PurrHack

50 posts

PurrHack banner
PurrHack

PurrHack

@PurrHack

Community-run Purrlend exploit recovery snapshot and coordination page. Not affiliated with Purrlend.

Community-run Katılım Nisan 2026
21 Takip Edilen38 Takipçiler
PurrHack
PurrHack@PurrHack·
@Pinyonete If it seems correct, no action needed. If something looks wrong or DM me. It's likely funds will never be returned and people need to move on, in case funds are returned the snapshot is there to help for attribution
English
1
0
1
41
PurrHack
PurrHack@PurrHack·
8/ The ask is simple: @merkl_xyz please keep campaigns permissionless, but curate the frontend better. Ploutos, now @purrlend . This is the second time users got routed into an Aave fork that later blew up. Total loss so far ~$2M Better risk labels. Better screening. Better user protection. cc @GuillaumeNervo @AngleProtocol @zachxbt
English
1
1
6
213
PurrHack
PurrHack@PurrHack·
@merkl_xyz @purrlend 7/ To be clear: This is not saying @merkl_xyz caused either incident. They did not. But reward frontends create distribution and perceived legitimacy. If users discover a protocol through a rewards frontend, many treat that as a soft trust signal.
PurrHack tweet media
English
1
0
3
242
PurrHack
PurrHack@PurrHack·
Incentive campaigns are becoming part of DeFi’s norm Users see rewards, TVL, ecosystem mentions, and assume some baseline diligence was done. After Ploutos and now @purrlend , it is time to ask: How much risk context should reward platforms show before users deposit? A 🧵
English
1
1
12
456
DeFi Warhol
DeFi Warhol@Defi_Warhol·
Projects with zero haters: - Pumpfun - Monad - Plasma - OpenSea - Solana - Kalshi - Axiom - Starknet - Aster - Metamask - Eclipse - Starknet - Ink - Lighter - ZKsync - Infinex Miss anything?
English
87
7
110
12.2K
Stacy Muur
Stacy Muur@stacy_muur·
Worst month for DeFi ever.
Stacy Muur tweet media
English
81
25
293
38.2K
tobi
tobi@tobific·
so many hacks in just one months over $600M gone Kelp, Drift, Rhea, Hyperbridge, Purrlend, Wasabi & many more just keep in mind that it's not worth it to risk your 100% portfolio to get that 6% apy just hold, buy good coins like BTC & HYPE, and chill
tobi tweet media
English
14
0
57
2.5K
Raj.Eth
Raj.Eth@rajsh7894·
Scam projects (updated list): - Space - Gensyn - Pharos - RaveDao - Genome - Openmind - EdgeX - Perle Labs - Onefootball Club - Aztec - Superform - Venom - Zama - Warden - Tria - Rainbow wallet - Layerbank - Space - Aleo - TROVE - GAIB - Aligned - Irys - HeyElsa - Neura - Antix - Portal - MYX Finance - Scroll - Infinex - Camp Network - Eclipse - aPriori - Mantra - Allora - World Liberty - Almanak - DeepNode AI - Ari - Unich - tea Protocol - Kinto - Zenchain - Orochi - Recall Which Project is Joining the list Next ?
Raj.Eth@rajsh7894

Scam projects (updated list): - Genome - Openmind - Perle Labs - Aztec - Space - Superform - Zama - Warden - Tria - Rainbow wallet - Layerbank - Space - Aleo - TROVE - GAIB - Aligned - Irys - HeyElsa - Antix - Scroll - Infinex - Camp Network - aPriori - Mantra - Allora - Almanak - Deepnode AI - Ari - Unich - Eslipce - tea Protocol - Kinto - Zenchain - Orochi - Recall - One Football club Which Project is Joining the list Next ?

English
30
1
51
3.6K
Shift DeFi
Shift DeFi@Shift_DeFi·
3 exploits, 3 surfaces in 1 week: > Purrlend (HyperEVM/MegaETH): admin multisig granted bridge access $1.5M. > Scallop (Sui): a 2023 contract still callable. $142K. > Litecoin: outdated nodes processed invalid txs. 13-block reorg. Active code was held in all three.
Shift DeFi tweet media
English
2
1
9
374
吴说区块链
吴说区块链@wublockchain12·
据 Purrlend 官方披露,2026 年 4 月 25 日其在 HyperEVM 与 MegaETH 部署发生安全事件,损失约 152 万美元,原因为团队 2/3 多签管理员钱包被攻破,攻击者获取包括 BRIDGE_ROLE 在内的多项管理权限后,通过 mintUnbacked 铸造约 200 万 pUSDm 及 485 万 pUSDC 等无抵押代币,并作为抵押借出真实资产,最终从协议池中提取约 152 万美元资产;事后攻击者将资产兑换为 USDC 与 ETH 并通过 Mayan、LiFi 等跨链转移,约 652 ETH 仍可在链上地址追踪;项目方表示已暂停协议、撤销权限并启动调查,与安全机构及执法部门合作追踪资金,称事件源于多签配置缺乏时间锁的操作安全问题而非智能合约漏洞,计划引入时间锁、强化多签安全及权限控制,并研究用户补偿方案,协议将维持暂停直至安全确认。 wublock123.com/news/purrlend-…
中文
2
0
0
2.4K
yyy
yyy@y_cryptoanalyst·
这个月的crypto 黑客似乎是被打通了任督二脉,疯狂在链上肆虐。 04.29: @AftermathFi 被盗 $1.14M 04.27: @ZetaChain 被盗 $334K 04.26: @Scallop_io 被盗 $142K 04.25: @purrlend 被盗 $1.52M 04.21: @volo_sui 被盗 $3.5M 04.20: @ThetanutsFi 被盗 $50K 04.20: @juiceboxETH 被盗 $52K 0418: @KelpDAO 被盗 $293M 0416: Grinex 被盗 $15M 0416: @rhea_finance 被盗 $18.4M 0412: @hyperbridge 被盗 $2.5M 0401: @DriftProtocol 被盗 $285M 几乎平均每隔1天就会出现1次或大或小的黑客事件。
yyy@y_cryptoanalyst

这个月可以称得上是crypto 史上黑客最猖獗的月份了: 0418: @KelpDAO 被盗 $293M 0416: Grinex 被盗 $15M 0416: @rhea_finance 被盗 $18.4M 0412: @hyperbridge 被盗 $2.5M 0401: @DriftProtocol 被盗 $285M 累计被盗资产高达6亿美元。 更恐怖的是,这个月还有11天才结束。

中文
36
18
104
51.4K
kirbycrypto
kirbycrypto@kirbyongeo·
Purrlend appears to be exploited on both MegaETH and HyperEVM. Attacker made off with: 449,683.8748 $USDC 214,125.3752 $USDT0 194,745.1368 $USDH 2.0477 $UBTC 1,581.3418 $wstHYPE 19.6052 $UETH 868.4795 $kHYPE 757.0228 $WHYPE Total: $1,197,488.33 on HyperEVM + 163,169.1587 $USDT0 36.8639 $WETH 75,745.4505 $USDm Total $324,549.49 on MegaETH. Grand total: $1,522,037.82 or $1.5M exploited. Exploiter's address: hyperevmscan.io/address/0xd801… mega.etherscan.io/address/0xd801…
kirbycrypto tweet mediakirbycrypto tweet media
English
68
51
421
127.7K