BlockBriefe
Ethereum

Crypto Hackers Steal $36M Using Fake Contracts

Daniel Harper 18.06.2026

Anatomy of a Deceptive Attack

A crypto hacker drained $26 million from the Ethereum-based protocol Truebit in January, and similar attacks have since netted over $36 million. The attackers used unverified contracts to trick victims into approving transactions. This type of scam has been on the rise, with multiple protocols falling prey to the same tactic.

The hackers create fake contracts that mimic legitimate ones, making it difficult for users to distinguish between them. Once a user approves a transaction, the hackers drain their funds. The Truebit hack was one of the largest of its kind, and it has raised concerns about the security of cryptocurrency protocols.

Can Crypto Protocols Prevent Such Attacks?

Experts say that one way to prevent such attacks is for protocols to implement stricter verification processes for contracts. Users also need to be more cautious when approving transactions, especially those involving unverified contracts. The $36 million stolen so far is a significant loss, and it highlights the need for greater security measures.

The frequency and severity of these attacks are likely to continue unless protocols take steps to improve their security. As the cryptocurrency market continues to grow, the potential for such attacks will only increase.

What is an unverified contract? An unverified contract is a smart contract that has not been thoroughly checked for security vulnerabilities or authenticity. Users should be cautious when interacting with such contracts.

Frequently Asked Questions

How can users protect themselves? Users can protect themselves by only interacting with verified contracts and being cautious when approving transactions. They should also stay informed about potential security risks.

What are protocols doing to prevent such attacks? Protocols are implementing stricter verification processes and improving their security measures to prevent such attacks. Some are also working on educating users about potential security risks.

Share:

More stories: