- Cold Storage
- Posts
- Crypto Crime This Week: $1.9 B Mixer Bust, $2.15 M Heist & Punycode Pitfall
Crypto Crime This Week: $1.9 B Mixer Bust, $2.15 M Heist & Punycode Pitfall
Charles Brooks
May 12, 2025
TL;DR (Because you’re busy and your MetaMask is probably open)
Mobius token smart contract on BNB Chain gets hacked for $2.15M.
German cops shut down crypto mixer eXch—allegedly the hacker’s laundromat for $1.9B+ in dirty money. $38M seized, story ain’t over.
Google Chrome “helped” one user lose $20K to a sneaky browser scam. Never trust autocomplete.
Lido hack shakes investor confidence - but leaves holder wallets uneffected.
Mobius Hacked for $2.15M: Another Smart Contract, Another Splat
🚨ALERT🚨
Our system has detected an exploit on Mobius Token smart contracts, draining over $2.15M in Mobius Token ($MBU) on BNB Chain.Two minutes prior to the exploit, our system identified a deployment of a malicious smart contract, that eventually targeted the Mobius Token
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts)
8:56 AM • May 11, 2025
Mobius ($MBU) on BNB Chain just joined the DeFi hack hall of shame. A mystery attacker spun up a malicious contract two minutes before pulling the rug—draining 28.5 million tokens, swapping ‘em for stables, and vaporizing the loot via Tornado Cash.
Cyvers Alerts caught the action, but so far, Mobius is mum. April alone saw almost $360 million lost across 18 hacks. Moral: DeFi’s got more holes than Swiss cheese, and hackers are making fondue.
Germany Goes Full John Wick on Crypto Mixer eXch—$1.9 Billion Washed, $38M Seized
German law enforcement just took down eXch, the crypto mixer that’s basically been a spin cycle for hackers since 2014. They grabbed $38 million in crypto, scooped up 8 terabytes of data, and say eXch helped launder massive hauls from the Bybit ($1.5B) and Multisig ($1.4B) hacks. Oh—and the exchange never bothered with anti-money-laundering or KYC basics.
This is Germany’s third-biggest crypto seizure ever, and Dutch investigators are still out there hunting anyone who used eXch to clean up stolen coins. Even the dark web’s got nothing on this Netflix-worthy sting.
Google Chrome Just “Suggested” a $20,000 Scam. Thanks?
Picture this: you’re typing in a crypto exchange, Chrome fills it out for you, and—bam—you’re on a perfect replica that’s actually a trap. Welcome to Punycode phishing, where URLs look right but your wallet gets wrecked. One user lost $20K after trusting a browser suggestion and landing on a fake ChangeNOW.
Regulators still haven’t called out this scam, which means it’s open season. Always, always check that URL. Your browser’s not as smart as you think.
Lido: “Only” $4K Lost in Hack Scare—But It Could’ve Been Worse
⚠️ Emergency Lido DAO vote announcement: rotate single Lido Oracle related to compromised Chorus One oracle private key.
Stakers are not affected. The protocol remains secure and fully operational. The oracle system is robust by design, with a 5/9 quorum, and all other
— Lido (@LidoFinance)
11:54 AM • May 11, 2025
Ethereum staking juggernaut Lido dodged a major bullet this week. A compromised validator key (thanks, Chorus One) let hackers siphon off just 1.46 ETH ($4,200). No user funds were touched, and Lido’s DAO hustled to swap out the bad key and lock things down.
Lesson? Old keys are like old milk: they go bad, and when they do, things get funky. Even the biggest DeFi names have to stay paranoid.
Stay sharp. If you spot a scam, got a wild crypto story, or just want to vent about another rug pull, hit reply. We read every word (and meme).
Forward this to a friend who still thinks browser suggestions are safe. Seriously.
Until next time,
The Crypto Asset Recovery Team