Scams

Blockchain investigator ZachXBT warned on January 2, 2026 of an active cross-chain exploit draining hundreds of wallets across EVM-compatible networks. Reported losses exceed $107,000, with most affected addresses losing under $2,000 each while the root cause remains unknown. Researchers are mapping victim addresses, including a suspicious wallet (0xAc2***9bFB) potentially linked to the thefts.

Crypto losses slowed in December 2025, totaling roughly ~$76M, more than 60% below November's $194.27M. The largest hits were an address-poisoning mis-send of about $50M and compromised multisig keys exceeding $27 million, while browser wallets remained frequent targets. Additional cases included a Trust Wallet extension issue near $7 million and a Flow ecosystem breach close to $4 million.

On January 2, 2026, a dark web post alleged $1, read-only access to Kraken’s internal support panel, according to Dark Web Informer. The listing claims visibility into user profiles, transaction histories and KYC documents, with authentication codes expiring in February; the publication reported no independent confirmation and Kraken has not acknowledged a compromise.

In late December 2025, on-chain investigator ZachXBT reported that hundreds of EVM-compatible wallets on networks like Ethereum and BNB were being drained in small thefts of under $2,000 per victim, with over $107,000 stolen so far. Funds from nearly 20 blockchains have been traced to a single address, which analytics firms link to the Trust Wallet Chrome extension "Shai-Hulud" supply chain attack that began on Christmas Eve. The incident comes amid a record year for crypto-related cybercrime, with billions in digital assets reportedly stolen across major hacks and phishing campaigns.

Flow Foundation said it has moved into Phase Two of its recovery plan after a $3.9 million exploit disrupted the network on December 27, 2025. Developers are working to restore EVM functionality, execute validator-approved cleanup transactions, and test fixes on the Cadence chain, with completion expected to take several days.

PeckShield said total crypto losses from hacks fell to about $76 million in December, a 60% drop from November's $194.2 million across 26 major incidents. The month included a $50 million address‑poisoning scam and around $27.3 million lost to a multisig key leak, while Trust Wallet and Flow added $7 million and $3.9 million, respectively.

Blockchain security firm PeckShield reported around $76 million in crypto losses from hacks and exploits in December, a 60% drop from November's $194.2 million. The month included 26 major incidents, with one user losing $50 million to an address-poisoning scam and another losing $27.3 million due to a multisig private key leak.

On December 31, 2025, Trust Wallet said its Chrome extension was temporarily removed after a Chrome Web Store bug blocked a new release, slowing a verification tool for reimbursement claims. The company earlier confirmed a malicious v2.68 was distributed on December 25, identifying 2,520 drained addresses and roughly $8.5 million tied to 17 attacker wallets.

As 2026 began, BROCCOLI(714) on BNB Chain surged nearly 1200% before reversing sharply. The spike coincided with a suspected market‑maker compromise, driving trading volume up about 4800% to roughly $500 million. A trader reported around $1 million profit during the volatility, and Binance said it is investigating without confirming a direct hack.

On 1 January 2026, Binance detailed an attempted fraud in which a user allegedly forged chat logs and transfer records to pose as a scam victim and pressure the exchange's support team for compensation. Internal checks, including blockchain analysis, indicated the wallet tied to the supposed scammer was controlled by the complainant and that documents came from an escrow platform and were altered to fit the story. The case underscores how crypto scams are expanding from targeting users directly to attacking exchange trust systems, amid wider industry losses from phishing, address poisoning, and social engineering schemes.