Advertise
Zameer Attar
Zameer Attar
Author
Reviewed by:
Sohrab Khawas
Reviewed
Sohrab is a passionate cryptocurrency news writer with over five years of experience covering the industry. He keeps a keen interest in blockchain technology and its potential to revolutionize finance. Whether he's trading or writing, Sohrab always keeps his finger on the pulse of the crypto world, using his expertise to deliver informative and engaging articles that educate and inspire. When he's not analyzing the markets, Sohrab indulges in his hobbies of graphic design, minimal design or listening to his favorite hip-hop tunes.
- Jun 25, 2025 05:48 UTC
-
Crypto Hack Hits Binance Smart Chain: CertiK Tracks $2M Exploit
$140M Lost in May Alone โ CertiK reports crypto hacks and scams surged, with phishing attacks causing $8.5M in damages.
BSC Exploit Drains $2M โ Attacker abused printMoney() via a compromised contract, converting funds into BNB and stablecoins.
The rising phishing, wallet hack, and security breaches are creating panic in the crypto space. Recently, Blockchain security firm CertiK revealed that in May alone, around $140.1 million was lost to crypto hacks, scams, and exploits, while $162 million in assets were frozen. Notably, phishing attacks accounted for about $8.5 million of the total losses.
CertiK alert has flagged a major exploit on the Binance Smart Chain (BSC), where an attacker drained nearly $2 million by abusing a smart contract function called printMoney().ย
Exploiter Uses Authorized Contract to Steal Funds
The exploit was carried out by a known attacker operating from address 0xd5c6f3…122c. The individual repeatedly triggered the printMoney() function on their authorized attack contract. The unauthorized access stemmed from a compromised victim contract linked to the address 0xb5cb0, which had unknowingly approved the malicious contract about eight hours before the attack.
CertiK believes the victim contract deployerโs private key may have been phished or otherwise compromised, leading to the unauthorized approval transaction. This gave the attacker full permission to transfer the victimโs tokens.
Attacker Converts Funds and Holds Nearly $2M
Once access was secured, the attacker swiftly converted the stolen derivative tokens into BNB and stablecoins. As of now, the exploiter is holding approximately $1.96 million worth of assets at their address.
Community Urged to Stay Alert
Big crypto hacks are piling up this year, with Coinbase losing $400 million, Cetus on the Sui network hit for $220 million, and others like Phemex and UPCX also suffering huge losses. These incidents show just how risky things can get in crypto if you’re not careful. According to CertiK, one of the biggest mistakes is trusting unverified smart contracts or having weak security for private keys. In a recent BSC hack, thatโs exactly what went wrong. The attacker was able to steal millions because the victimโs contract wasnโt properly secured.
CertiK is now tracking the hackerโs wallet and keeping an eye on suspicious activity. Theyโve also reminded users and developers to always check contract approvals, use well-audited code, and avoid rushing into transactions.
Meanwhile, CertiKโs advice is simple be careful, stay alert, and donโt rush into anything.
Never Miss a Beat in the Crypto World!
Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.
FAQs
Major 2025 hacks include $400M from Coinbase, $220M from Cetus, and millions more from BSC, Phemex, and UPCX exploits.
Over $140.1 million was lost to hacks, scams, and exploits in May 2025, according to blockchain security firm CertiK.
Avoid unverified contracts, never share keys, and regularly review approvals to secure your wallet from phishing.
It allowed an attacker to mint and drain funds via repeated function calls after gaining unauthorized contract approval.
Yes 
No 
