Web3 Fraud Files News | Cryptic Daily

Resolv Labs AWS KMS exploit visualization showing compromised private key enabling unauthorized USR stablecoin minting and DeFi contagion

Resolv Labs AWS KMS Exploit: How a Compromised Key Minted $25M in USR

On March 22, a compromised AWS KMS key let attackers mint 80M USR for $200K in USDC. The depeg spread bad debt across Morpho Blue, Euler, and Fluid.

Marcus Bishop

about 5 hours ago

Abstract visualization of the Balancer V2 DeFi exploit — liquidity pool curves collapsing as precision rounding errors cascade through the batchSwap function, draining $128 million across six blockchains.

Web3 Fraud Files8 min read

Balancer V2 Rounding Exploit: $128M Drained in 30 Minutes

On November 3, 2025, an attacker drained $128M from Balancer V2 Composable Stable Pools across six blockchains in under 30 minutes — using a rounding error that survived 11 audits.

Zashleen Singh

Yesterday

Dark technical editorial illustration of the UK Xinbi sanctions case, showing a Cambodian scam compound, a crypto marketplace supporting fraud operations, and frozen assets tied together as one industrial scam infrastructure network.

Web3 Fraud Files7 min read

UK Xinbi Sanctions: Anatomy of Scam-Centre Infrastructure

Britain’s Xinbi sanctions treat crypto fraud as industrial infrastructure: marketplaces, compounds, trafficked labor, and property networks working together.

Zashleen Singh

Mar 31, 2026

Dark technical editorial illustration of the ONUS fraud case, showing exchange-controlled token issuance, fake liquidity loops, manipulated pricing, and investor funds drawn into a centrally managed crypto market illusion.

Web3 Fraud Files8 min read

ONUS Vietnam Arrests: Anatomy of a Fake-Liquidity Scam

Vietnam’s ONUS arrests point to a familiar fraud template: exchange-controlled tokens, fabricated liquidity, and platform-run pricing sold as organic market demand.

Marcus Bishop

Mar 31, 2026

Dark technical illustration of the Steakhouse frontend hijack, showing DNS records redirecting a DeFi website to a phishing clone while underlying smart contracts and deposited funds remain intact beneath the compromised interface.

Web3 Fraud Files6 min read

Steakhouse Frontend Hijack: DeFi’s Real Attack Surface

Steakhouse’s incident shows how DeFi users can face real danger even when contracts stay safe, because DNS and support-desk failures can turn trusted frontends into phishing traps.

Zashleen Singh

Mar 31, 2026

Dark forensic illustration of the Uranium Finance case, showing a 2021 DeFi exploit traced through laundering routes and later tied to a federal indictment and crypto asset seizure in 2026.

Web3 Fraud Files7 min read

Uranium Finance Indictment: Why Old DeFi Hacks Are Now Cases

he Uranium Finance indictment shows how old DeFi exploit cases become criminally viable once investigators can follow funds, seize assets, and name suspects.

Marcus Bishop

Mar 31, 2026

Web3 Fraud Files6 min read

New Hampshire Crypto ATM Bill Targets Elder Fraud

The New Hampshire crypto ATM bill is not really about crypto adoption. It is about fraud containment. New Hampshire lawmakers are advancing a measure that would cap daily kiosk deposits, force a…

Cryptic Daily Desk

Mar 31, 2026

Web3 Fraud Files6 min read

Russian Crypto Trader Scams Expose P2P Market Risks

Russian crypto trader scams are spreading through fake peer-to-peer deals, cloned support chats, and messaging-app impersonation, according to police warnings cited by DL News and Russia's Interior…

Cryptic Daily Desk

Mar 31, 2026

Web3 Fraud Files7 min read

Resolv Hack Exposes DeFi's Off-Chain Blind Spot

The Resolv hack was not a classic smart contract bug. It was a control failure around a privileged off-chain signer. On March 22, Resolv's USR stablecoin was hit by an exploit that let an attacker…

Cryptic Daily Desk

Mar 31, 2026

Web3 Fraud Files7 min read

Uranium Finance Hack Charges Revive DeFi Security Questions

Uranium Finance hack charges have turned one of DeFi's ugliest 2021 blowups into a live criminal case. The U.S. Attorney's Office for the Southern District of New York said March 30 that Jonathan…

Cryptic Daily Desk

Mar 31, 2026

Dark technical illustration of a Tron wallet phishing scam, showing fake FBI-branded tokens airdropped to users, a phishing path toward a fake compliance site, and blockchain analytics tracking mass wallet targeting.

Web3 Fraud Files7 min read

FBI Tron Token Scam: How Wallet Phishing Is Evolving

The FBI’s fake-token warning on Tron shows how crypto fraud is shifting from code exploits to wallet-level social engineering built for cheap, mass distribution.

Marcus Bishop

Mar 29, 2026

Dark technical editorial illustration of a crypto SEC settlement, showing a $10 million enforcement case tied to wash-trading allegations, court documents, and a narrowed regulatory judgment.

Web3 Fraud Files8 min read

Justin Sun SEC Settlement: What the $10M Deal Signals

Justin Sun’s SEC deal shows the agency still wants penalties in crypto fraud cases, but under new leadership it is settling narrower and cheaper.

Zashleen Singh

Mar 29, 2026

Dark technical illustration of the FTX Recovery Trust payout process, showing a $2.2 billion creditor distribution flowing through court-approved channels while highlighting the broken custody segregation and reserve gaps that caused the bankruptcy.

Web3 Fraud Files7 min read

FTX March 31 Payout: What $2.2B Actually Does Not Fix

FTX’s $2.2 billion March 31 payout is real, but it is not an on-chain BUSD repayment and it does not erase the custody failures that caused the collapse.

Marcus Bishop

Mar 29, 2026

Dark technical illustration of a crypto broker insolvency, showing frozen withdrawals, a gap between client balances and actual reserves, court-frozen bitcoin, and failed custody segregation controls.

Web3 Fraud Files7 min read

BlockFills Freeze: Why a $77M Gap Escaped Client Safeguards

BlockFills’ freeze and bankruptcy exposed a basic institutional failure: clients trusted a custodian they could not independently verify was actually segregating their assets.

Marcus Bishop

Mar 29, 2026

Dark technical illustration of the Moonwell cbETH oracle bug, showing a missing oracle multiplication step pricing cbETH at $1.12, triggering automated liquidations and leaving bad debt across a DeFi lending market.

Web3 Fraud Files7 min read

Moonwell cbETH Oracle Bug: How $1.78M Vanished on Base

Moonwell’s February cbETH incident was not a hack. It was a one-line oracle mistake that liquidated healthy users and exposed weak deployment safeguards.

Zashleen Singh

Mar 29, 2026

Dark technical illustration of an Aave wstETH liquidation incident, showing a misconfigured oracle cap feeding a bad price into a lending market and triggering automated liquidations across otherwise healthy positions.

Web3 Fraud Files7 min read

Aave wstETH Oracle Error: Why One Bad Cap Triggered $27M

Aave’s March 10 wstETH incident was not a hack. It was an automated oracle-parameter failure that turned a safety layer into a liquidation trigger.

Marcus Bishop

Mar 29, 2026

Dark technical illustration of the Solv BRO vault exploit, showing a callback-based double mint on Ethereum inflating BRO tokens, redeeming into SolvBTC, and draining value through WBTC and ETH swap routes.

Web3 Fraud Files7 min read

Solv BRO Vault Exploit: How a Double Mint Drained SolvBTC

Solv’s BRO vault exploit was an Ethereum double-mint bug, not a bridge failure. The deeper problem is that the live mint path appears to have sat outside the real audit perimeter.

Marcus Bishop

Mar 29, 2026

Dark technical illustration of the YieldBlox oracle attack on Stellar, showing a manipulated thin-liquidity price feed inflating collateral, funds draining from a lending pool, and validators quarantining stolen XLM.

Web3 Fraud Files7 min read

YieldBlox Oracle Attack: Why Stellar Freeze Tools Matter

YieldBlox’s oracle attack exposed thin-liquidity pricing risk on Stellar, but the bigger story is how validator quarantine changed the loss profile.

Zashleen Singh

Mar 29, 2026

Dark technical illustration of the Venus Thena market exploit, showing a donation attack inflating collateral, assets borrowed out of the lending protocol, liquidation bots unwinding the position, and a remaining pocket of bad debt.

Web3 Fraud Files8 min read

Venus Thena Exploit: Why a Known Flaw Stayed Unfixed

Venus’s THE-market exploit left ~$2.15M in bad debt, but the deeper story is governance: a flagged donation flaw stayed live until it was used.

Marcus Bishop

Mar 29, 2026

Dark technical illustration of a stablecoin exploit showing a compromised off-chain signing key minting unbacked tokens into an Ethereum contract, with swap routes draining value while the collateral vault remains intact.

Web3 Fraud Files7 min read

Resolv USR Exploit: Why One Off-Chain Key Broke the Peg

Resolv’s $24M USR exploit was not a normal contract bug. It was a key-management failure that let one privileged signer print unbacked supply.

Marcus Bishop

Mar 28, 2026