Bitcoin 
Ethereum 
Tether 
BNB 
USDC 
XRP 
Solana 
TRON 
Lido Staked Ether 
Figure Heloc 
Hyperliquid 
Dogecoin 
Rain 
USDS 
LEO Token 
Wrapped stETH 
Zcash 
LAB 
Wrapped Bitcoin 
Monero 
Binance Bridged USDT (BNB Smart Chain) 
Stellar 
Wrapped Beacon ETH 
Canton 
WhiteBIT Coin 
Cardano 
Wrapped eETH 
Chainlink 
USD1 
Dai 
sUSDS 
Ethena USDe 
Gram (prev. Toncoin) 
Coinbase Wrapped BTC 
Bitcoin Cash 
Litecoin 
Hedera 
WETH 
Circle USYC 
Global Dollar 
Sui 
USDT0 
Avalanche 
PayPal USD 
Cronos 
Shiba Inu 
Tether Gold 
NEAR Protocol 
BlackRock USD Institutional Digital Liquidity Fund 
Ethena Staked USDe 
Ondo US Dollar Yield 
Bittensor 
World Liberty Financial 
PAX Gold 
Uniswap 
Aster 
Worldcoin 
OKB 
Ripple USD 
Ondo 
Little Pepe 
HTX DAO 
syrupUSDC 
Aave 
Mantle 
Polkadot 
Falcon USD 
Pi Network 
USDD 
BFUSD 
Internet Computer 
Sky 
Morpho 
Bitget Token 
Ethereum Classic 
United Stables 
DeXe 
Pepe 
Jupiter Perpetuals Liquidity Provider Token 
Blockchain Capital 
Quant 
MemeCore 
Spiko EU T-Bills Money Market Fund 
KuCoin 
Jito Staked SOL 
Stable 
Janus Henderson Anemoy Treasury Fund 
Kelp DAO Restaked ETH 
USDGO 
Render 
Binance-Peg WETH 
Cosmos Hub 
Rocket Pool ETH 
Invesco Short Duration US Government Securities Fund 
Kaspa 
Binance Bridged USDC (BNB Smart Chain) 
POL (ex-MATIC) 
Jupiter 
Wrapped BNB 
Algorand 
Function FBTC 
Audiera 
USDtb 
Ethena 
NEXO 
币安人生 (BinanceLife) 
syrupUSDT 
JUST 
Gate 
Beldex 
Binance Staked SOL 
Janus Henderson Anemoy AAA CLO Fund 
Venice Token 
Spiko Amundi Overnight Swap Fund (EUR) 
ADI 
GHO 
Flare 
NEW X CEO IS BACK 
Polygon Bridged USDC (Polygon PoS) 
Filecoin 
Solv Protocol BTC 
YLDS 
Lombard Staked BTC 
XDC Network 
Usual USD 
Pump.fun 
clBTC 
Provenance Blockchain 
Midnight 
USX 
Aptos 
TrueUSD 
Injective 
StakeWise Staked ETH 
A7A5 
Arbitrum 
Kinetiq Staked HYPE 
Aerodrome Finance 
tBTC 
Lighter 
Dash 
PancakeSwap 
EURC 
Ondo Short-Term U.S. Government Bond Fund 
PRIME 
Official Trump 
c8ntinuum 
Artificial Superintelligence Alliance 
Mantle Staked Ether 
Jito 
Pudgy Penguins 
Polygon PoS Bridged DAI (Polygon POS) 
VeChain 
Resolv wstUSR 
Bonk 
COCA 
SkyAI 
Terra Luna Classic 
Sei 
Doge Strategy 
Liquid Staked ETH 
Celestia 
Arbitrum Bridged WBTC (Arbitrum One) 
First Digital USD 
Virtuals Protocol 
Ether.fi 
The9bit 
Kite 
Wrapped Flare 
Sun Token 
Velvet 
L2 Standard Bridged WETH (Base) 
Stacks 
Steakhouse USDC Morpho Vault 
SPX6900 
Kinesis Gold 
Grass 
Curve DAO 
apxUSD 
Binance-Peg XRP 
Plasma 
Ether.Fi Liquid ETH 
ETHGas 
Renzo Restaked ETH 
Gnosis 
Pyth Network 
Noon 
Royal Dollar 
sBTC 
AINFT 
BitTorrent 
Legacy Frax Dollar 
Jupiter Staked SOL 
BUILDon 
Savings USDD 
Tezos 
Olympus 
Monad 
Marinade Staked SOL 
Zebec Network 
Jill Gunter, co-founder of Espresso, reported Thursday that her crypto wallet was drained due to a vulnerability in a Thirdweb contract, according to statements posted on social media.
- Crypto veteran Jill Gunter reported the theft of over $30,000 in USDC from her wallet, which was drained on Dec. 9 and routed through Railgun.
- The vulnerability stemmed from a legacy Thirdweb contract that allowed access to funds with unlimited token approvals.
- The incident followed a separate 2023 open-source library flaw that affected more than 500 token contracts and was exploited at least 25 times, according to ScamSniffer.
Gunter, described as a 10-year veteran of the cryptocurrency industry, said more than $30,000 in USDC stablecoin was stolen from her wallet. The funds were transferred to the privacy protocol Railgun while she was preparing a presentation on cryptocurrency privacy for an event in Washington, D.C., according to her account.
In a follow-up post, Gunter detailed the investigation into the theft. The transaction that drained her jrg.eth address occurred on December 9, with the tokens having been moved into the address the day before in anticipation of funding an angel investment planned for that week, she stated.
Although the tokens were transferred from jrg.eth to another address identified as 0xF215, the transaction showed a contract interaction with 0x81d5, according to Gunter’s analysis. She identified the vulnerable contract as a Thirdweb bridge contract she had previously used for a $5 transfer.
Thirdweb informed Gunter that a vulnerability had been discovered in the bridge contract in April, she reported. The vulnerability allowed anyone to access funds from users who had approved unlimited token permissions. The contract has since been labeled as compromised on Etherscan, a blockchain explorer.
Gunter stated she did not know whether she would receive reimbursement and characterized such risks as an occupational hazard in the cryptocurrency industry. She pledged to donate any recovered funds to the SEAL Security Alliance and encouraged others to consider donations as well.
Thirdweb published a blog post stating the theft resulted from a legacy contract not being properly decommissioned during its April 2025 vulnerability response. The company said it has permanently disabled the legacy contract and that no user wallets or funds remain at risk.
In addition to the vulnerable bridge contract, Thirdweb disclosed a wide-reaching vulnerability in late 2023 in a commonly used open-source library. Security researcher Pascal Caversaccio of SEAL criticized Thirdweb’s disclosure approach, stating that providing a list of vulnerable contracts gave malicious actors advance warning.
According to analysis by ScamSniffer, a blockchain security firm, over 500 token contracts were affected by the 2023 vulnerability and at least 25 were exploited.
