The highlights of Zero Hour Technology's monthly security events have begun! According to incomplete statistics, in June 2025, the cryptocurrency field suffered losses of approximately US$184 million due to hacker attacks, fraud and vulnerability exploits. Among them, hacker attacks were particularly prominent, with a total of 15 incidents, resulting in the highest loss of about 70%, or US$84 million. Among the many types of attacks, attacks on cryptocurrency exchanges were the most serious, such as the hacker attack on Iran's Nobitex exchange, which caused a loss of nearly US$100 million. In terms of fraud and vulnerability exploitation, it also resulted in a loss of approximately US$36 million, which brought a considerable impact to investors and the industry.

Hacker attacks

6 typical safety incidents

• Magickbase hacked

Amount of loss: approximately $3.7 million.

Details of the incident: On June 2, Magickbase released an update on the hacker attack on the X platform. It is currently actively cooperating with local law enforcement agencies and partner exchanges to investigate the incident and identify the responsible party. The total amount of funds affected is approximately US$3.7 million, of which approximately US$3.1 million is on the Ethereum chain and approximately US$600,000 is on the BNB Chain. For safety reasons, Force Bridge (ETH/BSC to CKB bridge) has been temporarily disabled.

• Alex Protocol attack

Amount of loss: $8.3 million.

Event details: On June 6, the Bitcoin DeFi platform Alex Protocol was attacked due to a self-list verification logic vulnerability, and the attacker stole STX, sBTC, USDC and other assets from the asset pool. This is one of the largest attacks in the Stacks ecosystem, and the platform promised to fully compensate users.

• Nobitex exchange attack

Amount of loss: approximately $100 million.

Details of the incident: On June 18, Iran's largest crypto exchange Nobitex was attacked by the pro-Israel hacker group Gonjeshke Darande. The attackers stole TRX, BTC, DOGE and other assets by hacking into hot wallets, and transferred part of the funds to inaccessible vanity addresses for destruction. The platform fully covered user losses through reserve funds, but the exposure of technical vulnerabilities triggered a crisis of trust.

• CosmFinance hacked

Amount of loss: $310,000.

Event details: On June 23, its monitoring system found that the attacker used CosmFinance's unverified contract to frequently call function 0x062bb125() to sell excess CSM tokens and make a profit of about $310,000 through arbitrage operations.

• Silofinance attack

Amount of loss: $545,000.

Event details: On June 25, we monitored an attack on SiloFinance on Ethereum. The cause of this vulnerability was that SiloFinance's smart contract vulnerability was exploited when testing the leverage function, and the attacker drained liquidity through flash loan arbitrage. The platform suspended the affected contracts and initiated the compensation process. The price of the token SILO plummeted by 11% that day.

• NOYA.ai attack

Amount of loss: $36,000.

Details of the incident: On June 28, NOYA.ai released a report on a hacker attack. The incident was caused by a developer who had unauthorized access to a wallet that had the right to add a connector to the protocol. The total loss was about 14.5 ETH. The malicious connector has been deleted, and the contract ownership has been updated to protect the funds. The attacker's address has also been reported to the centralized exchange. An external security auditor will be hired to conduct a comprehensive review, introduce a delay/time lock connector, launch a bug bounty program, and conduct a comprehensive review of all access control functions.

Rug Pull / Phishing Scam

7 typical safety incidents

(1) On June 9, an address upgraded to EIP-7702 was phished and lost 20 tokens worth approximately $19,000 through three malicious batch transactions.

(2) June 15, fake MetaMask customer service scam

Amount of loss: $1.8 million (over 200 users affected)

Method: Google ads induce visits to phishing websites

(3) On June 16, the address starting with 0xdad lost $150,000 after signing a phishing transaction.

(4) On June 23, the address starting with 0xAc06 lost 103M HOLD (~$93k) due to signing a phishing transaction.

(5) On June 24, the address starting with 0x9192 resulted in a loss of 108k USDT due to signing a phishing transaction.

(6) On June 27, the address starting with 0x3c25 lost 198,864 SUSHI (~$115k) due to signing a phishing signature.

(7) June 27, Across Protocol governance scandal

Amount of loss: $23 million

Type: Rug Pull (internal use)

Details: Across, a cross-chain bridge protocol, was accused of misappropriating funds by manipulating DAO votes, and the team transferred $23 million to unknown accounts. The attacker used the advantages of governance tokens to create the illusion of community support, and the incident exposed the centralization risk of the DAO mechanism.

Summarize

In summary, the security situation in the cryptocurrency field in June 2025 is still severe. Hacker attack methods are emerging in an endless stream, and driven by political factors and economic interests, the losses caused by attacks are huge. From the Nobitex exchange incident, it can be seen that even if the platform can protect user funds from damage, the trust crisis caused by technical loopholes still needs time to repair. Fraud methods are constantly being updated, and phishing, Rug Pull, etc. make investors defenseless. The entire industry needs to further strengthen security protection measures, and investors must also enhance risk awareness, be cautious about various investment projects, and carefully identify them to avoid becoming victims. Only through joint efforts of all parties can the frequency of security incidents be reduced and the healthy development of the cryptocurrency field be guaranteed.