CRYPTO ROAST

🤘 Another DeFi casualty: Resupply exploited for $9.6M 🟠The stablecoin protocol ResupplyFi just took a heavy hit — losing nearly $9.6M in a classic price manipulation exploit. The vulnerability? A flaw in their ResupplyPair contract tied to synthetic stablecoin cvcrvUSD. 🟠Here’s what happened: the attacker inflated the share price in Resupply’s wstUSR market, using that artificial valuation to borrow $10M reUSD with minimal collateral. The funds were then washed through Tornado Cash, swapped to ETH, and split between two wallets. 🟠Blockchain security firm Cyvers broke down the attack, highlighting failures in oracle checks, input validation, and edge-case testing. Essentially, all the usual DeFi landmines — still unfixed. 🟠Resupply has paused the affected contracts and promised a full post-mortem “soon.” But as usual, the damage is done. Another protocol, another lesson ignored. 🔍 In 2025 alone, crypto exploits have already racked up $2.1B+ in losses — and the year’s only halfway through. Until protocols start treating security as infrastructure (not an afterthought), this won’t be the last. ➡️CRYPTO ROAST

🤎 Romance meets rug: Widow loses $282K through Bitcoin ATMs 🟠In Australia, a 77-year-old widow was scammed out of her entire life savings — $282,000 — by a fake online boyfriend who lured her into feeding cash into Bitcoin ATMs. Over 18 months, she became “an expert” at the machines, unaware she was being bled dry by a classic pig butchering scheme. 🟠The scammer, posing as a Belgian investor, showed her fake gains and coached her through her first BTC transaction. She once carried over $13,000 in cash just to convert it into crypto for him. The cruelest part? Telling her daughter that 40 years of savings were gone. 🟠This story came to light during an Australian federal crackdown on crypto ATM abuse. Police contacted over 90 individuals, mostly victims — not criminals. Another woman in her 70s lost $200K to a fake trading firm ad. 🟠Crypto ATMs, once billed as freedom tech, are now weaponized by scammers offering fake love, fake jobs, fake profits. And victims are too ashamed or manipulated to admit they were conned. 🚨 The warning is clear: if someone asks for crypto, especially via ATM — it’s almost certainly a scam. And if there’s urgency, pressure, or romance in the mix? Run. ➡️CRYPTO ROAST

☠️ SparkKitty: New malware hunting your seed phrase screenshots 🟠Kaspersky has identified a new threat targeting crypto users: malware called SparkKitty, silently stealing images from iOS and Android devices — especially those containing seed phrases from crypto wallets. 🟠This malware hides in seemingly innocent apps — like a crypto price tracker named “币coin” and a fake exchange messenger “SOEX” — found on the App Store and Google Play. Once installed, it sweeps your entire gallery, scanning for sensitive data. 🟠The apps were downloaded over 10,000 times before being removed. But SparkKitty is still spreading through gambling apps, adult games and fake TikTok clones, mostly targeting users in Southeast Asia and China. 🟠It’s the “dumber” cousin of SparkCat — but no less dangerous. It doesn’t even filter: all photos get stolen. Your notes, ID cards, passwords, seed phrases — if it’s in your gallery, it’s compromised. 🟠If you’ve ever taken a screenshot of your seed phrase, delete it now. And don’t trust any app with a crypto logo unless you’ve verified it independently. 👁 Malware doesn’t need to be smart to hurt you. It just needs your bad habits. ➡️CRYPTO ROAST

🔤 UPD: Huione’s ghost gave birth to 30 new darknet markets 🟠The takedown of Huione Guarantee didn’t kill the beast — it multiplied. According to Elliptic, over 30 Telegram-based markets sprang up in the vacuum, with Tudou Guarantee becoming the biggest winner. It doubled its user base since May and now processes as much crypto as Huione did before the purge. 🟠What’s more chilling? Huione reportedly owns 30% of Tudou Guarantee. So while regulators celebrated Huione’s “shutdown,” its successor scaled using the same playbook — and possibly the same backers. 🟠Vendors didn’t go silent either. They migrated instantly, offering stolen data, laundering services, and full scam kits — everything Huione offered, just under a new name. Telegram remains their hub, untouched and open. 🟠Elliptic says Huione’s escrow activity is now nearly zero — but Huione Pay, the brick-and-mortar laundering arm, is thriving. So yes, Huione’s shadow economy lives on, just routed through Tudou and other clones. 💭 You can’t kill what you don’t dismantle. Huione didn’t disappear — it decentralized. ➡️CRYPTO ROAST

☠️ Hacken got hacked — and the irony writes itself 🟠The HAI token just nuked -99% in a matter of hours. A hacker got access to a minting key, printed $250K worth of tokens out of thin air, and instantly dumped them across DEXs. The price collapsed from $0.015 to $0.000056. 🟠The breach? Hacken says it came from a compromised private key linked to its bridge infrastructure — ironically, changes meant to prevent such risks. The minting rights were revoked, but the attacker still walked away with a quarter million. 🟠CEO Dyma Budorin called it a reputational disaster — even though the core business remains unaffected. Still, all tokens bought after the hack will not be supported in future tokenomics. And yes, the bridge is now paused. 🟠The twist? Hacken will use this chaos to pivot HAI into a regulated security token, tied to equity in the company. Call it damage control — or forced evolution. 🐍 The bigger story? Even blockchain security firms aren’t immune to Web3’s most basic flaw: private key management. And when the key leaks, so does the trust. ➡️CRYPTO ROAST

⚡️ CoinMarketCap Exposed: Malicious Wallet Popup Removed — but Questions Remain 🟠A phishing popup on CoinMarketCap urged users to “Verify Wallet” — prompting ERC-20 token approvals. It wasn’t just sketchy. It was dangerous. 🟠The CMC team confirmed the malicious code was identified and removed, but the investigation is still ongoing. Users were told not to connect wallets under any circumstance. 🟠MetaMask and Phantom acted fast. Both flagged the site, with Phantom straight-up warning users it was “unsafe to use.” 🟠This isn’t CMC’s first data breach. Back in 2021, over 3.1 million emails were leaked. Now, in 2025, it’s clear: even the biggest crypto data platforms can become attack vectors. ⚠️ Lesson? If a popup asks you to “verify your wallet” — especially on a price tracker — it’s almost certainly a trap. Stay paranoid. Stay safe. ➡️CRYPTO ROAST

😈 Bitcoin hit $110K — because of one fake tweet 🟠At 00:53 GMT, the verified X account of Paraguay’s President posted: “Bitcoin is now legal tender.” It even included a $5M reserve announcement and a staking wallet. It looked official — but it wasn’t. 🟠Minutes later, the government confirmed: the president’s account was hacked. The tweet? Deleted. The wallet? Empty. But the damage was already done — BTC spiked 4% to $110,450 in one of the sharpest intraday moves of the quarter. 🟠Why did it work? Because in crypto, news = liquidity. Trading bots scanned keywords like “legal tender” and “Bitcoin reserve,” and the algo-buying frenzy followed. Altcoins followed suit — ETH +7%, SOL +5%, ADA +6%. 🟠And while the tweet was fake, the rally wasn’t just hype: bullish macro signs were already there. The CLARITY Act passed in the U.S., Gemini and Coinbase are close to MiCA approval, and U.S.-China trade talks were adding fuel. 🟠But this is a warning: the market still reacts like it’s 2021. One tweet — even a fake one — can pump billions into Bitcoin in seconds. And if you're late to verify, you’re just exit liquidity. 🔒 Trust, but verify — especially when it’s a president posting in English about Bitcoin with a random wallet link. ➡️CRYPTO ROAST

🔤 Nobitex nuked — $100M gone, source code leaked, and no one’s safe 🟠Pro-Israel hacker group Gonjeshke Darande has escalated one of the most politically charged crypto hacks in recent memory. After draining $100M from Iran’s largest exchange Nobitex, they just leaked the full source code — backend, blockchain scripts, server configs, everything. 🟠The group says the attack wasn’t about profit, but about crippling a regime tool used to bypass sanctions. $90M was burned, not laundered. “Time’s up,” they wrote on X. “Assets left in Nobitex are now entirely out in the open.” 🟠And it’s not just code. The leak included cold wallet scripts, internal security settings, and IPs. With this intel, Nobitex is now wide open to copycats, reentrants, and opportunists — especially during a time when Iranian infrastructure is under digital siege. 🟠The hack coincided with renewed Israel-Iran missile strikes. Now Iran’s central bank is curfing crypto exchanges, restricting hours and limiting operations. Nobitex promises a return “within 5 days,” but users aren’t holding their breath. 🟠The only sliver of hope? Tether might reissue $55M in USDT. But the rest? Vaporized. 💥 This wasn’t a rug. It was a digital airstrike. And the message is clear: when crypto platforms become geopolitical tools — they become targets. ➡️CRYPTO ROAST

💵 UPD: Polyhedra points fingers — Wintermute, KOGE, and “liquidity attacks” 🟠Polyhedra’s latest statement reads like a game of hot potato. The devs now claim the 83% crash was caused by a “coordinated liquidity attack” on PancakeSwap’s ZKJ/KOGE pool — followed by massive sell-offs. One of the wallets? Allegedly Wintermute, with over 3.3M ZKJ deposited into CEXes right as the plunge hit. 🟠But it gets better. Co-founder Tiancheng Xie basically said: “KOGE rugged us.” In response, a KOGE-linked Binance Square account clapped back: “After blaming Wintermute and KOGE, what’s left? Just your worthless air project.” Brutal. 🟠So who’s lying? Who’s dumping? Who’s playing 4D chess with retail liquidity? One thing’s clear — this isn’t just a “bug in the system.” This is war in the trenches of low-liquidity DeFi, and retail is the cannon fodder. 🧠 The only real “zero knowledge” here? How little anyone still trusts ZKJ. ➡️CRYPTO ROAST

🎸 $6.9M lost to a “discount” cold wallet from TikTok — and it took just hours 🟠A crypto user thought he scored a deal buying a “factory sealed” cold wallet through Douyin (China’s TikTok). What he got was a pre-compromised trap. Private key backdoored at creation. Entire portfolio — gone in hours. 🟠According to SlowMist, the funds were laundered through Huione, a known hub of illicit activity: darknet markets, fake exchanges, and now — your stolen ETH too. The wallet? A trojan, beautifully packaged, discounted, and poisoned from the inside. 🟠The victim’s friend — a former Bitmain team member — called the wallet a “hot trap.” The crypto? “Washed away” in record time. And no, the funds aren’t coming back. Not with Huione involved. 🟠SlowMist’s CISO put it bluntly: “You’re not saving money — you’re throwing your life away.” Wallets that are $50 cheaper on third-party shops often come with a hidden tax: your entire bag. 🧊 In crypto, cheap often means compromised. If you trust your life savings to an unverified wallet off a social app, you’re not being thrifty — you’re gambling. And the house always wins. ➡️CRYPTO ROAST

💵 ZKJ just pulled a vertical rug — and the floor’s still falling 🟠Polyhedra’s ZKJ token crashed 83% in hours, nuking nearly $500M in market cap. The trigger? A wave of “abnormal on-chain transactions” on the ZKJ/KOGE pair. Binance confirmed: whales pulled liquidity, causing a liquidation cascade. 🟠It started with a sharp drop from $1.92 to $0.76 in 90 minutes. A brief dead cat bounce to $1.41 — then straight down again. At the time of writing, it’s barely hovering at $0.31. 🟠Accusations are flying. Some blame a recent token unlock. Others suspect internal foul play. But for now, Polyhedra says only: “We’re investigating.” No real answers. No warnings. No brakes. 🟠Binance has already reacted — changing Alpha Points rules to block future wash-trade-style abuse between Alpha tokens like ZKJ and KOGE. A post-mortem is promised. But for holders, the damage is done. 🐻 In a market built on trust, ZKJ just burned through theirs in 9 hours flat. Whether it was a whale dump, a coordinated exploit, or just flawed tokenomics — the result is the same: if you’re holding the bag, you’re holding it alone. ➡️CRYPTO ROAST

😈 One guy. One laptop. $800K crypto scam operation exposed. 🟠While governments stall, a lone YouTuber named Mrwn just did what law enforcement couldn’t — he infiltrated, monitored, and wrecked a full-blown crypto scam syndicate in Cebu, Philippines. 🟠For over a year, Mrwn watched a call center in Skyrise building running “Quantum AI” and “Bitcoin Code” investment scams. Targeting victims in South Africa, Nigeria, and the Gulf, they promised 30–40% weekly returns — and walked away with $800,000+ a year. 🟠The scam? Professionally scripted calls. Emotional manipulation. Card data stored in plain text. Crypto payments funneled through shady exchanges like Coins.ph and Netcoin. Front company: BMJ Data Processing Services. Real name, fake everything. 🟠Mrwn hacked their CCTV. Accessed internal chats. Tracked them across relocations. And when the time was right? He posed as their boss on Telegram, dropped live screenshots into their group chat — and confronted their manager Antonio via laptop mic. 🟠The result? Panic. Scrambling. A fully operational fraud floor gone dark overnight. 🟠The government? Silent — until the video went viral. Now DICT promises an “official investigation”. We’ve heard that before. But for now, it’s clear: in crypto crime, sometimes it takes a vigilante to move the needle. 💭 Crypto is borderless. So is justice — if you’ve got guts and internet access. The next time you get a call offering 40% ROI weekly, remember: There’s probably a scammer sweating behind a webcam in Cebu. ➡️CRYPTO ROAST

💵 Huione didn’t die — it scaled 🟠Despite Telegram purges and FinCEN sanctions, the darknet giant Huione is still running — and running hot. 🟠Chainalysis confirms what many suspected: Huione’s shutdown was surface-level. Behind the scenes, it’s processing billions in crypto, with volume increasing after the U.S. crackdown. No slowdown. No dent. Just a domain change and business as usual. 🟠Since 2021, Huione has funneled over $81B — eclipsing Hydra’s $5B total. Its VIP vendor network remains live. Even its exchange — same logo, new URL — is back online. Telegram channels? Still active. 🟠Huione is more than a darknet shop. It’s a cybercrime supernode — laundering for Lazarus, running pig butchering ops, and orchestrating massive fraud schemes with military-grade resilience. 🙏 This isn’t just another takedown fail — it’s a blueprint for future-proof criminal infrastructure. Until regulators target the architecture, not the front, Huione and its clones will keep thriving in the shadows. ➡️CRYPTO ROAST

🔤 UPD: They pleaded not guilty 🟠The crypto dungeon in SoHo? Yeah — two of the guys behind it just said they did nothing wrong. 🟠John Woeltz and William Duplessie appeared in Manhattan court this week and pleaded not guilty to kidnapping and torturing Michael Teofrasto Carturan — despite witness reports of weeks of beatings, electric shocks, and attempts to extract his seed phrase. 🟠The judge ordered them held without bail. If convicted, they’re facing life in prison. Meanwhile, two NYPD officers allegedly linked to the kidnapping have been quietly reassigned — no charges yet. 🟠This isn’t a random outlier — it’s escalation. And the legal system is only now catching up to what the crypto underworld already knows: People aren’t phishing wallets anymore — they’re taking them by force. 💭 Multisig doesn’t help when you’re chained to a radiator. The only real cold storage now? Staying off the radar entirely. ➡️CRYPTO ROAST

⚡️ Librarian Ghouls: mining crypto on Russian hardware — without asking 🟠The hacker crew Librarian Ghouls (aka Rare Werewolf) has been quietly hijacking Russian, Belarusian, and Kazakhstani machines since December 2024 — turning them into full-on stealth mining rigs from 1 AM to 5 AM while users are fast asleep. 🟠Classic bait: phishing emails disguised as invoices or government docs. One click, and boom — malware disables Windows Defender, scans your RAM, CPU, GPU… and sets up a miner tailored to your rig. 🟠Once active, it pings the mining pool every 60 seconds like clockwork. Meanwhile, your PC’s burning wattage and you think it’s just “lag.” 🟠The kicker? Everything’s in Russian — filenames, decoy docs, email content. No doubt who’s being targeted. And it’s working. 🟠Kaspersky suspects these aren’t just cybercrooks — but hacktivists. Why? They’re using clean, third-party tools instead of sketchy binaries — a common move for groups with ideological motives and a desire to stay under the radar. 📖 Bottom line: you might not own crypto, but you’re mining it anyway — just not for yourself. ➡️CRYPTO ROAST

🔤 Hasbulla’s BULLA: Same rug, new carpet 🟠Thought the presale meta was dead? Hasbulla just punched through the floor. His new token BULLA launched on BNB Chain and raked in $12.5M in under 24 hours — but it wasn’t all retail. Dataminers say the team funneled money from BARSIK (his last rug) to fake the hype. 🟠Classic play: Inject insider funds, spike liquidity, flex charts, bait the masses. If it smells like a pump, walks like a rug… 🟠ZachXBT didn’t hold back: “Nobody should be sending funds here. You already did this with BARSIK.” That token dropped 99.2% after insiders grabbed 62% of the supply. 🟠BULLA tokenomics? 20% to Hasbulla, 20% to “reserves,” 15% for “early investors.” The rest scattered between “devs,” “partners,” and “community.” It’s Safemoon vibes with a UFC hoodie. 🟠Sure, they’ve got a Telegram mini-game and vague talk about airdrops. But beyond the marketing suit — the skeleton looks all too familiar. 🐂 Celebrity meme coins aren’t about community. They’re about exit liquidity. And if you think “this time’s different” — just look at BARSIK’s chart before you ape. ➡️CRYPTO ROAST

🅰️ How $123M was laundered through a ‘legit’ Aussie cash transit company 🟠A routine-looking security company in Australia turned out to be a front for a massive crypto laundering network. Authorities uncovered $123 million flowing through armored trucks, classic car dealerships, fake promo firms — and straight into crypto exchanges. 🟠It took 18 months of investigation, 70 law enforcement agents, and some serious on-chain forensics to expose the scheme. One suspect alone washed $9.5M in just over a year. 🟠The scam was elegantly dumb: mix legal business income with dirty cash, convert it to crypto, send it through mixers and DeFi bridges — and voilà. Money laundered, identities blurred, profits clean. 🟠Police froze over $13.6M in assets including 17 properties, luxury vehicles, and multiple bank accounts. The crypto side? Still being tracked — because yes, blockchains don’t lie. 🟠Blockchain intel firm Chainalysis reports over $100B moved from illicit wallets to conversion services since 2019. And that’s just the trackable part. 💡 The red flag? These aren’t basement hackers anymore. They’re using armored trucks, shell firms, and full-stack ops. Crime’s gone corporate — and crypto’s in the middle of it. ➡️CRYPTO ROAST

💵 Alex Protocol Exploited — Again: $8.3M Gone in Bitcoin DeFi Breach 🟠Bitcoin DeFi on Stacks just took a major hit. On June 6, Alex Protocol lost $8.3M after an attacker exploited a flaw in the self-listing logic. Pools were drained, tokens were siphoned — and no, this isn’t their first rodeo. 🟠The loot? Around 8.4M STX, 21.85 sBTC, 149,850 in USDC/USDT, and 2.8 WBTC. One of the biggest exploits in the Stacks ecosystem to date. 🟠The kicker? Alex was also hacked in May 2024 for $4.3M. That time it was blamed on North Korea’s Lazarus Group. This time? Silence, so far. But they promise a post-mortem. Eventually. 🟠Alex Lab says they’ll fully reimburse affected users with USDC — using treasury reserves and a structured claim process. So… let’s see how fast that goes. 🟠If your wallet got hit, you’ll receive an on-chain notice and claim form by June 8. Submit it by June 10. Payouts? “Within seven days” — assuming nothing else breaks. 🫰 Two hacks in one year. Both multi-million. At some point, you stop blaming bad luck and start asking: why are they still live? ➡️CRYPTO ROAST

☠️ BidenCash is over — but the darknet keeps printing 🟠145 domains. Millions of stolen credit cards. A name that screams shitpost. BidenCash wasn’t just another darknet market — it was a cybercriminal startup with real marketing. 🟠The U.S. has now seized its domains and crypto wallets after BidenCash gave away 3.3 million stolen cards for free to boost user numbers. Think of it as an airdrop — but for fraudsters. 🟠Launched in 2022, the site became home to 117,000 users and generated $17M+ in revenue. It pushed ID theft, hacked RDPs, card dumps — anything cybercrooks could turn into cash. The catch? It was so loud, it practically begged to get shut down. 🟠Now the FBI, Secret Service, and DOJ have pulled the plug. But don’t kid yourself: this isn’t a win, it’s a whack-a-mole. For every BidenCash, three Nemesis-style markets take its place. 🟠And while the U.S. hunts in the dark, Russian-speaking markets thrive with near zero risk of enforcement — a detail TRM Labs highlighted in their 2025 report. 💵 The darknet isn’t dying. It’s just decentralizing. And if you’re in crypto — your data’s still prime meat for the next dump. ➡️CRYPTO ROAST

🔤 UPD: Alleged Crypto Kidnapping Ringleader Caught — But Don’t Celebrate Yet 🟠Morocco just did what French police couldn’t for months: arrested 24-year-old Badiss Mohamed Amid Badjou, the alleged mastermind behind a series of crypto-related abductions in France. Caught with burner phones and blades — because of course. 🟠Authorities believe he orchestrated the May 13 daylight attack in Paris, where the CEO of Paymium’s daughter fought off armed thugs like a damn movie heroine. Now we know who may have sent the clowns — but the circus isn’t over. 🟠This is the third major crypto kidnapping case in France this year. Remember the Ledger co-founder who got snatched in January? Or the €7M ransom plot targeting another crypto entrepreneur’s father? The pattern’s clear: the sharks smell money, and they’ve upgraded from phishing to full-blown physical grabs. 🟠France is scrambling. They’re offering VIP emergency hotlines, security audits, even cop-approved OPSEC briefings. Because apparently, being in crypto today means securing your cold wallet and your kid’s kindergarten pickup. 🚨 Bottom line: Flex less. Move smarter. And never forget — in Web3, your private keys aren’t the only thing someone’s willing to beat out of you. ➡️CRYPTO ROAST