Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, MasterCard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
tag
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Diğerleri
TradFi
Rewards

Social Engineering Breaches Hit Figure Technology and Step Finance

CryptoFrontNews
Security IncidentsOn-Chain Data
SOL1,1%
DEFI5,06%

  • Figure Tech breached after an employee fell for a scam; ShinyHunters leaked 2.5GB of sensitive data.

  • Step Finance lost $29M in SOL after hackers accessed treasury wallets, cause remains unclear.

  • Social engineering and AI scams are rising, threatening both tech firms and crypto platforms alike.

A growing wave of cyberattacks has shaken the tech and crypto sectors, highlighting the risks of human-targeted exploits. Recently, Figure Technology disclosed a breach after an employee fell for a social engineering scam, allowing hackers to access a few files.

The company confirmed that it had notified the affected partners and provided them with free credit monitoring services. Moreover, the reporters highlighted that the spokesperson of Figure did not respond to several specific questions regarding the breach. The black-hat hacking group ShinyHunters took responsibility for the breach on their dark web platform, claiming that the company failed to satisfy their demands, leading to the leakage of 2.5 GB data.

In addition, Figure explained, “We also recently discovered that an individual was tricked into handing over their login credentials, which allowed a user to download a few files using their account. We immediately acted to put a stop to it and retained a forensic firm to help determine which files were compromised.” As a result, it was determined that the attack was a social engineering attack, which relies on psychological manipulation to obtain unauthorized access.

Recently, Chainalysis reported that scammers have managed to steal a staggering $17 billion in cryptocurrency within the last year using AI to enhance impersonation and social engineering attacks. This is in line with the industry concern that arose after a report by Privacy Rights Clearinghouse in December 2025, which indicated that regulators have filed over 8,000 filings that affect at least 374 million people.

Broader Implications for Tech and Crypto

Anonymous sources revealed that Figure’s breach might be part of a larger campaign targeting companies using Okta’s single sign-on service. Other alleged victims include the University of Pennsylvania and Harvard University.

Meanwhile, Step Finance, a major DeFi platform on Solana, confirmed a breach affecting several treasury and fee wallets. Onchain data shows hackers unstaked about 261,854 SOL, moving funds to unknown addresses. At a price of $110 per SOL, these transfers total nearly $29 million.

Step Finance posted on X, “We experienced a security breach in some of our treasury wallets a few hours ago, and we are currently looking into it… We will share more details later.” However, the company did not specify the breach’s root cause, sparking speculation over smart contract flaws or access control issues.

Consequently, the community questioned whether user funds outside treasury wallets faced risk. Despite repeated media inquiries, Step Finance declined to provide further comment.

Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to Disclaimer.

Related Articles

Claude code leak sparks an LLM crisis, hackers have stolen researchers’ ETH

ethereum newsEnforcement ActionsSecurity IncidentsAI Industry News

Security research reveals that in the LLM agent ecosystem, over 20% of free API routers actively inject malicious code, leading to asset theft and credential crises. In addition, the Claude code-leak incident has enabled attackers to spread malware by exploiting developers’ curiosity. The research team proposes a three-layer defense mechanism to address supply-chain security risks.

MarketWhisper26m ago

Solayer founder issues a warning: AI agent routers face malicious injection risks, and ETH is being stolen

ethereum newsSecurity IncidentsAI AgentAI Industry News

Solayer’s founder exposes a security vulnerability in large language model (LLM) routers; in 428 routers, more than 20% exhibit malicious behavior, such as private keys being stolen. The research recommends that developers implement a separate end-to-end integrity verification mechanism on the client side and provides three defense options to mitigate supply-chain attacks.

MarketWhisper46m ago

The U.S. Department of the Treasury expands financial-grade cybersecurity intelligence to the crypto industry, and digital asset companies are receiving, for the first time, treatment on par with traditional finance.

Regulation & PolicySecurity Incidents

The U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection announced that it will expand free cyber threat intelligence to eligible digital asset companies—marking the first time the cryptocurrency industry has been included in the country’s national financial cybersecurity information-sharing framework. This initiative is intended to help digital asset companies respond to cyber threats more effectively and to align with relevant policy recommendations to strengthen the resilience and security of the financial system.

ChainNewsAbmedia1h ago

Solayer’s founder releases research on LLM supply chain security; more than 2% of free routers have been exposed as having been maliciously injected

Security IncidentsAI Industry News

Solayer’s founder reveals safety risks of large language models, pointing out that LLM agents relying on third-party API routers face a risk of being attacked by malicious code. Testing shows that multiple routers have security vulnerabilities, and can even leak sensitive credentials. In addition, research demonstrates feasible attack methods and defense measures.

GateNews1h ago

France Passes Custodial Wallet Declaration Law, Tax Authorities Warn of Potential Hacker Attacks

GeopoliticsRegulation & PolicySecurity Incidents

The French National Assembly has passed a rule requiring mandatory reporting of crypto assets held in self-custody wallets above 5,000 euros, applicable to multiple mainstream wallets. The DGFIP opposes this, arguing that enforcement will be difficult and that data centralization will increase user risk. Experts say the law may be hard to implement and urge users to closely monitor subsequent developments.

MarketWhisper1h ago
Comment
0/400
No comments