The Mobius DeFi and real-world asset tokenization platform suffered a sensible contract exploit on the BNB Chain on Could 11, resulting in the theft of $2.15 million in Mobius Tokens (MBU), reported blockchain safety agency Cyvers.
“Two minutes previous to the exploit, our system recognized a deployment of a malicious sensible contract that finally focused the Mobius Token sensible contracts,” Cyvers acknowledged.
They added that the attacker executed a number of malicious transactions by way of the contract, concentrating on the sufferer’s deal with.
Nevertheless, there was no point out of the exploit on the MobiusDAO X feed.
ALERT
Our system has detected an exploit on Mobius Token sensible contracts, draining over $2.15M in Mobius Token ($MBU) on BNB Chain.Two minutes previous to the exploit, our system recognized a deployment of a malicious sensible contract, that finally focused the Mobius Token… pic.twitter.com/NEG5AXdfoc
— Cyvers Alerts (@CyversAlerts) Could 11, 2025
MBU Crashes to Zero
Cyvers added that the hacker rapidly deposited the stolen loot into the crypto mixer Twister Money to obfuscate the transactions.
Blockchain safety agency CertiK additionally posted an alert stating that the hacker minted 9.7 quadrillion BEP-20 MBU tokens, which they swapped out for stablecoins.
The transaction file additionally indicated that the hacker deposited simply 0.001 wrapped BNB, price round $0.65, and was in a position to exploit the sensible contract.
Because of this, the MBU token worth crashed to zero, in line with DEXscreener.
Ethereum’s newest Pectra community improve has additionally launched a harmful new assault vector that might enable hackers to empty funds from wallets utilizing solely an offchain signature, reported safety researchers over the weekend.
Ledger, a Hacking Sufferer … Once more
Mobius isn’t the one hack sufferer this weekend. French {hardware} pockets maker Ledger has been the sufferer of hacking but once more.
Over the weekend, an attacker compromised a contracted moderator’s account on Ledger’s Discord channel and used it to put up rip-off hyperlinks.
Customers have been instructed a couple of false “vulnerability” and urged to “confirm restoration phrases” by way of a malicious hyperlink. Ledger managed to regain management of its account and take away the malicious hyperlinks.
Former Binance CEO Changpeng Zhao commented on the newest Ledger assault, stating, “Social community accounts for a crypto firm are sometimes the weakest hyperlinks.”
Simply bought this safety warning.
Ledger’s Discord admin account was hacked. The scammer falsely claimed a safety flaw and urged customers to enter their restoration phrases on a phishing web site.
Classes:
1. By no means surrender your non-public key restoration phrases regardless of who’s doing the…— CZ BNB (@cz_binance) Could 12, 2025
Ledger has been embroiled in scams and hacks over the previous 5 years.
In April, scammers despatched bodily letters to Ledger homeowners requesting seed phrases in a rip-off that could be related to Ledger’s 2020 knowledge breach, which uncovered private data and bodily addresses of greater than 270,000 clients.
The put up Mobius Exploited for $2.1M Whereas Scammers Breach Ledger’s Social Media appeared first on CryptoPotato.