case-study
A single phished developer credential turned billion-download npm packages into multi-chain wallet address hijacking infrastructure.
case-study
A retirement-age crypto investor was targeted through carrier-level SIM hijacking, followed by violent physical coercion — exposing the lethal convergence of telecom fraud and real-world violence in crypto theft.
case-study
Over 150 counterfeit browser extensions impersonating MetaMask and Coinbase Wallet weaponized the Firefox Add-ons ecosystem to harvest seed phrases at scale.
case-study
One phone call. One compromised investor. 71% of January 2025's total adjusted crypto fraud losses.
case-study
Third-party e-commerce partner compromise exposes Ledger customers to targeted phishing, reprising the company's worst operational nightmare.
case-study
How a fake job offer led to the largest bridge exploit in DeFi history and exposed fatal validator centralization in the Ronin Network.
case-study
How a commoditized drainer kit deployed across hundreds of fake mint sites systematically harvested NFTs, ETH, and ERC-20 tokens from thousands of victims.
case-study
A phished ex-employee's NPMJS credentials turned a trusted frontend library into a cross-chain wallet drainer.
case-study
How ~5,000 malicious lookalike addresses exploited transaction history habits to drain multisig users.
case-study
A social engineering attack exploiting ERC-20 approve mechanics to silently authorize complete token drainage.
case-study
A textbook social engineering attack exploiting OpenSea's Seaport protocol signature mechanics against a high-profile target.