According to the source, security researchers have documented that the Astaroth (Guildma) banking trojan abuses GitHub to host and retrieve malicious payloads, enabling large-scale credential theft while blending with legitimate traffic, source: Avast Threat Labs and Cisco Talos. Astaroth operates largely fileless and leverages Windows living-off-the-land tools such as WMIC and BITSAdmin to evade detection while harvesting credentials from browsers and email clients, source: Microsoft Security Intelligence. This behavior elevates account-takeover risk for crypto traders who log in to exchanges or manage hot wallets on infected PCs, as stolen credentials remain a leading breach vector, source: Verizon 2024 Data Breach Investigations Report. To mitigate risk, use phishing-resistant multi-factor authentication with hardware security keys for exchange accounts and enable withdrawal address allowlisting, source: NIST SP 800-63B and Binance Support. Storing trading funds in hardware wallets and installing software only from verified sources further limits exposure to malware-based theft, source: Ledger Security and Microsoft Security Intelligence.

According to the source, a public X post dated Sep 22, 2025 reports that a Crypto.com data breach has been linked to the Scattered Spider hacker collective, noting no technical details or incident timeline were provided in the post and that the claim awaits official confirmation from the exchange; traders should treat this as an unconfirmed report. Source: public X post dated Sep 22, 2025. Scattered Spider has been documented employing social engineering, SIM swapping, and MFA-fatigue techniques against enterprises, tactics that are directly relevant to centralized exchange account security and potential data compromise pathways. Source: CISA joint cybersecurity advisories (2023). Historically, security incidents at crypto venues have coincided with short-term net outflows, wider bid-ask spreads, and increased price volatility; monitor CRO (CRO) order books, withdrawal processing status, and on-chain hot-wallet flows for early stress signals. Source: BIS Bulletin on crypto runs and market liquidity (2022).

According to @ai_9684xtpa, asset security is the most critical safeguard for a top crypto exchange, with Binance’s scale cited at roughly 6,000 employees based on a prior remark attributed to Richard Teng, highlighting the operational focus required to protect user funds; source: @ai_9684xtpa. U.S. Treasury, State Department, and FBI have formally warned that DPRK-linked actors, including IT workers and Lazarus Group, target crypto companies via remote hiring, fake resumes, and social engineering, elevating infiltration risk at exchanges; source: U.S. Treasury, State Department, and FBI joint advisory on DPRK IT workers and DPRK cyber threats, published May 2022 and updated 2023. For traders, these verified threat vectors mean exchange counterparty risk and security posture directly affect withdrawal reliability, liquidity conditions, and short-term volatility during incidents, so venue selection and fund allocation should account for security controls and hiring vetting practices; source: U.S. Treasury, State Department, and FBI joint advisory as above, and the operational risk emphasis noted by @ai_9684xtpa.

According to on-chain researcher ZachXBT, a pig butchering scam group is actively using a new deposit address on the BigONE exchange, despite the exchange's claim to have frozen a portion of previously involved assets. ZachXBT alleges that the same group, which used a prior account for seven months uninterrupted, has funneled approximately $4.5 million from scams into a new BigONE Bitcoin (BTC) deposit address within the last week. This highlights potential security vulnerabilities and raises concerns for traders about the effectiveness of the exchange's monitoring and anti-money laundering procedures.

According to Crypto Rover, the cryptocurrency exchange BigONE has reportedly suffered a major security breach, resulting in a loss of $27 million. The source indicates that the hack specifically targeted the exchange's hot wallet. For traders, this incident highlights the significant security risks associated with holding assets on centralized exchanges and could potentially impact user confidence and trigger increased withdrawal activity from the platform. This event serves as a critical reminder of the importance of robust security measures and the potential for market volatility following such breaches.

According to @EmberCN, the hacker who stole $23 million in various tokens from Bitrue exchange in April 2023 has successfully converted all assets to ETH and laundered them through Tornado Cash over a two-year period. The assets' value increased by $9.36 million due to ETH price appreciation, and the hacker further profited $4.72 million by trading ETH, selling high and buying low. This incident highlights ongoing security risks for centralized exchanges and the impact of sophisticated laundering techniques on ETH market dynamics. (Source: @EmberCN on Twitter, June 12, 2025)

According to Greg Brockman on Twitter, o3 has identified a security vulnerability in the Linux kernel, as cited in his tweet dated May 24, 2025 (source: Greg Brockman Twitter). This development is highly relevant for cryptocurrency traders and exchanges, as many crypto trading platforms depend on Linux-based infrastructure. Any exploit or patch related to this kernel vulnerability could directly affect exchange uptime, wallet security, and overall network stability, leading to potential volatility in crypto markets and changes in risk management strategies.

According to Evan (@StockMKTNewz) and Bloomberg, Coinbase ($COIN) hackers have reportedly had access to customer data since January 2025. This security breach raises serious concerns for crypto traders as it may affect user trust and platform stability. The news could trigger volatility in Coinbase stock and broader cryptocurrency market sentiment as traders reassess risk management and exchange security. Source: https://twitter.com/StockMKTNewz/status/1923093182369173844 and Bloomberg.

According to @ThinkingUSD, there is concern regarding the potential compromise of @safe, a widely used security protocol by cryptocurrency exchanges. The implications of such a compromise could be significant, affecting the security and reliability of transactions across platforms that depend on this protocol. Traders are advised to stay informed about official statements from exchanges and closely monitor any updates concerning the security of their assets.

According to Cas Abbé, North Korean hacker group Lazarus has executed the largest crypto hack in history, stealing $1.46 billion worth of ETH from Bybit. The breach occurred during Bybit's regular weekly transactions to its warm wallet, drawing parallels to the previous WazirX hack. This development is critical for traders monitoring exchange security and potential impacts on Ethereum market liquidity.

According to Lookonchain, the hacker who attacked Bybit and stole $1.4 billion in assets received Ethereum from Binance for gas fees, highlighting potential vulnerabilities in exchange interactions and fund movements. This incident emphasizes the importance for traders to monitor exchange security protocols closely and verify the origins of transactions to prevent similar breaches.

According to ZachXBT, there is skepticism regarding the credibility and trustworthiness of individuals without formal law enforcement or security firm background in advising cryptocurrency exchanges on security matters. This raises concerns for traders about the reliability of security claims by such individuals, impacting trust levels in trading platforms (source: ZachXBT).