According to @PeckShieldAlert, Truebit Protocol has been exploited for approximately $26.5 million and the attacker transferred 8,500 ETH to addresses 0x2735...cE850a and 0xD12f...031a60; source: @PeckShieldAlert. TRU has dropped 100% following the incident, highlighting severe price impact for the token; source: @PeckShieldAlert. The same exploiter previously attacked Sparkle around 12 days earlier, obtaining 5 ETH and depositing it into TornadoCash; source: @PeckShieldAlert. The alert was posted on Jan 9, 2026, providing near real-time on-chain incident context for traders; source: @PeckShieldAlert.

According to @PeckShieldAlert, a UXLink exploiter-labeled address swapped 248 WBTC for 23 million DAI within the last hour. According to @PeckShieldAlert, this activity follows the Sept. 22 incident in which the attacker minted billions of unauthorized tokens and drained tens of millions in crypto assets. According to @PeckShieldAlert, the conversion highlights ongoing post-hack fund movement tied to UXLink-labeled addresses.

According to @PeckShieldAlert, wallets 0x1209...e9C and 0xaac6...508 were compromised via a private key leak, resulting in approximately 2.3M USDT in losses (source: @PeckShieldAlert). The attacker swapped the stolen USDT for 757.6 ETH and laundered the funds through Tornado Cash, reducing on-chain traceability and flagging related addresses for risk monitoring by traders (source: @PeckShieldAlert). The alert does not mention any USDT issuer freeze or recovery actions at the time of the report (source: @PeckShieldAlert). Traders should avoid interacting with the flagged addresses and note that mixer routing may complicate compliance screening and analytics across ETH pairs (source: @PeckShieldAlert).

According to @PeckShieldAlert, a whale’s multisig wallet was drained of approximately $27.3 million following a private key compromise (source: @PeckShieldAlert, Dec 18, 2025). According to @PeckShieldAlert, the drainer has laundered $12.6 million, equal to 4,100 ETH, via Tornado Cash (source: @PeckShieldAlert, Dec 18, 2025). According to @PeckShieldAlert, the drainer still holds around $2 million in liquid assets (source: @PeckShieldAlert, Dec 18, 2025). According to @PeckShieldAlert, the drainer also controls the victim’s multisig, which maintains a leveraged long position (source: @PeckShieldAlert, Dec 18, 2025).

According to @PeckShieldAlert on Dec 17, 2025, YearnFinanceV1 suffered an exploit with an estimated total loss of about $300,000. According to @PeckShieldAlert, the exploiter swapped the stolen funds into 103 ETH now held at address 0x0F21...4066. According to @PeckShieldAlert, the alert identifies the impacted environment as YearnFinance V1 and does not detail the attack vector.

According to @PeckShieldAlert, Goldfinch Finance user deltatiger.eth was attacked, resulting in an estimated ~$330K loss. Source: @PeckShieldAlert. The attacker has deposited 118 ETH of the stolen funds into Tornado Cash. Source: @PeckShieldAlert. The alert urges users to immediately revoke approvals for contract 0x0689aa2234d06ac0d04cdac874331d287afa4b43. Source: @PeckShieldAlert. For trading risk management, treat the flagged contract and related approvals as active exposure until revoked and monitor ETH flows tied to the incident. Source: @PeckShieldAlert. No additional technical details or broader protocol impact were provided in the alert at the time of posting. Source: @PeckShieldAlert.

According to @PeckShieldAlert, November 2025 recorded roughly 15 major crypto exploits with total losses of about $194.27 million (source: @PeckShieldAlert). According to @PeckShieldAlert, losses jumped 969% month over month versus October’s $18.18 million, with the largest impact from Balancer v2 and its forks at $137.4 million, of which $39 million was recovered (source: @PeckShieldAlert).

According to @PeckShieldAlert, deUSD fell approximately 98% at the time of the alert on Nov 7, 2025 (source: PeckShieldAlert on X). According to @PeckShieldAlert, the post also tagged @elixir and provided no additional context regarding cause, affected venues, or liquidity (source: PeckShieldAlert on X). According to @PeckShieldAlert, the only confirmed data point is the -98% move in deUSD at the time of posting (source: PeckShieldAlert on X).

According to @PeckShieldAlert, Staked Stream USD (XUSD) has depegged and is trading approximately 58% below its intended $1 value. According to @PeckShieldAlert, the alert references StreamDefi’s account in relation to the affected token XUSD. According to @PeckShieldAlert, the depeg was reported on Nov 4, 2025, highlighting a severe stablecoin dislocation in XUSD.

According to PeckShieldAlert, Staked Stream USD (XUSD) has depegged and is down approximately 23% versus its $1 target, as posted on Nov 4, 2025 (source: PeckShieldAlert). According to PeckShieldAlert, the alert references @StreamDefi and indicates an implied XUSD price near $0.77 at the time of the notice (source: PeckShieldAlert).

According to @PeckShieldAlert, an on-chain exploit remains active across multiple chains with an estimated loss of about 88 million dollars, as reported on Nov 3, 2025 on X at https://x.com/PeckShieldAlert/status/1985263682310611037. According to @PeckShieldAlert, the incident is ongoing, indicating attacker transactions are still in progress on affected networks and elevating operational risk for live trading on those chains. According to @PeckShieldAlert, traders should monitor the cited thread for real-time updates that may affect execution timing and risk limits.

According to @PeckShieldAlert, ZachXBT reported that Garden Finance was exploited for more than $5.5 million across multiple chains (source: @PeckShieldAlert on X; source: ZachXBT on X). @PeckShieldAlert also states the exploiter is in the process of swapping the stolen assets for ETH, confirming active on-chain conversions linked to the incident (source: @PeckShieldAlert on X). @PeckShieldAlert did not specify the affected chains or the exact assets stolen beyond the move into ETH (source: @PeckShieldAlert on X). For traders, the attacker’s ongoing swaps into ETH indicate exploit-related sell flow is currently moving through ETH pairs on-chain, allowing real‑time tracking of transaction activity during the incident window (source: @PeckShieldAlert on X).

According to @PeckShieldAlert, 402bridge has been exploited with approximately 17,000 USDC stolen, source: @PeckShieldAlert. The alert instructs users to revoke any token allowance to address 0xed1AFc4DCfb39b9ab9d67f3f7f7d02803cEA9FC5, source: @PeckShieldAlert. Traders should immediately check and set allowance to zero for the flagged contract if previously approved to mitigate further risk exposure, with the flagged address provided in the alert, source: @PeckShieldAlert.

According to @PeckShieldAlert on X dated Oct 23, 2025, the Radiant Capital exploiter swapped about 16 million DAI for 4,345.6 ETH in two batches comprising 1,511 WETH and 2,834 ETH, providing a clear on-chain record of stablecoin-to-ETH conversion relevant for traders tracking ETH flows for risk management, source: @PeckShieldAlert on X, Oct 23, 2025. According to @PeckShieldAlert on X dated Oct 23, 2025, the same address subsequently deposited 2,834.6 ETH into Tornado Cash, a movement flagged by the source as an on-chain alert that traders can monitor for further flow analysis, source: @PeckShieldAlert on X, Oct 23, 2025.

According to @PeckShieldAlert, OracleBNB on BNB Chain has been rugged and the project's social platform accounts have been deleted (source: PeckShieldAlert, Oct 10, 2025). Given the alert, traders can reassess any exposure to OracleBNB-related assets or interactions on BNB Chain to address the operational risk identified in the notice (source: PeckShieldAlert, Oct 10, 2025). The alert post did not include on-chain transaction specifics or recovery guidance at the time of publication (source: PeckShieldAlert, Oct 10, 2025).

According to @PeckShieldAlert, roughly 20 major crypto exploits in September 2025 caused total losses of $127.06 million, a 22% decrease from August’s $163 million, source: PeckShieldAlert, Oct 2, 2025. Approximately $13 million drained from a Venus user via a phishing attack has been recovered, source: PeckShieldAlert, Oct 2, 2025. The top incidents were UXLINK at $44.14 million, SwissBorg at $41.5 million, a Venus user at $13.5 million, Yala at $7.64 million, and GriffAI at $3 million, source: PeckShieldAlert, Oct 2, 2025.

According to @PeckShieldAlert, the Radiant Capital exploiter swapped approximately 14 million DAI for 3,490.2 ETH, based on a real-time on-chain alert. Source: PeckShieldAlert on X https://twitter.com/PeckShieldAlert/status/1972124721132269835. The same entity then deposited 2,243.2 ETH into TornadoCash, signaling a significant post-swap movement of the proceeds. Source: PeckShieldAlert on X https://twitter.com/PeckShieldAlert/status/1972124721132269835. About 1,247 ETH from the swap remains outside TornadoCash at the time of the alert (3,490.2 minus 2,243.2), which traders may monitor for any subsequent transfers from exploit-linked wallets highlighted by the alert. Source: PeckShieldAlert on X https://twitter.com/PeckShieldAlert/status/1972124721132269835.

According to @PeckShieldAlert, an abnormal withdrawal of approximately $3.6 million in crypto was detected from HyperVaultFi. According to @PeckShieldAlert, the funds were bridged from Hyperliquid to Ethereum, swapped into ETH, and 752 ETH was subsequently deposited into Tornado Cash. According to @PeckShieldAlert, the alert was tagged with Rugpull?, highlighting a high-risk on-chain event tied to HyperVaultFi’s addresses and flows.

According to @PeckShieldAlert, @zachxbt reports SwissBorg suffered an exploit on Solana with 192.6K SOL valued at about $41.5M stolen (source: @PeckShieldAlert). According to @PeckShieldAlert, the attacker deposited 100 SOL to Bitget, indicating exchange touchpoint activity relevant for tracing flows (source: @PeckShieldAlert).

According to @PeckShieldAlert, the loss for the phished Venus Protocol user has been corrected to approximately 13.5 million dollars after initial estimates were overstated by not excluding the debt position, and the update specifies this was a user-level phishing incident rather than a protocol exploit (source: @PeckShieldAlert, Sep 2, 2025).