DAIDai

OKX Ventures and Korea Investment & Securities invest $53M each for 19.6% stakes in Coinone, totaling $106M pending regulatory approval. The post OKX Ventures Acquires Major Stake in Korean Exchange Coinone in $53M Deal appeared first on Blockonomi.

Security warnings issued on May 25, 2026, indicate that about $3.2 million has been siphoned from 86 Gnosis Safes in just two hours. This is via the Base and Ethereum blockchain networks. The vulnerability exploited a smart contract called “SquidRouterModule.” It caused instant confusion in the crypto community due to its similar name to the official Squid Router network. According to reports, the stolen funds were instantly converted into approximately $3 million in DAI tokens via the attacker-controlled Uniswap V3 pools. The hacker used the wallet address 0xA447…54859, which was previously sent 2.1 ETH via TornadoCash. 86 Gnosis safes targeted in a new hack Security firms such as PeckShield and Blockaid were the first to detect this exploit. In the report by PeckShield, the details of the SquidRouterModule exploit were provided, along with the actual flow of funds. This included not only the use of TornadoCash but also exchanging all tokens for DAI. #PeckShieldAlert The SquidRouterModule has been exploited for ~$3M in assets. The exploiter, who was originally funded with 2.1 $ETH from #TornadoCash , has swapped the stolen funds for ~3M $DAI . The stolen assets are currently sitting in the exploiter's wallet 0xA447…54859 pic.twitter.com/RAmpIZQhQh — PeckShieldAlert (@PeckShieldAlert) May 25, 2026 In its report, Blockaid mentioned that 86 Gnosis Safes had been exploited in less than two hours, and all tokens exchanged using liquidity pools controlled by the attacker. Previously, users had authorized these contracts within their Gnosis Safes with elevated privileges, without requiring user signatures. The root cause lies in the design of the third-party Gnosis Safe module itself. The contract, audited by Basescan and named SquidRouterModule, would accept an immutable string provided by the caller as proof of the message’s security. As this string was clearly visible in the publicly available source code, it became possible to bypass all security measures. Following the provision of the string, the module allowed the execution of calldata provided within an array. The fact that the module had already been whitelisted as a legitimate Safe Module by the victims enabled the attacker to withdraw funds from the Gnosis Safes regardless of the token type. The legitimate Squid Router contract (0xce16F69375520ab01377ce7B88f5BA8C48F8D666) uses a completely different architecture and has not been affected by this attack. Squid Router distances itself from the hack incident Squid Router’s official X account did not take long before setting the record straight. In its statement, the company made clear that the exploited contract was not built, deployed, or managed by Squid. It was identified as a smart wallet by another third party that decided to integrate with Squid and other projects, but never contacted the Squid team. The team explained that there was nothing related to the core Squid protocol or its contracts regarding this incident. In addition, not all Squid users and integrators are affected. Moreover, Squid highlighted that initial public information could erroneously refer to SquidRouter based solely on the name of the exploited contract available on Basescan. Binance’s CZ calls on devs to fix hack problems As a clear indication of how increasingly vulnerable the crypto space has become in its supply chain, the founder of Binance, Changpeng Zhao (also known as CZ), has called for developers to swap their API keys after a GitHub data breach. As reported by Cryptopolitan, CZ urged that if users have API keys in their code, even private repos, now is the time to double-check and change them. This is due to the risk of exposed API keys in the event of a breach, as they could be used by trading bots, DeFi protocols, analytics platforms, and other related services. If you're reading this, you’re already ahead. Stay there with our newsletter .

A third-party module drained about $3 million from Safe wallets on Ethereum and Base, with Squid blaming an unofficial external Safe module and saying its core systems were not affected.

Arm (ARM) stock jumped 46.5% to $306.51 after announcing $2B in AI chip deals, receiving a Bernstein upgrade, and posting strong Q4 earnings results. The post Arm Holdings (ARM) Stock Soars 46% Following $2 Billion AI Chip Agreement and Bernstein’s Bullish Outlook appeared first ...

Onchain activity shows that Dritan Kapllani Jr. has transferred funds into unfreezeable assets in a new wallet, a few days after ZachXBT identified him as a US-based threat actor allegedly tied to $19 million in social engineering thefts from crypto holders. ZachXBT was also the one who flagged the latest move, writing on his Telegram channel , “Earlier today the threat actor ‘Dritan Kapllani Jr’ transferred $2.59M (1.99M DAI, 259 ETH) three hops from: 0x4487db847db2fc99372a985743a26f46e0b2bba6 to: 0x67ec1d405e53ed13a19eb77a9db19186723d125d where stolen funds currently sit dormant.” Dritan’s latest actions are raising questions about whether he is preparing to go into hiding as his co-conspirators face federal charges. Similar exposures by ZachXBT have led to arrests in the past, with one of them also linked to Dritan. That one is John “Lick” Daghita , who was arrested in Saint Martin in March 2026 after allegedly stealing $46 million from US government-controlled wallets. FBI agents reportedly found Daghita with hardware wallets, USB drives, and a metal briefcase of cash after French tactical units helped apprehend him on the Caribbean island. ZachXBT traces $19 million in alleged thefts to Dritan ZachXBT’s investigation, published on X , linked Dritan’s Ethereum wallet to the theft of 185 BTC, worth roughly $13 million, on March 14. One day later, $5.3 million from the stolen funds landed in Dritan’s Exodus wallet, according to Zach’s on-chain tracing. The exposure came after Dritan joined a “band-for-band” contest on Discord on April 23, where scammers compared wallet balances on screen. During the call, he allegedly displayed $3.68 million inside an Exodus wallet, according to Cryptopolitan’s earlier reporting. By the time ZachXBT published his findings, about $1.6 million had already been withdrawn from the wallet. Beyond the 185 BTC theft, ZachXBT traced an older wallet address back to Dritan through a deleted Telegram post by Daghita. That wallet allegedly connected to more than $5.85 million across five additional social engineering thefts in 2025, with Bitcoin addresses spanning August through October of that year. Other associates, such as Trenton Richard David Johnston and Brandon Michael Tardibone , are facing federal charges over the same 185 BTC theft, with Johnston facing up to 40 years in prison and Tardibone 30 years. ZachXBT identified Dritan as a co-conspirator 1 in Johnston’s case. A familiar playbook The connection between Dritan and Daghita predates both investigations. The two engaged in their own band-for-band wallet comparison, ZachXBT said, which was part of what triggered the January 2026 probe into Daghita’s government wallet theft. In both cases, showing off stolen wealth on social media provided the onchain breadcrumbs that investigators followed. ZachXBT noted that Dritan has “tons of plot armor,” pointing out that multiple associates from groups known as ACG and 41/RM Boyz have been arrested while Dritan has avoided prosecution. Since Dritan was recently a minor, ZachXBT suggested that law enforcement may have delayed charges on that basis. With Johnston and Tardibone now facing decades in federal prison and Daghita awaiting extradition from Saint Martin, the question for investigators is whether Dritan’s apparent fund movements signal a plan to follow Daghita’s exit strategy before charges catch up. The smartest crypto minds already read our newsletter. Want in? Join them .

BitcoinWorld Transit Finance Commits to Full User Compensation Following $1.88 Million Exploit Transit Finance, the company behind the decentralized exchange aggregator Transit Swap, has confirmed it will fully compensate all users impacted by a recent security breach. The incident, which involved the theft of approximately $1.88 million, was linked to a vulnerability in an older version of the protocol’s smart contract on the TRON blockchain. Details of the Exploit and Response Blockchain security firm PeckShield first flagged the exploit on May 11, reporting that the stolen funds—held as DAI in a wallet address starting with 0x8a6—were linked to Transit Finance. The company clarified that the vulnerability existed in an early iteration of its smart contract, which had been deprecated after 2022 and was no longer in active use. Only a subset of users who had interacted with that outdated version were affected. Upon discovering the breach, Transit Finance stated it initiated an immediate response, completing additional security reviews and recovery measures by May 12. The company emphasized that no action is required from affected users and that the current version of its smart contract remains secure and unaffected. Broader Implications for DeFi Security This incident underscores a persistent challenge in decentralized finance: the risk posed by legacy smart contracts that remain accessible even after being deprecated. While Transit Finance acted swiftly to contain the damage and commit to full restitution, the event highlights the importance of regular security audits and the proactive decommissioning of outdated code. What This Means for Users For Transit Swap users, the announcement brings clarity and assurance that losses will be covered. However, the broader DeFi community is reminded to exercise caution when interacting with older protocols or contract versions. Security experts recommend that users verify they are using the most up-to-date smart contract addresses and avoid transactions with deprecated code. Conclusion Transit Finance’s decision to fully compensate victims of the $1.88 million exploit is a significant step in maintaining user trust. As the investigation continues, the company has not disclosed a specific timeline for compensation distribution but reiterated its commitment to making all affected users whole. This case serves as a cautionary tale for the industry, reinforcing the need for continuous vigilance in smart contract security. FAQs Q1: Do I need to take any action to receive compensation? No. Transit Finance has stated that no action is required from affected users. The compensation process will be handled automatically by the company. Q2: Is the current Transit Swap smart contract safe to use? Yes. The company confirmed that the vulnerability was isolated to an old, deprecated version of the contract on TRON. The current version remains unaffected and secure. Q3: How much was stolen in the hack? Blockchain security firm PeckShield reported that approximately $1.88 million in DAI was stolen from the protocol. The funds are being held in a wallet address starting with 0x8a6. This post Transit Finance Commits to Full User Compensation Following $1.88 Million Exploit first appeared on BitcoinWorld .

Crypto.com has announced the launch of Crypto.com Travel, a new in-app booking platform powered by Bookit, marking another major step toward integrating cryptocurrency rewards into everyday consumer experiences. The announcement was revealed during Consensus 2026 and introduces a...

The plaintiff says Coinbase froze traceable assets from a 2024 DAI phishing theft but refused to return them without a court order.

BitcoinWorld Coinbase Sued Over $55M in Frozen DAI Tied to Hack and Tornado Cash Laundering A new lawsuit filed in a San Francisco federal court accuses Coinbase of holding $55 million in DAI stablecoins that were allegedly stolen in a hack and laundered through the privacy protocol Tornado Cash. The plaintiff, who claims rightful ownership of the frozen assets, is demanding their immediate return. The case highlights the growing legal tension between cryptocurrency exchanges, victims of theft, and the regulatory framework surrounding frozen digital assets. The Allegations and Frozen Funds According to the complaint, an unidentified hacker stole approximately $55 million in DAI and then used Tornado Cash to obfuscate the transaction trail before depositing a portion of the funds into a Coinbase account. Coinbase subsequently froze the assets, citing security concerns. The plaintiff, who has not been named publicly, asserts that the funds belong to them and that Coinbase is unlawfully withholding the money. The lawsuit also names the presumed hacker as a defendant, though their identity remains unknown. Coinbase has publicly acknowledged that it holds the funds in question. In a statement, the exchange indicated that it requires a court order to release the frozen assets, a standard procedure in cases involving potentially stolen or illicit funds. This position places the exchange in the middle of a complex legal dispute between the alleged victim and the unknown perpetrator. Broader Implications for Crypto Exchanges This lawsuit underscores a recurring challenge for centralized exchanges: balancing the duty to protect customer assets with the legal obligation to comply with anti-money laundering (AML) and know-your-customer (KYC) regulations. When funds are flagged as potentially stolen, exchanges often freeze them pending investigation. However, determining the rightful owner can be legally fraught, especially when the funds have passed through privacy tools like Tornado Cash. Tornado Cash itself has been a flashpoint in crypto regulation. The U.S. Treasury Department sanctioned the protocol in 2022, alleging it facilitated money laundering by North Korean hackers and other illicit actors. While those sanctions have faced legal challenges, the tool remains a focal point for regulators. The involvement of Tornado Cash in this case adds a layer of regulatory complexity, as exchanges must decide whether to honor the sanctions or risk facilitating illegal transactions. What This Means for DAI Holders and Investors For everyday crypto users, the case serves as a reminder that stablecoins like DAI, while designed to maintain a 1:1 peg to the U.S. dollar, are not immune to theft or legal disputes. When assets are frozen by an exchange, recovery can require costly and time-consuming litigation. The outcome of this lawsuit could set a precedent for how exchanges handle frozen assets linked to hacks, particularly when privacy tools are involved. Legal experts note that the case may also test the limits of Coinbase’s liability. If the court rules that the exchange must return the funds to the plaintiff without a clear identification of the hacker, it could open the door to similar claims from other alleged victims. Conversely, if Coinbase is required to hold the funds until the hacker is identified, it may create a backlog of frozen assets and legal battles. Conclusion The lawsuit against Coinbase over $55 million in frozen DAI is a significant development in the ongoing intersection of cryptocurrency, privacy, and law enforcement. As the case progresses through the federal court system, it will likely influence how exchanges manage frozen assets and respond to claims of theft. For now, the frozen DAI remains in limbo, awaiting a judicial decision that could have lasting implications for the broader crypto ecosystem. FAQs Q1: Why did Coinbase freeze the DAI funds? Coinbase froze the funds after they were flagged as potentially stolen, following a hack and laundering through Tornado Cash. The exchange requires a court order to release them, as standard procedure in such cases. Q2: What is Tornado Cash and why is it relevant? Tornado Cash is a privacy protocol that obscures transaction trails on the Ethereum blockchain. It has been sanctioned by the U.S. Treasury for alleged use in money laundering, making its involvement in this case a key legal and regulatory issue. Q3: Could this lawsuit affect how other exchanges handle frozen assets? Yes. The court’s decision may set a precedent for how exchanges determine the rightful owner of frozen funds, especially when the funds have passed through privacy tools. It could also influence future regulatory guidance on asset freezes and recovery. This post Coinbase Sued Over $55M in Frozen DAI Tied to Hack and Tornado Cash Laundering first appeared on BitcoinWorld .