0
0
Hackers drained $2.15 million from Mobius Token ($MBU) smart contracts on the BNB Chain early on May 11. The exploit targeted a critical vulnerability, according to a statement from blockchain security firm Cyvers Alerts.
At 07:31:38 UTC, the attacker deployed a malicious contract from address 0xb32a53. Just two minutes later, the exploit began. The attacker drained funds from the victimās wallet 0xb5252f. Cyvers confirmed the use of contract 0x631adf to execute the attack.
The malicious actor stole 28.5 million MBU tokens. The attacker then converted the tokens into $2.15 million worth of USDT. Cyvers labeled the incident as ācriticalā and cited suspicious code and abnormal transactions.
Notably, the attackerās wallet remains active. They have deposited the stolen funds into Tornado Cash, a privacy tool that obscures fund sources. The Mobius Token team has not yet released an official statement on the matter.
Cyvers detected the malicious contract two minutes before the exploit began. The early detection did not prevent the loss, but it highlighted the growing need for real-time defense systems. According to Cyvers, āabnormal transaction patternsā played a key role in the attackās success.
This exploit adds to a string of recent hacks in the DeFi space. In April 2025 alone, 18 incidents led to nearly $360 million in losses. Security firm PeckShield recorded a massive 990% increase from Marchās $33 million in hacks.
The largest incident in April involved a $330 million unauthorized Bitcoin transfer. On-chain investigator ZachXBT flagged the attack, which used social engineering to trick an U.S. citizen. That exploit now ranks as the fifth-largest crypto hack in history.
Highlighted Crypto News Today
Arbitrum (ARB) Surged 18%, Hinting at A Potential Reversal
0
0
Manage all your crypto, NFT and DeFi from one placeSecurely connect the portfolio youāre using to start.
13
0
