⚠️ US vice president reveals the reason why com fraudsters rarely face consequences.

He claims the US government doesn’t prosecute fraud that’s under $1.5M a year.

In the clip he wasn’t talking about com fraud specifically, but it may hint at why com fraudsters rarely face consequences.

@FEDS

⚠️ zachxbt says Kraken user lost $18.2M in a suspected social engineering attack.

The stolen funds were bridged from eth to btc via THORChain.

Eth:

0xC55149BbD560435a9FbEabFdcF9711cf928acA21

Btc:

1D8f8956EEFLXN28AHfioEx4ywVbxCz8KN

@FEDS

⚠️Update: Hacker started cashing some of the $18M stolen funds from the Kraken user

7,784 eth + 26.5 btc were transferred to the HitBTC exchange platform that allows crypto withdrawals without KYC.

@FEDS

⚠️: Flash loan on LML’s reward settlement on BSC. $950K losses.

Attacker manipulated the LML/USDT price using loans and walked with $950k which was swapped to eth and deposited into TornadoCash to be laundered.

Attacker:

0x3c00b00007f11c84a6cf0bea4dff8de79be8fb51

@FEDS

⚠️ A key figure tied to the Chinese illicit-market network behind the $2.2M @danbao Telegram handle was reportedly arrested.

According to Reuters, after citing CCTV and Chinese security officials, he was identified as Li Xiong. Who’s is widely believed online to be the figure referred to as “Boss Xi” a lead in these illicit markets.

@FEDS

⚠️ UPDATE: Li Xiong also known as "Boss Xi" has been extradited to China

@FEDS

⚠️ DeFi platform Whalebit hit for $824K

Hackers artificially pumped token prices to trick the platform’s staking system, making their holdings look far more valuable and cashing out the difference.

Whalebit is also ran by a group previously indicted over a $340M ponzi scheme.

Attacker:

0x48880b3dD87638E5eA75905c3A150e8A3aa6CDA9

@FEDS

⚠️ Drift protocol has been exploited for $220M

The exact details behind the $220M exploit are still unclear.

Attacker:

7RoMqGAcU7S6ESAhPDvB9iSXvASUhuoE8u7dYRxGBew9

@FEDS

⚠️One of the Drift exploit victims who lost $250K begs hacker on-chain for just enough to live:

Drift exploit victim. Lost 250k+. No job. Need funds to survive. Not asking for all -- just enough to live. SOL 82ttFqiabDdZEASCVR8nngS4Fe5GULcL7qCtqDMrDhLb ETH 0x25c5E48a026064685f00358C196c23dd260a8f9f Please.”

Transaction link

@FEDS

⚠️ UPDATE: Further investigation has uncovered much more about the Drift exploit — the largest crypto theft of 2026.

What happened:
The protocol was upgraded last week without a timelock. The attacker allegedly gained admin access, disabled security protections, and drained the pool’s valuable assets.

The total stolen is now believed to exceed $280M, significantly higher than earlier estimates.

The attacker has already swapped the stolen assets into 129,066 ETH, currently held across these addresses:

0x0fe3b6908318b1f630daa5b31b49a15fc5f6b674
0xd3feed5da83d8e8c449d6cb96ff1eb06ed1cf6c7
0xaa843ed65c1f061f111b5289169731351c5e57c1

@FEDS

⚠️ Adobe has suffered a major breach after a social engineering attack

Threat actor gained access and deployed a rat on an employee device, controlling the system. And then worked his way through the systems till he got admin access.

Around 13M records were exposed. The attacker also exposed the Indian employee data

@FEDS

⚠️ ZachXBT Drops the Circle USDC Files: $420M+ in Stolen Funds Left Unfrozen for Hours, Days, and Months.

ZachXBT says Circle had a frontrow seat while $230M+ stolen USDC from the Drift exploit got bridged to eth over the period of 6 hours, and did nothing about it.

He also claims that over ten seven-figure incidents have occurred since 2022, with no action taken to address them.

@FEDS

⚠️ Silo Finance exploited for ~$392K after mispricing a token.

The platform mispriced a ~$0.12 token (wstUSR) at ~$1.13, giving users a free profit.

Someone abused this multiple times, bought the token on another platform, brought it to Silo and cashed out for more, leading to ~$392K drained.

Exploiter:
0x8170ca5522aee6875f9f2ed89f3322083af5da6e

@FEDS

⚠️ Drift protocol dropped an article on how the $280M+ attack was staged over 6 months!

Hackers posed as a trading firm, met the protocol team in person, spent 6 months building credibility through integrations and $1M+ in deposits, then used that trust to deliver malicious tools.

Once inside, they drained the protocol and cleaned the Telegram chats.

Full article link

@FEDS

⚠️ Crypto firms are now asking Asian workers to insult Kim Jong-un to sniff North Korean threat actors out.

In this case, a threat actor working for North Korea was told to say “Kim Jong un is a fat ugly pig” on video. Which he refused to, blowing his cover.

Recap: North Korea inked actors stole $2B in 2025 alone, pushing lifetime crypto theft to $6.75B, often by social engineering crypto projects.

@FEDS

⚠️ A popular sol liquidity DEX is asking users to withdraw funds after discovering a North Korean threat actor worked for them a year ago.

Posting Some picture of these north Korean threat actors in the reply section of this post.

@FEDS

⚠️ ZachXBT dropped an investigation on North Korea IT Workers - $1M Monthly Payment Operation

Leaked data from their internal payment server shows 390 accounts, chat logs, and crypto transactions.

Per Zachxbt, They chat on a simple site (luckyguys.site) with an easy password "123456" and move about $1 million each month through crypto and banks.

Post link

@FEDS