-
Figure Tech breached after an employee fell for a scam; ShinyHunters leaked 2.5GB of sensitive data.
-
Step Finance lost $29M in SOL after hackers accessed treasury wallets, cause remains unclear.
-
Social engineering and AI scams are rising, threatening both tech firms and crypto platforms alike.
A growing wave of cyberattacks has shaken the tech and crypto sectors, highlighting the risks of human-targeted exploits. Recently, Figure Technology disclosed a breach after an employee fell for a social engineering scam, allowing hackers to access a few files.
The company confirmed that it had notified the affected partners and provided them with free credit monitoring services. Moreover, the reporters highlighted that the spokesperson of Figure did not respond to several specific questions regarding the breach. The black-hat hacking group ShinyHunters took responsibility for the breach on their dark web platform, claiming that the company failed to satisfy their demands, leading to the leakage of 2.5 GB data.
In addition, Figure explained, “We also recently discovered that an individual was tricked into handing over their login credentials, which allowed a user to download a few files using their account. We immediately acted to put a stop to it and retained a forensic firm to help determine which files were compromised.” As a result, it was determined that the attack was a social engineering attack, which relies on psychological manipulation to obtain unauthorized access.
Recently, Chainalysis reported that scammers have managed to steal a staggering $17 billion in cryptocurrency within the last year using AI to enhance impersonation and social engineering attacks. This is in line with the industry concern that arose after a report by Privacy Rights Clearinghouse in December 2025, which indicated that regulators have filed over 8,000 filings that affect at least 374 million people.
Broader Implications for Tech and Crypto
Anonymous sources revealed that Figure’s breach might be part of a larger campaign targeting companies using Okta’s single sign-on service. Other alleged victims include the University of Pennsylvania and Harvard University.
Meanwhile, Step Finance, a major DeFi platform on Solana, confirmed a breach affecting several treasury and fee wallets. Onchain data shows hackers unstaked about 261,854 SOL, moving funds to unknown addresses. At a price of $110 per SOL, these transfers total nearly $29 million.
Step Finance posted on X, “We experienced a security breach in some of our treasury wallets a few hours ago, and we are currently looking into it… We will share more details later.” However, the company did not specify the breach’s root cause, sparking speculation over smart contract flaws or access control issues.
Consequently, the community questioned whether user funds outside treasury wallets faced risk. Despite repeated media inquiries, Step Finance declined to provide further comment.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Resolv: Strongly recommend not to trade or acquire USR at this time.
Resolv Labs strongly advises against trading or acquiring USR, as illegally minted USR has been mixed with legitimate USR, posing trading risks. An recovery plan for affected holders is currently under evaluation, but the effectiveness of any remedial measures cannot be guaranteed. Continuing to trade may complicate the asset recovery process.
BlockBeatNews29m ago
A CEX platform requires users to input their plaintext seed phrase on a specific page.
Gate News reports that on March 26, Co-founder Yu Xian of SlowMist stated that a certain CEX has taken down the page that required users to input their plaintext seed phrases. He pointed out that the security model for online web pages is very weak, much lower than that of extensions and apps; collecting plaintext seed phrases through online web pages is easy for phishing sites to imitate and has long been a common phishing tactic.
GateNews49m ago
Moonwell suffers governance attack; attacker attempts to control over $1 million in funds with $1,800.
DeFi lending protocol Moonwell has experienced a governance attack. The attacker purchased approximately 40 million MFAM tokens for $1,800 and attempted to transfer admin rights of core contracts such as the lending market through a proposal to extract user funds. Voting is currently underway, with opposition votes leading, but the outcome has not yet been decided.
BlockBeatNews1h ago
Moonwell suffers governance attack, with attackers spending $1,800 to push malicious proposals, risking $1.08 million in funds.
On March 26, DeFi lending protocol Moonwell was subjected to a governance attack. The attacker used about $1,800 to purchase 40 million MFAM tokens and pushed a malicious proposal, putting over $1 million of user funds at risk. The proposal transferred control to the attacker's contract, affecting multiple lending markets.
GateNews1h ago
U.S. Indicts Chinese Firms in Fentanyl Case Involving Crypto Payment Networks
U.S. prosecutors have indicted Chinese companies and nationals for supplying fentanyl precursors and facilitating payments via cryptocurrency. The case, linked to global networks and targeting international smuggling, highlights the role of stablecoin flows in the drug trade.
LiveBTCNews2h ago
Hong Kong police announce progress in JPEX scam case: 80 people arrested, assets frozen worth approximately HKD 228 million
Hong Kong police are investigating the JPEX virtual asset trading platform scam. Since September 2023, they have arrested 80 people, frozen assets worth approximately HKD 228 million, and over 2,700 victims are involved with a total amount of HKD 1.6 billion. Authorities are searching for the mastermind and accomplices.
BlockBeatNews3h ago
