 We’ve entered the mind-hack era. And the next exploit? It’ll look just like help. ➡️CRYPTO ROAST

🔤 $31M in Bitcoin — a freedom gift or a shadowy salute? 🟠Just days after Ross Ulbricht walked free thanks to Trump’s pardon, his old wallet suddenly received 300 BTC. No note. No signature. Just a casual $31,000,000. And the crypto world lost its mind: Where did it come from? 🟠Some claimed it was his long-lost Silk Road stash. Others whispered it was a darknet tribute. But while Twitter speculated, ZachXBT did what he does best — he followed the money. 🟠The trail ran through Jambler — a mixing service for people who really don’t want to be found. Two dusty addresses from 2014 and 2019 came alive, dumped millions into the mixer, and vanished… right before the Ulbricht drop. 🟠Then came the bombshell: Chainalysis linked the source to AlphaBay, the post-Silk Road darknet empire. Their guess? This wasn’t Ulbricht’s cash. It likely came from a former AlphaBay vendor — a quiet tribute to the king. 🟠So no, it wasn’t a self-donation. It was a message. Ross isn’t just a man — he’s a myth. And in the dark corners of crypto, myths don’t die. They get funded. 💥 Once again, ZachXBT proves it: blockchains never forget. Mixers, shell wallets, years of silence — none of it matters when someone has the time, tools, and talent to tear through the fog. ➡️CRYPTO ROAST

⚡️ UPD: Nobitex tries to rise — but the damage is done 🟠After the $100M hack, code leak, and asset incineration, Nobitex is crawling back online. Withdrawals reopen June 30 — but only for verified users. Trading? Deposits? “Soon.” Timelines vague. Confidence? Shattered. 🟠Users are warned not to use old wallet addresses — they’re now black holes. One wrong move and your funds vanish. The infrastructure’s been migrated, but trust hasn’t. 🟠Iranian authorities have slapped time restrictions on local crypto platforms — only allowed to operate from 10am to 8pm. That’s not cybersecurity. That’s curfew for chaos. 🟠And Gonjeshke Darande? Silent. But their ghost still lingers in the exposed backend, the leaked IPs, the cold wallet logic now floating on the dark web. This wasn’t just a takedown — it was a permanent red flag. 🔽 Nobitex may be flickering back to life. But make no mistake: the lights are still off in the trust department. ➡️CRYPTO ROAST

☠️ Crypto ‘CEO’ gets 8 years for promising fake riches 🟠Dwayne Golden wasn’t a trader. He wasn’t even a half-decent scammer. Just another guy in a blazer pitching “guaranteed returns” from crypto firms like EmpowerCoin, ECoinPlus, and Jet-Coin — all smoke, no blockchain. 🟠What really happened? No trading. No real services. Just your classic Ponzi: take from Peter, give to Paul, pocket the rest. And when it all crumbled? He shredded evidence and lied to investigators. Bold move, Dwayne. 🟠The result? 97 months in prison and a $2.46M forfeiture. His partners? One’s already locked up. The others are waiting for their turn with the judge. 🟠The DOJ called it an “elaborate scheme rooted in deceit.” We call it what it is: another clown thinking a crypto logo and some buzzwords can outsmart law enforcement. 🧠 Moral of the story? If someone promises you guaranteed profits from a “new tech opportunity,” you’re not an investor — you’re a target. ➡️CRYPTO ROAST