• bitcoinBitcoin (BTC) $ 66,407.00
  • ethereumEthereum (ETH) $ 2,003.61
  • tetherTether (USDT) $ 0.999332
  • bnbBNB (BNB) $ 613.01
  • xrpXRP (XRP) $ 1.34
  • usd-coinUSDC (USDC) $ 0.999832
  • solanaSolana (SOL) $ 83.36
  • tronTRON (TRX) $ 0.311531
  • staked-etherLido Staked Ether (STETH) $ 2,265.05
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • dogecoinDogecoin (DOGE) $ 0.090621
  • usdsUSDS (USDS) $ 0.999774
  • whitebitWhiteBIT Coin (WBT) $ 51.45
  • bitcoin-cashBitcoin Cash (BCH) $ 478.03
  • hyperliquidHyperliquid (HYPE) $ 39.17
  • wrapped-stethWrapped stETH (WSTETH) $ 2,779.67
  • cardanoCardano (ADA) $ 0.247086
  • leo-tokenLEO Token (LEO) $ 9.58
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 76,243.00
  • chainlinkChainlink (LINK) $ 8.59
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998762
  • moneroMonero (XMR) $ 327.09
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 2,466.93
  • ethena-usdeEthena USDe (USDE) $ 0.999083
  • canton-networkCanton (CC) $ 0.144727
  • stellarStellar (XLM) $ 0.165737
  • wrapped-eethWrapped eETH (WEETH) $ 2,465.31
  • usd1-wlfiUSD1 (USD1) $ 0.999350
  • daiDai (DAI) $ 0.999761
  • susdssUSDS (SUSDS) $ 1.08
  • litecoinLitecoin (LTC) $ 53.82
  • hedera-hashgraphHedera (HBAR) $ 0.089978
  • paypal-usdPayPal USD (PYUSD) $ 0.999870
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 76,366.00
  • rainRain (RAIN) $ 0.008084
  • avalanche-2Avalanche (AVAX) $ 8.81
  • memecoreMemeCore (M) $ 2.15
  • wethWETH (WETH) $ 2,268.37
  • zcashZcash (ZEC) $ 219.43
  • suiSui (SUI) $ 0.880922
  • shiba-inuShiba Inu (SHIB) $ 0.000006
  • usdt0USDT0 (USDT0) $ 0.998824
  • bittensorBittensor (TAO) $ 322.35
  • crypto-com-chainCronos (CRO) $ 0.071737
  • the-open-networkToncoin (TON) $ 1.22
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.096943
  • hashnote-usycCircle USYC (USYC) $ 1.12
  • tether-goldTether Gold (XAUT) $ 4,491.57
  • pax-goldPAX Gold (PAXG) $ 4,501.35
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.22
  • mantleMantle (MNT) $ 0.675960
  • polkadotPolkadot (DOT) $ 1.30
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • uniswapUniswap (UNI) $ 3.39
  • global-dollarGlobal Dollar (USDG) $ 0.999968
  • falcon-financeFalcon USD (USDF) $ 0.998256
  • okbOKB (OKB) $ 83.10
  • pi-networkPi Network (PI) $ 0.175092
  • aster-2Aster (ASTER) $ 0.660738
  • skySky (SKY) $ 0.070151
  • htx-daoHTX DAO (HTX) $ 0.000002
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.15
  • nearNEAR Protocol (NEAR) $ 1.17
  • aaveAave (AAVE) $ 97.58
  • ripple-usdRipple USD (RLUSD) $ 0.999868
  • pepePepe (PEPE) $ 0.000003
  • bitget-tokenBitget Token (BGB) $ 1.95
  • bfusdBFUSD (BFUSD) $ 0.998900
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.12
  • ondo-financeOndo (ONDO) $ 0.264071
  • ethereum-classicEthereum Classic (ETC) $ 8.15
  • internet-computerInternet Computer (ICP) $ 2.24
  • siren-2Siren (SIREN) $ 1.62
  • gatechain-tokenGate (GT) $ 6.47
  • janus-henderson-anemoy-treasury-fundJanus Henderson Anemoy Treasury Fund (JTRSY) $ 1.10
  • kucoin-sharesKuCoin (KCS) $ 7.90
  • quant-networkQuant (QNT) $ 71.40
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.00
  • pump-funPump.fun (PUMP) $ 0.001722
  • kaspaKaspa (KAS) $ 0.035452
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.091076
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.21
  • usdtbUSDtb (USDTB) $ 1.00
  • jito-staked-solJito Staked SOL (JITOSOL) $ 124.46
  • nexoNEXO (NEXO) $ 0.873619
  • render-tokenRender (RENDER) $ 1.68
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 2,404.69
  • cosmosCosmos Hub (ATOM) $ 1.69
  • morphoMorpho (MORPHO) $ 1.52
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,262.26
  • worldcoin-wldWorldcoin (WLD) $ 0.262883
  • rocket-pool-ethRocket Pool ETH (RETH) $ 2,631.35
  • midnight-3Midnight (NIGHT) $ 0.049058
  • usddUSDD (USDD) $ 0.999457
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999945
  • ethenaEthena (ENA) $ 0.091180
  • aptosAptos (APT) $ 0.949787
  • wbnbWrapped BNB (WBNB) $ 759.61
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 11.03
  • ignition-fbtcFunction FBTC (FBTC) $ 76,389.00
  • algorandAlgorand (ALGO) $ 0.081993
  • official-trumpOfficial Trump (TRUMP) $ 2.99
  • flare-networksFlare (FLR) $ 0.007767
  • hash-2Provenance Blockchain (HASH) $ 0.011420
  • filecoinFilecoin (FIL) $ 0.827598
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • beldexBeldex (BDX) $ 0.083000
  • ousgOUSG (OUSG) $ 114.73
  • xdce-crowd-saleXDC Network (XDC) $ 0.030540
  • binance-staked-solBinance Staked SOL (BNSOL) $ 108.24
  • yldsYLDS (YLDS) $ 0.999954
  • ghoGHO (GHO) $ 0.999084
  • vechainVeChain (VET) $ 0.006691
  • usual-usdUsual USD (USD0) $ 0.998626
  • stable-2​​Stable (STABLE) $ 0.025858
  • new-x-ceo-is-backNEW X CEO IS BACK (XFLOKI) $ 0.506041
  • arbitrumArbitrum (ARB) $ 0.089684
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999720
  • justJUST (JST) $ 0.059586
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 76,461.00
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.231416
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 76,491.00
  • layerzeroLayerZero (ZRO) $ 2.06
  • jupiter-exchange-solanaJupiter (JUP) $ 0.144362
  • bonkBonk (BONK) $ 0.000006
  • clbtcclBTC (CLBTC) $ 76,920.00
  • true-usdTrueUSD (TUSD) $ 0.997596
  • a7a5A7A5 (A7A5) $ 0.012229
  • fasttokenFasttoken (FTN) $ 1.09
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.37
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.657714
  • euro-coinEURC (EURC) $ 1.15
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 2,419.84
  • blockstackStacks (STX) $ 0.223273
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.006427
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 33.97
  • tbtctBTC (TBTC) $ 70,942.00
  • dashDash (DASH) $ 31.75
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998482
  • wrappedm-by-m0WrappedM by M0 (WM) $ 1.00
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.03
  • tezosTezos (XTZ) $ 0.356913
  • chilizChiliz (CHZ) $ 0.036395
  • sei-networkSei (SEI) $ 0.054812
  • ether-fiEther.fi (ETHFI) $ 0.463077
  • c8ntinuumc8ntinuum (CTM) $ 0.087592
  • decredDecred (DCR) $ 20.96
  • hastra-primePRIME (PRIME) $ 1.03
  • mantle-staked-etherMantle Staked Ether (METH) $ 2,455.82
  • usxUSX (USX) $ 0.999439
  • kinesis-goldKinesis Gold (KAU) $ 146.59
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999983
  • dexeDeXe (DEXE) $ 7.21
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.13
  • sun-tokenSun Token (SUN) $ 0.016971
  • cocaCOCA (COCA) $ 1.30
  • apenftAINFT (NFT) $ 0.00000033
  • adi-tokenADI (ADI) $ 4.04
  • kite-2Kite (KITE) $ 0.176435
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 2,406.26
  • gnosisGnosis (GNO) $ 118.98
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 76,200.00
  • curve-dao-tokenCurve DAO (CRV) $ 0.210307
  • usdaiUSDai (USDAI) $ 0.999654
  • bittorrentBitTorrent (BTT) $ 0.00000032
  • aerodrome-financeAerodrome Finance (AERO) $ 0.321159
  • wrapped-flareWrapped Flare (WFLR) $ 0.009961
  • conflux-tokenConflux (CFX) $ 0.056754
  • injective-protocolInjective (INJ) $ 2.88
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,266.86
  • riverRiver (RIVER) $ 14.50
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.12
  • kaiaKaia (KAIA) $ 0.047003
  • fraxLegacy Frax Dollar (FRAX) $ 0.992759
  • bitcoin-svBitcoin SV (BSV) $ 13.65
  • venice-tokenVenice Token (VVV) $ 6.09
  • kinesis-silverKinesis Silver (KAG) $ 71.17
  • binance-peg-xrpBinance-Peg XRP (XRP) $ 1.59
  • celestiaCelestia (TIA) $ 0.298506
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 2,443.47
  • flokiFLOKI (FLOKI) $ 0.000028
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 2,421.84
  • crvusdcrvUSD (CRVUSD) $ 0.997854
  • jasmycoinJasmyCoin (JASMY) $ 0.005310
  • sbtc-2sBTC (SBTC) $ 77,039.00
  • official-foOfficial FO (FO) $ 0.262891
  • lido-daoLido DAO (LDO) $ 0.302386
  • the-graphThe Graph (GRT) $ 0.023840
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 115.56
  • spx6900SPX6900 (SPX) $ 0.273027
  • savings-usddSavings USDD (SUSDD) $ 1.03
  • ape-and-pepeApe and Pepe (APEPE) $ 0.000001
  • iotaIOTA (IOTA) $ 0.055681
  • olympusOlympus (OHM) $ 15.43
  • msolMarinade Staked SOL (MSOL) $ 133.18
  • doublezeroDoubleZero (2Z) $ 0.069558
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,265.06
  • monadMonad (MON) $ 0.022038
  • syrupMaple Finance (SYRUP) $ 0.205129
  • btse-tokenBTSE Token (BTSE) $ 1.43

Jill Gunter has wallet drained via vulnerable ThirdWeb contract

Bitcoin
By admin
0 1


Related Posts

Metaplanet Unveils Bitcoin Rewards Card Launch

0

ZachXBT: Both Circle and Tether blocked the wallets…

0

On Thursday, Jill Gunter, co-founder of “the base layer for rollups” Espresso, took to X to inform followers her wallet had been drained due to a vulnerability in a ThirdWeb contract.

The 10-year crypto veteran noted the “deep irony” of her funds being funneled into privacy protocol Railgun while she was “writing a defense of privacy in crypto to present in DC next week.”

In a follow-up thread, Gunter describes the process of investigating how over $30,000 USDC was lost.

Read more: ZachXBT cracks Railgun privacy to expose Bittensor hacker

The transaction, which drained Gunter’s jrg.eth address, occurred on December 9.

The tokens had been moved into the address the day before the theft “in anticipation of funding an angel investment I planned to make this week.”

Although the tokens had been moved from jrg.eth to another (0xF215), the transaction shows a contract interaction with 0x81d5.

This vulnerable contract that led to the drained wallet, Gunter found, was a Thirdweb bridge contract that she had previously used for “a $5 transfer.”

After contacting Thirdweb, she was informed that a vulnerability was found in the bridge contract in April. It “allowed anyone to access funds from users who had clicked through and accepted unlimited token approvals.”

Indeed, the contract is now labelled on Etherscan as compromised.

Read more: Explained: how crypto’s ‘largest supply chain attack’ stole just $0.05

A Thirdweb blog post, published today, states that the theft “resulted from the legacy contract not being properly decommissioned during our April 2025 vulnerability response.”

Thirdweb “permanently disabled the legacy contract… and no user wallets or funds remain at risk.”

Gunter praised the SEAL Security Alliance for its response, pledging to donate any potential reimbursement, and urged others to do the same.

Thirdweb’s second rodeo

In addition to the vulnerable bridge contract, ThirdWeb had previously disclosed a wide-reaching vulnerability in late 2023.

It informed the crypto community of “a security vulnerability in a commonly used open-source library.”

Security researcher and SEAL member Pascal Caversaccio dubbed Thirdweb’s statement “not responsible disclosure.” He argued that providing a list of vulnerable contracts gave black hats hackers a “head start.”

According to crypto scam tracker ScamSniffer’s analysis, over 500 token contracts were affected and at least 25 exploited.



Source link

admin 9565 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.