The Big Coinbase Hack of 2025: Social Engineering, Insider Role, and Implications for User Reputation and Security

Decentralized cryptocurrency exchange KiloEx has suffered a major security incident — an exploit worth around $7.5 million . After discovering the vulnerability, the platform’s team quickly suspended operations and began investigating, involving cybersecurity partners and ecosystem representatives 1 5 .

The gist of the incident and KiloEx’s response

The exploit involved manipulating a price oracle , a mechanism that feeds cryptocurrency price data to the exchange’s smart contracts. According to initial analysis by cybersecurity experts PeckShield, the attacker was artificially lowering the price of ETH/USD by creating positions at $100 and then immediately closing them at an inflated price of around $10,000 per ETH, allowing him to withdraw huge profits amounting to millions of dollars in a single transaction 5 .

Chaofan Shou, co-founder of the analytics company Fuzzland, also noted that the vulnerability was due to the lack of full verification of the forwarding calling oracle, which allowed for price manipulation and led to an exploit. According to the expert, this vulnerability was “very simple” 5 .

Extent of damage and ways to avoid it

Of the $7.5 million stolen, about $3.3 million was withdrawn on the Base blockchain, $3.1 million on opBNB, and about $1 million on Binance Smart Chain (BSC), with some funds in USDC stablecoins 2 3 . After the hack, the stolen funds were moved across zkBridge and Meson bridges , protocols for cross-chain transactions through which KiloEx attempts to monitor and stop transactions to prevent further losses 5 .

Response and Compensation Measures

The exchange team immediately suspended the platform’s operations to localize the exploit and launched cooperation with major cybersecurity companies, including Seal-911, SlowMist and Sherlock, as well as partners from BNB Chain and Manta Network to investigate the incident and attempt to recover assets 5 .

KiloEx also offered the hacker a bounty program – 10% of the recovered funds (about $750,000) in exchange for returning most of the stolen assets and ceasing further actions. Thanks to these measures and cooperation with law enforcement and legal authorities, some of the funds were returned 3 6 9 .

In addition, KiloEx announced its readiness to cover the losses of traders affected by the platform suspension, compensating for the difference in profits and losses that arose due to the halt in trading. Owners of funds in the KiloEx Hybrid Vault staking vaults were promised a full refund with an additional annual return of about 10% APY until operations resumed 3 8 .

Consequences for the brand and the market

News of the hack caused the value of KiloEx’s native token (KILO) to drop by more than 27%, dropping to around $0.036, well below its all-time high of $0.1648 reached in late March 2025 2 5 .

KiloEx was founded in 2023 and is backed by leading investor and strategic partner Binance Labs. The incident comes just days after the announcement of a strategic partnership with Web3 venture capital firm DWF Labs, which planned to expand the exchange’s market presence and accelerate its growth. DWF Labs launched a $250 million Liquid Fund to back promising Web3 projects 5 .

Industry context

The KiloEx incident was one of the significant hacker attacks of 2025 – according to Hacken, losses from hacks of cryptocurrency systems exceeded $3.1 billion this year, which highlights the importance of reliable security in decentralized financial services [no direct link, but noted in the original data].

Thus, the issue of price oracles remains one of the main vulnerabilities in the DeFi environment. The prompt actions of the KiloEx team, cooperation with cybersecurity firms and partner blockchain protocols allowed us to localize the damage, begin returning the stolen funds and offer compensation to the affected traders. However, this incident became a painful test for both the platform and the trust of users in it.

The largest security incident in cryptocurrency history occurred on February 21, 2025, when centralized crypto exchange Bybit suffered a massive hacker attack, resulting in the attackers stealing approximately $1.46–$1.5 billion , mostly in Ethereum, from its cold wallet 1 5 .

Attack progress and hacking mechanisms

The attack was carefully planned and carried out by the Lazarus group, a notorious state-run hacking collective from North Korea that has been implicated in many high-profile hacking cases, including the 2016 Bangladesh Bank heist and hacks of major blockchain projects from 2022 to 2025 2 5 7 .

Hackers gained access to Bybit’s multisig cold wallet, which is used to store a large portion of the exchange’s funds, and used a combination of techniques including:

Compromise of the infrastructure of the Safe (Gnosis Safe) multisig wallet , which protected assets;
Substitution of the wallet user interface – the attackers showed employees the correct amounts and addresses for signing, while in fact the transactions were fraudulent;
Using sophisticated social engineering techniques and malware to access the keys of authorized persons who have the right to confirm transfers 5 7 .

As a result, the hackers withdrew approximately 401,346 ETH – which was about 0.42% of all Ethereum in circulation 4 7 .

The extent of damage and consequences

The stolen funds were almost completely “laundered” – in ten days, the attackers moved the assets through decentralized exchanges (DEX), cross-chain bridges and mixers, which made it much more difficult to track the money flows 5 8 .

Despite the scale of the damage, Bybit remains one of the leading exchanges in the world, but its market share has dropped from 12% to around 6-8% since the incident 5 .

Bybit’s Response and Recovery Measures

Bybit immediately made progress in returning funds and protecting users’ interests after the hack:

Announced a record reward of up to 10% of the recovered funds, or about $140 million, for help in catching the hackers and returning the stolen assets 3 10 .
Bybit CEO Ben Zhou assured clients that the losses would be compensated, and that the exchange itself has sufficient solvency and reserves in the amount of over $20 billion, which allows it to cover losses even if it is impossible to return the stolen funds 6 .
Leading cybersecurity and cryptoanalytics experts were brought in to investigate the hack and counter the attackers 3 6 .
Within days of the attack, Bybit was able to partially regain control and return a significant portion of the stolen funds 7 .

The significance of the incident for the crypto industry

The hack was the largest in the history of cryptocurrency and demonstrated serious vulnerabilities even in large and well-funded market players. The reasons for the attack are said to be insufficient protection of public and internal processes, in particular multi-signature wallets and the human factor in key management.

He also stressed the critical importance of enhancing cybersecurity and implementing multi-layered defenses in crypto exchange infrastructure to prevent similar disasters in the future.

Thus, the Bybit incident in February 2025 is a landmark case that will serve as a lesson for the entire crypto community, stimulating the improvement of technical and organizational security standards.

If you need a more detailed article with in-depth analysis or translation of specific comments and technical details, I am ready to help additionally.

The cryptocurrency industry has seen a record level of losses from hacker attacks in the first half of 2025, with cybercriminals around the world stealing over $2.17 billion in various digital assets. This has already exceeded the total thefts for the entire 2024 and set a new anti-record for the speed of damage accumulation, according to a report from analytics company Chainalysis and confirmed by data from other industry studies 2 3 6 .

Scale and main trends of losses

At least 75 major hacks and exploits were recorded in the first six months of 2025, up 10% from the record-breaking first half of 2022 and nearly equal to the amount of funds stolen in all of 2024 – around $2.2 billion 1 9 .
If the upward trend in theft continues, the total cost of damage could exceed $4 billion by the end of 2025 – doubling from the previous year 2 6 .
The increase in losses is explained by both a quantitative increase in attacks and a qualitative change: hacks are increasingly strategic in nature, accompanied by the use of complex social engineering schemes and motivated by geopolitical interests, as noted by experts from TRM Labs 1 .

Main directions and types of attacks

The largest single incident was the hack of crypto exchange Bybit in February 2025, which resulted in the theft of approximately $1.46 billion in Ethereum, making it the largest theft in the history of the crypto industry 2 6 8 .
In addition to centralized exchanges, hackers are increasingly attacking users’ personal cryptocurrency wallets , which already account for about 23.35% of all stolen funds in 2025 3 6 .
Common methods include compromising access control systems, phishing, social engineering, exploiting smart contract vulnerabilities, and manipulating multi-signature wallets.
According to the Hacken report, access control was the key vulnerability, accounting for about 59% of the total amount stolen (about $1.83 billion out of $3.1 billion lost in the Web3 sector in the first half of the year), while phishing and social engineering accounted for 19% (about $594 million) 4 .

Consequences and industry response

Overall, the first half of 2025 was the worst period in terms of losses in the entire history of the crypto business.
Despite this, the industry is taking active steps to combat cybercrime: cooperation with analytical and cybersecurity companies is increasing, and new standards of protection and response are being introduced.
Partial returns of stolen funds have been noted – for example, CertiK recorded a return of over $187 million, which adjusted net losses from $2.47 billion to approximately $2.2 billion for the first half of the year 5 8 .
Leading crypto market players, including exchanges and technology projects, are investing significant resources in improving the reliability of the infrastructure, including strengthening multi-factor authentication and improving the monitoring of fraudulent schemes.

Geopolitical context and security challenges

TRM Labs experts highlight the special role of geopolitical interests in modern hacker attacks on crypto projects, which complicates traditional methods of protection and makes threats more strategic and multi-layered 1 .
The leading countries affected by the attacks include the United States, Germany and Russia, where a large number of cryptocurrency users and services are concentrated 3 6 .

Thus, the first quarter of 2025 has become a significant stage in the escalation of security issues in the crypto ecosystem. Record-breaking thefts and the development of hacker attack methods require a comprehensive and coordinated response to protect the digital assets of both large institutions and individual users.

If trends continue, issues of trust and security in crypto services will reach a new level of priority, spurring innovation in blockchain security and regulation.

Data is based on reports from Chainalysis, TRM Labs, CertiK and Hacken for the first half of 2025 1 2 3 4 5 6 8 9 .

In 2025, attacks on personal cryptocurrency wallets increased significantly, which became one of the main reasons for large-scale losses in the industry – they accounted for about 23.35% of the total amount of stolen funds. Attackers use a range of modern methods, including technical vulnerabilities and social engineering, to gain access to private keys and manage wallets.

Main Attack Methods on Personal Cryptocurrency Wallets in 2025

Attacks through frontend vulnerabilities and fake interfaces
Hackers create exact copies of popular crypto services, exchanges and wallets, redirecting victims to phishing sites. Users enter their private keys, passwords or seed phrases, which immediately fall into the hands of scammers. Also common are malicious scripts embedded in legitimate sites that steal data when interacting with them 3 .
Malware distribution via fake CAPTCHAs and advertising networks
In 2024–2025, a particularly popular scheme is fake CAPTCHA, which, when activated, downloads malware to the user’s device — for example, the Lumma Stealer infostealer, which can steal credentials from browsers and wallets. Attackers use advertising networks to promote such malicious sites on a massive scale 1 .
Replacing crypto wallet addresses in the clipboard
Malicious programs such as Amadey replace the crypto wallet addresses copied by the user with the addresses of fraudsters, which leads to funds being sent to the wrong address during transfers 1 .
Phishing and social engineering
Attacks via fake emails, messengers and social networks are one of the most common ways to steal access. Attackers pose as support services of exchanges or other services, convincing victims to give out private keys or transfer funds to fraudulent addresses 4 5 .
Leaks of private keys from open storage
Many users store private keys and seed phrases unprotected – in notes, cloud storage or instant messengers, which makes them vulnerable to attackers accessing devices or accounts 3 .
Analysis and use of data from the browser cache
Attackers determine from the browser cache which crypto services and wallets the victim uses, and collect IP addresses for further attacks and password guessing 2 .

Results and recommendations for protection

In 2025, protecting personal crypto wallets requires a range of measures: using cold wallets (off-line storage of keys), multi-factor authentication, a separate browser or incognito mode for transactions with crypto assets.
You should avoid storing private keys in digital notes or cloud services.
You should carefully check the URLs of websites and avoid clicking on links from dubious emails and messages.
It is recommended to use antivirus software and monitor device security updates.

Thus, the growth of attacks on personal crypto wallets has become one of the main threats to the crypto industry in 2025, requiring users to be extremely vigilant and use advanced security tools.

These findings are based on analysis and investigations of cyber threats in 2024–2025, including reports from reputable cybersecurity and cryptoanalytics companies 1 2 3 4 5 .

Cryptocurrency exchange Phemex became one of the first major victims of the large-scale hacking attacks of 2025: on January 23, the platform was hit by a hack, as a result of which the attackers stole over 85 million US dollars from the exchange’s hot wallets.

Details of the incident and extent of damage

The hack affected hot wallets , which are used for operational transactions and are connected to the internet, while cold wallets containing the bulk of the funds remained safe, as confirmed by Phemex CEO Federico Variola.
Initial damage estimates ranged from $29 million (at the time of discovery) to $69.1 million based on analytics, but blockchain research and MetaMask’s (Taylor Monahan) expertise ultimately put the damage at around $85 million .
During the attack, the attackers were able to withdraw funds from hot wallets on 16 different blockchains , including key networks Ethereum, Bitcoin, Solana, XRP and others.
The hackers sequentially “emptied” each of the wallets, transferring the crypto assets to their addresses and then quickly converting the stolen tokens into unfrozen assets to make tracking more difficult.

Phemex’s response and safety measures

The company quickly detected unusual activity on January 23 and immediately launched emergency response protocols: suspended deposits and withdrawals, disabled vulnerable services, and isolated the affected systems.
Third-party cybersecurity experts and law enforcement were brought in to investigate the incident and assist in blocking the fraudulent transactions.
Phemex has published Proof of Reserves to prove its ability to protect the interests of users.
Following the incident, the exchange significantly strengthened its security measures and launched new monitoring and protection systems, promising to ensure complete security of user assets.
Work with the main assets and networks was gradually resumed: Ethereum (ETH, USDT, USDC), Solana, Arbitrum, Optimism, BSC, Polygon and Base.

Attack features and assumptions about the attackers

Analysts noted that the hack was likely carried out by a well-organized group of attackers with a high level of experience, capable of simultaneously withdrawing many different assets, quickly converting them and using complex laundering schemes.
Some experts and anonymous crypto security researchers have suggested the involvement of North Korean hacker groups, while also recalling other major attacks on crypto projects such as TraderTraitor and Lazarus.

The significance of the incident for the crypto industry

The Phemex incident has exposed the vulnerability of hot wallets, which, while convenient and fast to process transactions, remain the weakest link in the defense of cryptocurrency exchanges.
The loss of over $85 million in funds was one of the largest hacking incidents of early 2025 and further exacerbated the cybersecurity problem in the crypto ecosystem.
The Phemex example highlighted the need for multi-layered security measures, including separating and strengthening controls on hot wallets, using multi-signature wallets, regular auditing, and rapid response to threats.

The Phemex case is therefore an important lesson for all crypto market participants about the constant need to improve security practices, responsiveness, and transparency with users in order to minimize risks and maintain trust in the highly competitive and dynamic digital asset industry.

Cryptocurrency exchange Coinbase was the victim of a massive cyberattack in May 2025, in which hackers managed to obtain the personal data of almost 70,000 users. The attack, which relied on social engineering and insider abuse, resulted in damages of between $200 million and $400 million , making it one of the largest such incidents of the year.

Details of the incident

The attack on Coinbase was long-term: hackers began systematically affecting the company’s infrastructure in December 2024, but the fact of the data leak became public only in May 2025 1 .
Cybercriminals bribed and recruited a group of customer service representatives based outside the US, allowing them to access internal systems and extract personal customer data 2 5 6 .
The stolen data included: full names, residential addresses, phone numbers, email addresses, the last four digits of Social Security numbers, bank details, images of identification documents (passports, driver’s licenses), as well as balance and transaction history information 1 5 6 .
Despite such extensive access, passwords, private keys and user funds remained inaccessible to attackers, and Integrity’s exchange accounts and cryptocurrency storage were also not compromised 1 5 .

Attack mechanism and consequences for users

Using stolen personal data, the scammers carried out targeted social engineering attacks, deceiving Coinbase customers by calling them, posing as security representatives, and convincing them to transfer cryptocurrency to the scammers’ “special accounts” 1 3 6 .
Many users fell for the scam, which turned into a mass phenomenon with losses estimated in the range of $200-400 million 1 3 8 .
The hackers also threatened to leak user data to the dark web, demanding a $20 million ransom from Coinbase. The exchange refused to pay the ransom and instead created a fund of the same amount to reward people who provide information that would help catch the criminals 1 4 .

Coinbase’s Response and Security Measures

Following the disclosure of the incident, Coinbase initiated cooperation with US law enforcement agencies and is also working intensively with international partners and cybersecurity companies to investigate and prevent further attacks 1 2 .
The company announced that it would compensate the affected users whose funds were fraudulently stolen 5 .
Coinbase has terminated all customer service personnel involved in the breach and has reviewed procedures for accessing internal systems, as well as significantly strengthening internal controls and monitoring measures 2 6 7 .
In the face of ongoing attack attempts, Coinbase recommends that customers switch to non-custodial solutions (keeping their private keys themselves) to improve the security of their funds 1 .

Impact on the market and reputation

The incident comes as Coinbase is set to join the S&P 500 in May 2025, further exacerbating the blow to the company’s reputation 1 2 .
Following news of the leak, Coinbase shares fell by about 7%, with many investors questioning the security of centralized crypto platforms.
The social engineering and insider access incident highlighted the need for stricter security measures, not only technical but also organizational, in the cryptocurrency industry 3 7 .

The Coinbase hack of May 2025 thus served as a serious wake-up call to the entire crypto industry about the risks of insider threats and social engineering. When even the largest and most financially stable exchange faces such vulnerabilities, it strengthens the case for users to migrate to decentralized and non-custodial solutions where the control of funds lies entirely with the owners.

All data is presented based on official statements from Coinbase, investigations and analytical reports from leading industry media and experts 1 2 3 5 6 .

How Social Engineering Allowed Attackers to Hack Coinbase

Social engineering played a key role in the May 2025 hack of cryptocurrency exchange Coinbase, allowing attackers to bypass the company’s technical security barriers without directly hacking users’ passwords or private keys.

How Social Engineering Was Used to Attack Coinbase

Insider involvement and customer support bribery
Hackers bribed or recruited Coinbase customer support employees outside the US who had access to internal systems and customer data. These insiders copied user information and passed it on to the attackers. Coinbase fired the identified insiders immediately after the incident was discovered 1 2 5 .
Using stolen data to attack users
The information obtained included names, addresses, phone numbers, emails, partial bank account details, photos of documents, and transaction history. Although passwords and private keys were not compromised, this personal data allowed the fraudsters to contact customers as if they were customer support and convince them to transfer cryptocurrency to fraudulent accounts – a classic social engineering scheme using trust forgery 2 5 9 .
Phishing and Vishing Attacks (including smishing – phishing via SMS)
Attackers carried out phishing emails and phone calls (vishing), posing as Coinbase employees, which allowed them to deceive users and extort funds. Thanks to insider information, these attacks were especially effective and convincing 5 .
Bypassing technical protections without cracking passwords or 2FA
Unlike classic hacker attacks, here the criminals did not have to crack passwords or bypass two-factor authentication. Instead, they relied on trust in the “support service” and data obtained within the company, which simplified access to customer information 5 3 .

Coinbase’s Response and the Aftermath

Coinbase refused to pay the $20 million ransom demanded by the attackers for not revealing the data and created a fund of the same amount to reward information that helps catch the criminals 1 2 .
The company terminated all involved employees and strengthened internal controls and monitoring of access to systems 2 5 .
The incident resulted in massive user losses of between $200 and $400 million due to social engineering-based fraud 2 8 .
This case highlighted the vulnerability of the human factor and the importance of protecting against insider threats, social manipulation and phishing in the crypto industry 5 .

Thus, it was a combination of bribery of employees, use of stolen data and classic social engineering methods (phishing, vishing) that allowed the attackers to attack Coinbase without violating complex technical security systems. This case demonstrates that effective protection in the crypto ecosystem requires not only technical measures, but also strict control of internal access, staff training and vigilance of users.

What Role Do Customer Service Representatives Play in the Coinbase 2025 Vulnerability

Coinbase customer service employees played a key role in the breach and subsequent hack of the exchange in 2025, becoming the internal source of a data leak. The attackers bribed or recruited a group of customer service employees who had access to internal systems and customer information.

Key facts about the role of the support service in an incident:

Bribery and collaboration with hackers : Cybercriminals bribed customer support staff, including overseas agents, who then passed on personal data of Coinbase customers to the attackers – names, addresses, phone numbers, emails, bank details, photos of documents and transaction history 1 2 4 5 .
Transfer of sensitive data : The information obtained in this way allowed hackers to conduct targeted social engineering attacks on users, convincing them to transfer cryptocurrency to fraudulent accounts. Passwords and private keys were not compromised 1 4 6 .
Insider access : Help desk staff had access to administrative tools and internal systems, which allowed data to be leaked and transferred to attackers 3 5 .
Coinbase Response : After discovering the incident, Coinbase fired all involved support staff, strengthened internal controls, began cooperating with law enforcement, and offered restitution to affected users. The exchange also set up a bounty fund to catch the perpetrators, refusing to pay them a ransom 1 2 6 .
Significance of the incident : The breach demonstrated vulnerabilities due to human factors – social engineering and internal betrayal – rather than technical issues with the platform. This highlights the need for strict access controls and regular employee reviews 4 6 .

Thus, Coinbase support staff became the main link through which attackers gained access to confidential information, which directly led to serious financial losses and a drop in trust in the exchange. This incident showed how critical the human factor is in matters of security of cryptocurrency platforms.

Why the Coinbase Data Leak Is Particularly Dangerous for Users

A 2025 Coinbase data breach is particularly dangerous for users for several key reasons, including the scale of the compromised information, the company’s internal vulnerabilities, and the consequences for the victims.

Why this leak is a serious threat:

The vast volume and sensitivity of the stolen data
During the incident, the attackers gained access to the personal information of almost 70,000 users, including full names, residential addresses, phone numbers, email addresses, partial Social Security numbers, photos of identification documents (passports, driver’s licenses), as well as balance and transaction history data. Such data makes it easy to conduct targeted fraud attacks and steal funds through social engineering 1 2 3 .
Insider involvement – bribing support staff
The breach was not caused by an external technical issue, but by the abuse of internal access channels. Coinbase support staff, including offshore contractors, were bribed or recruited by hackers who used legitimate access to pass information to the criminals. This made the breach much more difficult to detect and prevent, increasing the scale of the damage 1 2 .
Using social engineering to deceive users
Fraudsters used stolen credentials to convince victims to transfer cryptocurrency to accounts they controlled. These attacks included calls and messages where the attackers pretended to be Coinbase employees, increasing the victims’ trust and saving time on bypassing technical protections (such as 2FA) 3 7 .
Risk to Users’ Physical Safety
In addition to financial losses, the leak exposed users’ residential addresses and other personal information, posing a risk of physical violence, extortion, and even kidnapping. There have been cases of violence against crypto activists and holders in 2025, heightening concerns about the safety of Coinbase customers 4 8 .
Lack of prompt notification of users
The company confirmed that the leak occurred back in January, but users were notified only in May, which gave the attackers additional time to carry out fraudulent activities and led to increased financial and reputational losses among victims 1 .
Legal and reputational fallout
Coinbase has faced lawsuits and public criticism for security and human resource management lapses. The incident undermines trust in centralized crypto platforms and highlights the need for decentralized and non-custodial solutions for storing digital assets 5 3 .

So the Coinbase data breach was dangerous not only from a technical perspective, but also in terms of the real-world consequences for millions of users: financial losses, loss of privacy, risk of fraud, and physical security threats. The main lesson was the important focus on access control within the company and preparing users for social engineering.

What are the implications of this major hack for Coinbase’s reputation?

The major Coinbase hack in May 2025 dealt a significant blow to the company’s reputation, causing serious negative consequences for user trust and market perception.

The main implications for Coinbase’s reputation are:

Damage to customer trust and widespread dissatisfaction . An incident involving the leak of personal data of almost 70,000 users has exposed the vulnerability of the largest crypto exchange in terms of internal security and access control. Many customers suffered from fraud using the stolen data, which resulted in losses of between $180 million and $400 million. This has significantly undermined confidence in the platform’s security and caused a wave of negative reviews.
Shares and Market Reputation Fall : Reports of a hack and massive data theft emerged just days before Coinbase was added to the S&P 500, dealing a blow to the company’s status as a stable and reliable player in the financial market. The incident caused Coinbase’s stock price to fall by about 7%, with many investors and partners expressing concern.
Accusations of insufficient notification . The company did not notify users of the breach until nearly six months after the incident began, prompting complaints from customers and regulators. The delay gave the attackers more time to exploit the stolen data, exacerbating the financial impact and increasing reputational risks.
Escalating Legal and Regulatory Risks : Coinbase faces class action lawsuits from affected users and potential sanctions from regulators for failing to manage internal risks and protect personal information, further complicating its reputation and adding uncertainty to the future.
Reputation Repair Measures : In response to the crisis, Coinbase fired the customer service staff involved, strengthened internal controls and security, announced a compensation program for victims, and created a $20 million reward fund for information about the attackers. Despite these steps, the company has a long way to go to restore trust.

Thus, the 2025 Coinbase hack was a serious test for the reputation of one of the largest crypto exchanges in the world, demonstrating the vulnerability of major players in the fight against cyber threats and the importance of constantly strengthening security measures and internal controls 1 2 .

Sources: 1 , 2 , 3 , 4 , 7 , 8 .

Sources: [CNews 1], [Bithide 2], [RBC 3,4], [Xakep 5], [Crypto.ru 6].

Sources: habr.com 1 RBC 2 thecoinrepublic.com 5 securitylab.ru 3 .