BEARISH 📉 : CrossCurve exploit adds to $370M January crypto thefts

CrossCurve Bridge Exploit Stopped

CrossCurve, formerly EYWA, halted a bridge exploit targeting its cross-chain token system.
The attack exploited a smart contract flaw on the Ethereum side, causing unauthorized token releases.
Stolen EYWA tokens from Ethereum cannot be moved or sold due to frozen deposit channels.
Arbitrum assets were unaffected, and no new supply entered the market.

Exchange Coordination and Legal Steps

CrossCurve contacted exchanges like KuCoin, Gate, MEXC, BingX, and BitMart to block stolen tokens.
Ten Ethereum addresses linked to the hack have been flagged.
Wallets have 72 hours to return funds or face legal action, including criminal referrals and public disclosures.

Exploit Details and Impact

The exploit involved a fake cross-chain message bypassing validation checks, triggering token releases.
Estimated losses are around $2.76 million, with significant amounts on Ethereum and Arbitrum.

January Theft Surge

January saw $370.3 million lost to exploits and scams, with phishing accounting for $311.3 million.
A major social engineering scam resulted in a $284 million loss.
The largest technical hack was Step Finance, losing $28.9 million after treasury wallets were compromised.

The CrossCurve incident underscores ongoing vulnerabilities in DeFi systems, emphasizing the need for robust security measures.