Wasabi Protocol Loses $5.​5M in Admin Key Compromise Attack

**Attack Overview** SquidMulticall suffered a $517K loss when an attacker exploited pre-existing MAX_UINT token approvals. The exploit affected multiple chains including Arbitrum, BSC, Avalanche, Optimism, and Base. **How It Happened** - Victims had previously granted unlimited (MAX_UINT) token approvals to the SquidMulticall contract - The attacker leveraged a permissionless multicall function to drain funds - No traditional "hack" was needed - users had already signed away access to their tokens **Key Takeaway** Stale token approvals represent a silent but significant attack surface. Old unlimited approvals can be exploited even if the original contract or protocol is no longer actively used. Forta Firewall detected the suspicious activity across all five affected chains. **Action Item**: Review and revoke unnecessary token approvals regularly using tools like Revoke.cash or Etherscan's approval checker.

April 2026 marked the worst month in crypto history with over $320 million drained across multiple exploits, including the $280 million Kelp incident. **Key Statistics:** - $320M+ lost in April alone - Follows $92M in losses across 33 incidents in March - Total of $412M+ drained in just two months **Security Response:** Forta's Firewall technology integrates directly into transaction flows to screen and block threats before execution. The system provides real-time transaction screening for chains and institutions moving onchain. The escalating exploit activity underscores the critical need for proactive security measures in blockchain infrastructure.

The U.S. Treasury's Office of Foreign Assets Control (OFAC) has sanctioned new Ethereum addresses connected to Sinaloa Cartel fentanyl trafficking operations. **Immediate Response:** - Forta Firewall updated its monitoring systems to track the sanctioned addresses - Transactions involving these wallets are now flagged before execution - The system provides real-time onchain compliance screening This follows a pattern of rapid response by Forta Firewall to OFAC sanctions. In March, the platform similarly updated its blocking list within hours when Treasury sanctioned 20 Ethereum wallets linked to terrorism and North Korea. [Learn more about Forta Firewall](https://forta.org/firewall?utm_source=twitter&utm_medium=social&utm_campaign=firewall-update&utm_content=ink-case-study)

**IoTeX Bridge Exploit: $8M Drained** The @iotex_io Bridge suffered a major security breach on February 28, 2026, losing $4.3M initially and escalating to $8M within 90 minutes. The attack was executed through a single compromised private key. **Key Details:** - Attack vector: Compromised private key - Timeline: $4.3M → $8M in 90 minutes - Detection: Forta Firewall caught the attacker's mainnet movements in real-time **Recent Context:** Just two days earlier, a @FOOMCASH lottery-contract exploit put $1.8M at risk. Forta Firewall flagged the attack in real-time and successfully blocked it on Firewall-enabled chains. This incident highlights the ongoing security challenges in cross-chain infrastructure and the critical importance of private key management in blockchain systems. Real-time detection systems like Forta Firewall are proving essential for identifying threats, though prevention remains dependent on proper security practices. Learn more about Forta Firewall: [Introducing Forta Firewall](https://forta.org/blog/introducing-forta-firewall/)