Bitcoin 
Ethereum 
Tether 
BNB 
XRP 
USDC 
Solana 
TRON 
Lido Staked Ether 
Figure Heloc 
Dogecoin 
USDS 
WhiteBIT Coin 
Bitcoin Cash 
Hyperliquid 
Wrapped stETH 
Cardano 
LEO Token 
Wrapped Bitcoin 
Monero 
Binance Bridged USDT (BNB Smart Chain) 
Chainlink 
Wrapped Beacon ETH 
Canton 
Ethena USDe 
Stellar 
Wrapped eETH 
USD1 
Dai 
sUSDS 
Litecoin 
Rain 
Hedera 
Coinbase Wrapped BTC 
PayPal USD 
MemeCore 
Avalanche 
WETH 
Zcash 
Shiba Inu 
Sui 
USDT0 
Toncoin 
Bittensor 
Cronos 
World Liberty Financial 
Circle USYC 
Tether Gold 
PAX Gold 
Ethena Staked USDe 
Mantle 
Uniswap 
BlackRock USD Institutional Digital Liquidity Fund 
Polkadot 
Pi Network 
Global Dollar 
OKB 
Falcon USD 
Aster 
Sky 
HTX DAO 
syrupUSDC 
NEAR Protocol 
Aave 
Ripple USD 
Pepe 
Bitget Token 
Ondo 
BFUSD 
Siren 
Ondo US Dollar Yield 
Ethereum Classic 
Internet Computer 
Gate 
Janus Henderson Anemoy Treasury Fund 
KuCoin 
Quant 
Jupiter Perpetuals Liquidity Provider Token 
Pump.fun 
POL (ex-MATIC) 
Kaspa 
Spiko EU T-Bills Money Market Fund 
NEXO 
Jito Staked SOL 
Render 
USDtb 
Kelp DAO Restaked ETH 
Midnight 
Worldcoin 
Binance-Peg WETH 
Cosmos Hub 
Rocket Pool ETH 
Morpho 
Ethena 
Binance Bridged USDC (BNB Smart Chain) 
USDD 
Aptos 
Wrapped BNB 
Superstate Short Duration U.S. Government Securities Fund (USTB) 
Function FBTC 
Algorand 
Provenance Blockchain 
Official Trump 
Flare 
Filecoin 
syrupUSDT 
Beldex 
OUSG 
XDC Network 
Binance Staked SOL 
YLDS 
GHO 
VeChain 
Artificial Superintelligence Alliance 
Usual USD 
Stable 
NEW X CEO IS BACK 
Polygon Bridged USDC (Polygon PoS) 
Arbitrum 
Solv Protocol BTC 
JUST 
Lombard Staked BTC 
Jupiter 
Bonk 
LayerZero 
clBTC 
TrueUSD 
Noon 
A7A5 
Fasttoken 
PancakeSwap 
Virtuals Protocol 
StakeWise Staked ETH 
EURC 
Chiliz 
Kinetiq Staked HYPE 
tBTC 
Stacks 
Pudgy Penguins 
WrappedM by M0 
Dash 
First Digital USD 
Janus Henderson Anemoy AAA CLO Fund 
Tezos 
Sei 
c8ntinuum 
Ether.fi 
Decred 
Mantle Staked Ether 
PRIME 
USX 
Polygon PoS Bridged DAI (Polygon POS) 
Kinesis Gold 
Resolv wstUSR 
Sun Token 
COCA 
DeXe 
ADI 
AINFT 
Liquid Staked ETH 
Curve DAO 
Arbitrum Bridged WBTC (Arbitrum One) 
Gnosis 
BitTorrent 
USDai 
Kite 
Wrapped Flare 
Aerodrome Finance 
Conflux 
L2 Standard Bridged WETH (Base) 
Injective 
Steakhouse USDC Morpho Vault 
River 
Legacy Frax Dollar 
Bitcoin SV 
FLOKI 
Celestia 
Binance-Peg XRP 
Kaia 
Ether.Fi Liquid ETH 
Venice Token 
Renzo Restaked ETH 
Kinesis Silver 
Lido DAO 
sBTC 
JasmyCoin 
crvUSD 
Official FO 
Jupiter Staked SOL 
The Graph 
Savings USDD 
SPX6900 
Monad 
Ape and Pepe 
Marinade Staked SOL 
DoubleZero 
Arbitrum Bridged WETH (Arbitrum One) 
IOTA 
Olympus 
Maple Finance 
Jill Gunter, co-founder of Espresso, reported Thursday that her crypto wallet was drained due to a vulnerability in a Thirdweb contract, according to statements posted on social media.
- Crypto veteran Jill Gunter reported the theft of over $30,000 in USDC from her wallet, which was drained on Dec. 9 and routed through Railgun.
- The vulnerability stemmed from a legacy Thirdweb contract that allowed access to funds with unlimited token approvals.
- The incident followed a separate 2023 open-source library flaw that affected more than 500 token contracts and was exploited at least 25 times, according to ScamSniffer.
Gunter, described as a 10-year veteran of the cryptocurrency industry, said more than $30,000 in USDC stablecoin was stolen from her wallet. The funds were transferred to the privacy protocol Railgun while she was preparing a presentation on cryptocurrency privacy for an event in Washington, D.C., according to her account.
In a follow-up post, Gunter detailed the investigation into the theft. The transaction that drained her jrg.eth address occurred on December 9, with the tokens having been moved into the address the day before in anticipation of funding an angel investment planned for that week, she stated.
Although the tokens were transferred from jrg.eth to another address identified as 0xF215, the transaction showed a contract interaction with 0x81d5, according to Gunter’s analysis. She identified the vulnerable contract as a Thirdweb bridge contract she had previously used for a $5 transfer.
Thirdweb informed Gunter that a vulnerability had been discovered in the bridge contract in April, she reported. The vulnerability allowed anyone to access funds from users who had approved unlimited token permissions. The contract has since been labeled as compromised on Etherscan, a blockchain explorer.
Gunter stated she did not know whether she would receive reimbursement and characterized such risks as an occupational hazard in the cryptocurrency industry. She pledged to donate any recovered funds to the SEAL Security Alliance and encouraged others to consider donations as well.
Thirdweb published a blog post stating the theft resulted from a legacy contract not being properly decommissioned during its April 2025 vulnerability response. The company said it has permanently disabled the legacy contract and that no user wallets or funds remain at risk.
In addition to the vulnerable bridge contract, Thirdweb disclosed a wide-reaching vulnerability in late 2023 in a commonly used open-source library. Security researcher Pascal Caversaccio of SEAL criticized Thirdweb’s disclosure approach, stating that providing a list of vulnerable contracts gave malicious actors advance warning.
According to analysis by ScamSniffer, a blockchain security firm, over 500 token contracts were affected by the 2023 vulnerability and at least 25 were exploited.
