Avoid your next
big mistake

Lulo (lulo.fi), formerly known as Flexlend, is a Solana-based DeFi lending aggregator that automatically routes stablecoin deposits to the highest-yielding protocols on the network, including Kamino, Drift, Marginfi, Morpho, Maple, and Pendle. Founded in 2022 and formally launched in early 2024, the protocol has grown to over $86 million in TVL and surpassed $100 million in cumulative deposits, supported by five independent security audits and backing from Circle Ventures and Solana Ventures. The platform's primary risk profile is composability-layer exposure: deposits are routed across multiple third-party protocols, meaning a failure at any underlying venue could affect user funds, although Lulo's 'Protected' tier includes automated on-chain coverage for such events.

Light Protocol is a Solana-native ZK compression infrastructure layer developed by Luminous Labs Lda, a Portugal-based company co-founded in 2021 by Swen Schäferjohann. The protocol reduces on-chain state storage costs by up to 99% using zero-knowledge proofs and has undergone multiple independent security audits including formal circuit verification. No fraud allegations, regulatory actions, or fund-loss incidents have been identified; primary risk signals are inherent ZK/smart-contract complexity, partially unaudited SDK tooling, and infrastructure scaling concerns raised by Solana node operators.

Lifinity was a proactive market maker and oracle-based decentralized exchange built on Solana, operating from February 2022 until it voluntarily shut down in December 2025 after processing approximately $150 billion in lifetime trading volume. The protocol was notable for its use of Pyth oracle pricing instead of traditional AMM mechanics, a no-VC community-funded launch via a veIDO, and a transparent wind-down that distributed roughly $43.4 million in treasury assets to LFNTY token holders. Risk factors include an anonymous pseudonymous founder operating as 'Durden' or 'durdenwannabe,' a $699,090 pool drainage incident in December 2023 caused by a protocol-level bug, and structural dependence on the Pyth oracle as a single external pricing dependency.

Jupiter Perps is a perpetual-futures decentralized exchange (DEX) built on Solana, operated by Jupiter Exchange, offering up to 250x leveraged trading on SOL, ETH, and wBTC against a shared liquidity pool called JLP (Jupiter Liquidity Pool). The protocol has grown to become the dominant perps venue on Solana with a JLP TVL that surpassed $2 billion in September 2025 and over $100 billion in cumulative trading volume as of 2024. The platform has undergone multiple independent smart contract audits with no critical exploits against its own contracts reported, though JLP token holdings in third-party vaults were implicated as stolen assets in the April 2026 Drift Protocol breach.

Hxro Network is a decentralized derivatives and liquidity primitive built on the Solana blockchain, providing shared exchange, risk management, and settlement infrastructure for on-chain futures, options, and parimutuel betting markets. The project raised $49 million across two token rounds in 2021 from well-regarded institutional investors including Jump Crypto, Blockchain Capital, Susquehanna International Group, and Alameda Research. While the team is publicly identified with traditional finance credentials and multiple third-party security audits have been completed, the HXRO token has experienced a severe decline from its all-time high, and the network has struggled to achieve meaningful adoption relative to competing Solana derivatives protocols.

Honeyland is a mobile-first, play-to-earn blockchain strategy game built on Solana by Hexagon Studios (Singapore), where players manage bee colonies to earn the native HXD token. The project raised $4 million prior to its public token launch in March 2023 and was acquired by Montreal-based Bravo Ready Studios in July 2025. No confirmed fraud, hack, or regulatory action has been identified; the primary risk factors are severe token price depreciation (approximately 99.9% from all-time high), low trading liquidity, and the structural sustainability challenges common to play-to-earn game economies.

Hivemapper is a decentralized physical infrastructure network (DePIN) built on Solana that incentivizes drivers to collect street-level imagery via dashcams and rewards them with the native HONEY token. The company, led by named founder Ariel Seidman, has raised over $50 million in total funding and counts Lyft, TomTom, and Volkswagen ADMT among its enterprise customers. While no fraud or regulatory action has been identified, the project carries moderate risks related to token price volatility, hardware shipping delays, a 2022 regulatory ambiguity around whether HONEY constitutes a security, and inherent privacy considerations from mass collection of street-level imagery.

Helius (helius.dev) is a Toronto-founded, Solana-focused developer infrastructure company offering RPC nodes, enhanced APIs, webhooks, data streaming, and validator services. Founded in June 2022 by former Coinbase and AWS engineers, the company has raised $34.85 million across three rounds led by Founders Fund, Haun Ventures, and Foundation Capital, and operates as a key infrastructure layer for the Solana ecosystem. No regulatory actions or security breaches have been identified against Helius; the main risk signals are minor service reliability incidents and unresolved workplace conduct allegations against its CEO.

Helium Mobile is a Mobile Virtual Network Operator (MVNO) launched by Nova Labs, Inc. in 2023, marketed as the world's first crypto-powered consumer cellular service. It provides coverage primarily via T-Mobile's wholesale 5G network, supplemented by a community-built Wi-Fi hotspot layer, and issues MOBILE token rewards to subscribers and hotspot operators. Parent company Nova Labs settled a $200,000 SEC fraud charge in April 2025 over misrepresentations made to investors about enterprise partnerships, while the MOBILE token has been deprecated in favor of HNT under community governance proposal HIP 138.

Helium is a decentralized physical infrastructure network (DePIN) founded in 2013 by Amir Haleem, Shawn Fanning, and Sean Carey, operated by Nova Labs, Inc. The network incentivizes individuals to deploy wireless hotspots for IoT (LoRaWAN) and mobile coverage using its HNT token, which migrated to the Solana blockchain in April 2023. The project has a documented history of misrepresenting partner relationships to investors, resulting in a $200,000 SEC civil settlement in April 2025, but has demonstrated meaningful real-world usage growth through verified carrier data-offload partnerships with AT&T, T-Mobile, and Telefonica.

Griffain is a Solana-based AI-agent coordination platform launched in November 2024 that enables users to deploy autonomous on-chain agents for trading, NFT minting, and wallet management via natural language commands. The platform's native GRIFFAIN token reached a peak market capitalization of approximately $634 million in January 2025 before declining roughly 98% to a market cap near $10 million by early 2026. No regulatory actions, hacks, or fraud allegations have been identified; primary risk factors include agent custody model ambiguity, autonomous trading feature exposure to highly speculative memecoin markets, opaque smart contract audit disclosures, and limited public information on full team composition beyond the named co-founder.

Grass is a Solana-based decentralized physical infrastructure network (DePIN) developed by Wynd Labs that pays users GRASS tokens in exchange for contributing unused internet bandwidth, which is then sold to AI companies and research institutions for large-scale public web scraping. The project launched in June 2023, completed a $3.5M seed round and a subsequent $10M bridge round backed by Polychain Capital and Tribe Capital, and executed its first major token airdrop in October 2024. While the project reports meaningful revenue growth and legitimate enterprise customers, it operates in a legally grey area involving residential proxy networks, carries unanswered questions about code transparency, and its token has declined approximately 94% from its all-time high amid sustained unlock pressure.

GooseFX was a Solana-based decentralized finance platform founded in 2021 that offered an AMM DEX (GAMMA), single-sided liquidity pools, perpetual futures trading, and an NFT aggregator under the GOFX utility token. The project raised $4.5 million in seed funding from reputable investors including Animoca Brands and CoinShares, received at least one published security audit from Halborn, and accumulated over $700 million in cumulative trading volume during 2024 before announcing a voluntary wind-down in August 2025. No regulatory actions, theft-related exploits, or rug-pull signals have been identified; the protocol sunsetting appears to reflect commercial failure rather than fraud.

Goatseus Maximus (GOAT) is a Solana-based memecoin launched on October 10, 2024, via Pump.fun by an anonymous deployer, whose rise was driven almost entirely by the AI agent Truth Terminal promoting the 'Goatse Gospel' internet-culture narrative on social media. The token reached a peak market capitalization above $1 billion in November 2024 — the first Pump.fun token to achieve that milestone — before declining more than 98% from its all-time high by mid-2026. It carries no formal whitepaper, no disclosed development roadmap, no utility, and its creator remains anonymous; its value is derived solely from speculative attention and an AI-generated cultural narrative.

Glow Wallet is a non-custodial Solana wallet developed by Luma Labs, Inc., a San Francisco-based company co-founded by Danqing (Dan) Liu and Victor Pontis. Available as a browser extension and mobile app since early 2022, it is marketed as a design-forward wallet with transaction simulation, in-app staking, zero-fee swaps, and a decentralized identity system called Glow ID. No major security breaches specific to Glow have been publicly reported, and no regulatory actions have been identified against the project or its developer.

Genopets is a Solana-based move-to-earn NFT game launched in 2021, self-described as the first free-to-play move-to-earn title in the space, operated by a named and publicly identifiable founding team. The project raised $8.3 million in seed funding from reputable investors including Pantera Capital and Samsung Next, but its dual-token economy (GENE and KI) has suffered severe inflation-driven value collapse characteristic of the broader move-to-earn category. As of mid-2026 the team remains active, having pivoted toward AI-agent infrastructure under the 'ELITE/WHITTAKR' umbrella, though both tokens trade near all-time lows with minimal liquidity.

Fuse Wallet is a Solana-based smart wallet developed by Squads Labs, the team behind Squads Protocol, Solana's leading multisig and smart account infrastructure. Launched in public TestFlight in June 2024 and on the Apple App Store in December 2025, Fuse replaces traditional seed phrases with a multi-factor authentication model built on Squads Protocol's audited smart account standard. Squads Labs has raised approximately $40.9 million across multiple funding rounds from institutional investors including Electric Capital, Coinbase Ventures, and Multicoin Capital, and no known regulatory actions, hacks, or fraud allegations have been identified against the product.

Fragmetric (fragmetric.xyz) is a Solana-native liquid restaking protocol that issues fragSOL, fragJTO, and fragBTC as Liquid Restaking Tokens (LRTs) built on Jito's restaking infrastructure. The protocol raised $12 million across seed and strategic rounds from recognized institutional backers including Hashed, Finality Capital, and RockawayX, and has undergone multiple independent security audits by Certora and Quantstamp. Material risks include smart-contract complexity inherent to restaking, slashing exposure through Node Consensus Networks (NCNs), partial team pseudonymity, and significant FRAG token price depreciation following the July 2025 listing.

Luna Yield ($LUNY) was a purported cross-chain yield aggregator built on Solana that conducted an initial DEX offering (IDO) on the SolPad launchpad in August 2021. Approximately two days after its IDO, the anonymous development team removed all liquidity from protocol pools, deleted the project website and all social media accounts, and transferred an estimated $6.7 million in user funds across multiple cryptocurrencies to obfuscation services, in what multiple crypto news outlets characterized as a rug pull. The incident is widely cited as the first major rug pull on the Solana blockchain.

MiningMax (also styled Mining Max LLC) was a US-registered cryptocurrency mining company that operated from approximately September 2016 through October 2017, allegedly defrauding approximately 18,000 investors across 54 countries out of roughly 270 billion Korean won (approximately $250 million USD). South Korean prosecutors indicted 21 individuals in December 2017 on charges of fraud and violations of Korea's door-to-door sales law; the company's chairman, Nam Ho Park (also known as Daniel Park), and vice chairman fled the country and were placed on Interpol's wanted list. The California Department of Financial Protection and Innovation (DFPI) issued a Desist and Refrain Order against Mining Max LLC and its founder Nam Ho Park in July 2020.

OneCoin was a global fraudulent cryptocurrency scheme founded in 2014 by Ruja Ignatova ("the Cryptoqueen") and Karl Sebastian Greenwood. Operating as both a Ponzi scheme and a multi-level-marketing pyramid, it defrauded an estimated 3.5 million victims across more than 175 countries of over $4 billion by marketing a cryptocurrency that had no real blockchain. Ignatova disappeared in October 2017, is an FBI Ten Most Wanted Fugitive with a $5 million reward, and multiple co-conspirators have been convicted and sentenced to federal prison.

PGI Global (Praetorian Group International) was a fraudulent cryptocurrency and foreign exchange investment platform operated by Ramil Ventura Palafox from December 2019 through October 2021. The scheme raised over $201 million from more than 90,000 investors worldwide by promising daily returns of 0.5% to 3% through purported Bitcoin and forex trading, while in reality operating as a Ponzi scheme. Palafox pleaded guilty in September 2025 to federal wire fraud and money laundering charges and was sentenced in February 2026 to 20 years in prison; the SEC filed parallel civil charges in April 2025 seeking disgorgement of approximately $198 million.

Pincoin and iFan were two cryptocurrency tokens promoted in Vietnam in 2017–2018 by Modern Tech Joint-Stock Company, a Ho Chi Minh City-based firm operated by eight Vietnamese nationals. The scheme promised monthly returns of up to 48 percent through a multi-level marketing structure and is alleged to have defrauded approximately 32,000 investors of roughly 15 trillion Vietnamese dong (approximately $660 million USD), making it one of the largest ICO exit scams on record. The eight operators vacated their offices and allegedly fled Vietnam around March 2018; as of publicly available reporting through 2021, no confirmed arrests or convictions of the principals had been reported in English-language sources.

Flash Trade (flash.trade) is a non-custodial, asset-backed perpetuals and spot exchange built on Solana, founded in early 2023 by Anas Khader and Zoheb Shahzan (previously of the Investin project). The protocol is bootstrapped, has undergone multiple third-party security audits, publishes an open-source reference implementation, and has processed over $20 billion in cumulative trading volume. No exploits, regulatory actions, or fraud allegations have been identified; primary risk factors are a modest TVL (~$10.7M), a low-cap governance token (FAF, ~$3.7M market cap), oracle dependency on Pyth Network, and limited public background on the founding team.

Firedancer is an independent, high-performance Solana validator client developed by Jump Crypto (Jump Trading Group), written from scratch in C primarily by a team led by Chief Science Officer Dr. Kevin Bowers and founding engineer Ritchie Patel. Released under the Apache 2.0 open-source license, it aims to increase Solana's throughput toward one million transactions per second while improving network resilience through client diversity. As of May 2026, the client is live on Solana mainnet with roughly 20% of validators running it, though full rollout remains cautious pending completion of comprehensive third-party security audits. The project carries a notable backer-risk signal: Jump Crypto's parent subsidiary Tai Mo Shan settled SEC charges for $123 million in December 2024 over TerraUSD manipulation, and a separate CFTC investigation was reported in 2024 with no publicly disclosed outcome as of this writing.

Fartcoin (FARTCOIN) is a Solana-based memecoin launched anonymously on October 18, 2024 via the Pump.fun launchpad, inspired by a suggestion from Truth Terminal, an autonomous AI chatbot developed by Andy Ayrey and funded with a $50,000 grant by Marc Andreessen of a16z. The token carries no stated utility and derives all value from speculation, community sentiment, and association with the AI-agent narrative; it reached an all-time high market capitalization of approximately $2.3 billion in January 2025 before declining more than 93% to approximately $160 million by May 2026. As a memecoin with an anonymous founding team, no intrinsic value, high whale concentration, and significant price volatility, it represents substantial speculative risk.

Famous Fox Federation (FFF) is a Solana-native NFT ecosystem founded in September 2021, comprising a genesis collection of 7,777 fox PFP NFTs and several sub-collections under the 'Foxosphere' umbrella. The team, operating under the pseudonyms 'DraxxTs' and 'FoxyDev', has built and shipped multiple on-chain utilities including the Rafffle raffle platform, the Citrus NFT lending protocol, a token marketplace, and gamified staking missions. No regulatory actions, exploits, or rug-pull incidents have been identified through public sources, though the founders remain pseudonymous and $FOXY token value has declined substantially from its all-time high.

Exponent Finance is a Solana-based yield tokenization protocol launched in late 2024 that enables users to separate yield-bearing assets into tradable Principal Tokens (PT) and Yield Tokens (YT), analogous to Pendle Finance on Ethereum. The protocol has attracted $7.1 million in venture funding from institutional backers including Multicoin Capital, Solana Ventures, and RockawayX, and processed over $2 billion in yield volume across 35,000+ users. Key risk considerations include a small but growing team, a SAFE-plus-token-warrant capital structure suggesting a future token launch, TVL that experienced a sharp 60%+ drawdown tied to incentive expiry, and an audit history that is active but still maturing.

Edgevana is a Las Vegas-based bare-metal infrastructure and node-deployment platform founded in 2019, specializing in Solana validator onboarding, RPC node provisioning, and decentralized edge compute. The company operates a liquid staking product (edgeSOL) with approximately 839,000 SOL under management and has secured notable partnerships with the Solana Foundation, Avalanche, and StackPath. No regulatory actions, fraud allegations, or significant security incidents have been identified.

Trade Coin Club (TCC) was a multi-level marketing cryptocurrency program that operated from late 2016 through mid-2018, allegedly collecting over 82,000 Bitcoin valued at approximately $295 million from more than 100,000 investors worldwide. The program falsely promised daily returns of at least 0.35% generated by an automated trading bot; the SEC and DOJ allege no such trading occurred and that investor withdrawals were funded entirely by new investor deposits, constituting a classic Ponzi scheme. In November 2022, the SEC charged four individuals including founder Douver Torres Braga; Braga was subsequently extradited from Switzerland in February 2025 to face a 13-count federal criminal indictment.

TurtleDex was a purported decentralized cloud storage protocol launched on Binance Smart Chain (BSC) in March 2021. The project raised approximately 9,000 BNB (roughly $2.5 million) in a presale on March 15, 2021, then executed an exit scam on or around March 19, 2021, draining liquidity pools on PancakeSwap and ApeSwap, converting the proceeds to ETH, and disappearing entirely. The team's identities were disclosed only under pseudonyms in a pre-launch AMA, and no funds were recovered.

USI-Tech (United Software Intelligence Technology) was a Dubai-registered cryptocurrency and forex multilevel-marketing scheme that operated from approximately 2016 through early 2018, selling so-called 'BTC Packages' and promising investors an average daily return of 1% over 140 days. Regulators across the United States, Canada, New Zealand, and Spain issued cease-and-desist or warning orders in 2017–2018; an estimated $150 million in investor funds — predominantly in Bitcoin and Ether — was allegedly misappropriated before the platform went offline overnight. Co-founder and CEO Horst Jicha was indicted in the U.S. Eastern District of New York in August 2023, arrested in December 2023, and became a fugitive in October 2024 after allegedly tampering with his ankle monitor and absconding in violation of pretrial-release conditions.

Vitae was a social-media rewards platform operated by Switzerland-registered Vitae AG, which issued the VITAE token and promised users income from content interactions through a multi-level affiliate structure. Belgian and Swiss authorities, coordinated by Europol, shut down the platform in June 2021, arresting five individuals and seizing over €2.6 million in cash and cryptocurrency across 17 raids, alleging the operation was a Ponzi and pyramid fraud that defrauded approximately 223,000 people in 177 countries. The platform's founder, Michael Weber, operated under the alias 'Michael Bradley' and had prior involvement in the BitConnect Ponzi scheme; he remained at large in the United States as of last known reporting.

WoToken was a Chinese cryptocurrency multi-level marketing Ponzi scheme that operated from July 2018 to October 2019, defrauding approximately 715,249 investors of roughly 7.7 billion yuan (approximately $1.1–$1.15 billion USD) in cryptocurrency. Six defendants were tried in May 2020 and four primary operators received prison sentences of up to 8.5 years following a second-instance ruling by the Intermediate People's Court of Yancheng City, Jiangsu Province in October 2020. At least one operator was reported to have prior involvement in the PlusToken scheme, leading observers to describe WoToken as 'PlusToken 2.0.'

Dual Finance is a Solana-based structured-products protocol offering Dual Investment Pools (DIPs) and Staking Options, products designed to provide yield to token holders and sustainable liquidity incentives to DAOs. Founded in 2022 by named individuals with verifiable TradFi and FAANG backgrounds, the protocol reached a peak TVL of approximately $35 million in 2023 but has since contracted sharply to under $500K as of mid-2025. No exploits, regulatory actions, or fraud allegations have been identified in public records; the primary concerns are low current TVL, limited publicly-verifiable audit documentation, and significant DUAL token price depreciation since its 2023 ATH.

DRiP Haus (drip.haus) is a Solana-based digital collectibles distribution platform that uses compressed NFT technology to enable creators to deliver free or low-cost weekly drops to subscribers. Founded in late 2022 by Vibhu Norby, a named serial entrepreneur with a verifiable track record, the company raised $11.5 million across two funding rounds before being acquired by Jupiter, Solana's leading DeFi aggregator, in an all-cash deal announced April 2, 2025. No regulatory actions, fraud allegations, or significant security incidents have been identified; the primary risk factors are platform-level policy changes that reduced accessibility for collectors and the uncertainties inherent in post-acquisition integration.

Dogwifhat (WIF) is a Solana-based memecoin launched anonymously in November 2023, featuring a Shiba Inu dog wearing a pink knitted hat. It reached a peak market capitalization of approximately $4.8 billion in March 2024 before declining more than 90% from its all-time high by mid-2026. The project carries inherent memecoin risks — no utility, anonymous creators, speculative-only value — alongside a notable failed community fundraiser for a Las Vegas Sphere advertisement that raised nearly $700,000 but never executed, ultimately refunding donors in 2025.

Dialect (dialect.to) is a Solana-focused smart messaging and infrastructure company best known for co-developing the Blinks (Blockchain Links) and Actions standard with the Solana Foundation, launched in June 2024. Founded in 2021 by Chris Osborn, a named founder with a verifiable academic and professional background, the company raised a $4.1M seed round in March 2022 led by Multicoin Capital and Jump Crypto. No regulatory actions, fraud allegations, or confirmed security incidents specific to Dialect have been documented; the principal risk surface is the Blinks protocol itself, which introduces phishing and malicious-endpoint attack vectors that Dialect attempts to mitigate through a public registry of verified actions.

Decaf (decaf.so) is a non-custodial stablecoin wallet and payments platform built on Solana and Stellar, founded in 2022 and headquartered in Miami, FL, targeting emerging-market users who need low-cost cross-border payments and fiat cash-out. The company has raised a seed round from recognizable crypto-native and fintech investors including Visa, and has established formal partnerships with Circle, MoneyGram, and the Stellar Development Foundation. No regulatory actions, hacks, or fraud allegations have been identified as of the investigation date.

Daos.fun is a Solana-based platform that allows vetted creators to launch on-chain investment DAOs (marketed as 'meme hedge funds'), raising SOL from the public and trading it across SPL tokens with full unilateral discretion. Launched in September 2024 by pseudonymous developer Baoskee (identified by Alliance DAO as Bao Mai), the platform gained rapid notoriety through the ai16z / ElizaOS DAO and attracted significant speculative capital. Structural risks include fund-manager custody with no investor veto, extreme market-cap-to-NAV premiums documented at 29x–58x, the absence of a public smart-contract audit, and unresolved securities-law exposure in multiple jurisdictions.

Access Protocol is a Solana-based Web3 content monetization platform operated by Access Labs Inc., founded by Mika Honkasalo in 2022. The protocol enables users to stake its native ACS token into publisher stake pools in lieu of traditional subscriptions, with launch partners including CoinGecko and The Block. While the project raised modest seed funding, listed on Coinbase at launch, and has not been implicated in fraud or regulatory action, significant concerns exist around its highly inflationary tokenomics, sharp price decline of roughly 99% from its all-time high, a small and lightly-documented team, and the absence of publicly disclosed smart contract audit reports.

Adrena Protocol was a decentralized peer-to-pool perpetual futures exchange built on Solana, offering up to 100x leverage trading via a dual-token model (ADX governance token and ALP liquidity pool token). Founded circa 2023 by an anonymous team of self-described Solana-native builders, the protocol achieved approximately $8 billion in cumulative trading volume and $10 million in fee revenue before entering maintenance mode in November 2025 after failing to secure sufficient external funding and struggling with user retention. As of early 2026, the founding team has ceased active development, the protocol remains operational in a caretaker state, and a community relaunch targeting RWA (real-world asset) perpetuals has been announced in partnership with oracle provider Autonom.

Aldrin (formerly Cryptocurrencies.ai) is a Solana-based decentralized exchange and AMM protocol that launched its RIN utility token via IDO in mid-2021, backed by investors including Alameda Research. The project's original DEX product experienced severe activity decline following the FTX/Alameda collapse in November 2022 and the concurrent implosion of the Serum orderbook infrastructure it relied upon. As of 2025–2026, Aldrin Labs has pivoted to multi-chain Telegram trading bots (RINbot) on Sui and Aptos, while the original Solana DEX is effectively inactive with near-zero TVL and the RIN token has lost approximately 99.98% of its all-time-high value.

Anza (Anza Technology, Inc.) is a Delaware-incorporated software development firm founded in January 2024 by approximately 45 former Solana Labs engineers and executives, including Solana co-founder Stephen Akridge. The company serves as the primary maintainer of the Agave validator client — a fork of the original Solana Labs codebase and the majority client on the Solana network — and has proposed Alpenglow, a wholesale redesign of Solana's consensus mechanism approved by governance in September 2025. Anza has no token of its own; risk considerations center on its outsized influence over Solana's core protocol, the regulatory context of its formation, and a personal civil lawsuit involving co-founder Stephen Akridge.

Aurory is a Solana-based free-to-play, play-to-earn role-playing game featuring NFT creatures called Nefties, launched in 2021 by a team with backgrounds at major game studios. The project suffered a significant December 2023 exploit of its SyncSpace marketplace bridge, resulting in approximately $830,000 in stolen AURY tokens. As of mid-2026, the AURY token trades near all-time lows, down over 99% from its 2021 peak, reflecting sustained tokenomics pressure, limited adoption, and investor uncertainty following the security incident.

Backpack is a Solana-ecosystem crypto wallet and centralized exchange (operating as Trek Labs Ltd FZE) founded in 2022 by Armani Ferrante and Tristan Yver, both veterans of the FTX and Alameda Research organizations prior to those firms' 2022 collapse. The exchange holds a VARA VASP license in Dubai and a MiFID II license (via acquisition of FTX EU from CySEC in January 2025), has published daily zero-knowledge proof-of-reserves since August 2025, and raised funding at a reported $1 billion valuation in early 2026. Key risk signals include the founders' FTX-era history, a contested FTX EU acquisition that drew a public rebuke from the FTX bankruptcy estate, a 60-plus percent post-TGE collapse of its native BP token, and ongoing US regulatory limitations.

Believe (believe.app) is a Solana-based token launchpad founded by Australian entrepreneur Ben Pasternak, originally launched in January 2025 as 'Clout' before rebranding. The platform popularized a 'tweet-to-token' model under the 'Internet Capital Markets' narrative, enabling anyone to deploy a Solana token by replying to an X post. The platform and its founder face a federal class action lawsuit alleging coordinated investor fraud across three successive token schemes, Pasternak's arrest on criminal assault and strangulation charges, and widespread accusations of supply dilution, broken buyback promises, and fee extraction totaling an estimated $54 million on roughly $6 billion in trading volume.

BlazeStake is a non-custodial Solana liquid staking protocol operated by SolBlaze, launched in May 2022, that issues bSOL tokens to depositors in exchange for staked SOL distributed across 200+ validators. The protocol uses the official Solana Labs stake-pool smart contract, which has received seven external security audits from five firms; upgrade authority is controlled by an ecosystem multisig overseen by the Solana Foundation. The team operates pseudonymously and the protocol has no disclosed regulatory actions or hacks, though it was involved in a publicized partnership dispute with MarginFi in April 2024.

BonkBot is a Solana-focused Telegram trading bot launched in 2023, affiliated with the BONK memecoin community but operated as a legally separate entity. It has grown to become one of the largest Telegram-based trading bots by volume, reporting over $14 billion in lifetime trades and more than 500,000 total users, with all 1% trading fees directed toward purchasing and burning BONK tokens. The platform operated in a custodial manner for most of its history before announcing a non-custodial key management system upgrade in October 2024; a March 2024 incident in which 302 users lost approximately $523,000 in SOL highlighted custody risks common to this class of product, though BonkBot attributed the losses to a compromise at a rival bot (Solareum) rather than its own infrastructure.

Boop.fun is a Solana-based memecoin launchpad launched in May 2025 that allows users to create community-driven tokens called 'cults,' backed by a native $BOOP token with staking rewards and an influencer-driven airdrop mechanism. The platform reached a $500 million market cap within 90 minutes of launch but declined sharply amid founder credibility disputes — including allegations by former Binance CEO CZ of insider trading and false credential claims — an airdrop mechanism that was terminated early for being 'exploited and manipulated,' and a ~99% collapse in BOOP token price from its all-time high. Founder Dingaling (alleged real name: Dinghua Xiao) stepped down in November 2025, and the platform's ongoing leadership and development trajectory remain uncertain.

Crossmint is a New York-based web3 infrastructure company founded in 2022 by Alfonso Gómez-Jordana Mañas and Rodrigo Fernández Touza. It provides APIs and no-code tools for embedded wallets, NFT minting, stablecoin orchestration, and AI-agent payments, reporting over 40,000 enterprise and developer customers. The company raised $23.6 million in March 2025 led by Ribbit Capital, holds SOC 2 Type II certification, a VASP license, and received MiCA authorization in Spain in December 2025.

Cropper Finance is a permissionless automated market maker (AMM) and yield farming protocol built on the Solana blockchain, launched in mid-2021. The platform raised approximately $1.1–1.5 million across seed and public rounds and underwent security audits by Halborn Security, but operates with a pseudonymous-to-anonymous founding team and has experienced severe TVL and token value decline since its 2021 peak. As of 2025–2026 the protocol shows minimal trading activity, negligible TVL, and near-zero community engagement, raising questions about long-term viability.

Clockwork was a Solana-based smart-contract automation protocol that allowed developers to schedule transactions and build event-driven on-chain programs without relying on centralized cloud infrastructure. Founded in 2021 as Cronos and rebranded in 2022, the project raised $4 million in seed funding from Multicoin Capital, Asymmetric, and Solana Ventures before its founder announced an orderly shutdown effective October 31, 2023, citing limited commercial upside. No fraud, security exploits, or regulatory actions have been identified; the shutdown is assessed as a voluntary wind-down of a legitimate infrastructure project.

Claynosaurz is a Solana-native NFT collection and web3 animation studio launched in November 2022, comprising 10,222 animated 3D dinosaur characters. Founded by Montreal-based animation professionals with verifiable film industry credits, the project has delivered multiple product milestones including physical merchandise, a Solana Phone exclusive NFT drop, cross-chain expansion to Sui, and a forthcoming Gameloft mobile game. No fraud, rug pull, or regulatory actions have been identified; the primary risk factors relate to NFT market depreciation, complex multi-token ecosystem mechanics, and the inherent execution risk of an early-stage gaming and entertainment IP.

Cega (cega.fi) was a decentralized exotic options and structured products protocol that operated from June 2022 through late 2024 on Solana, Ethereum, and Arbitrum. Founded by Arisa Toyosaki, a named former derivatives trader, and backed by Dragonfly Capital, Pantera Capital, and Coinbase Ventures, the protocol processed over $500 million in cumulative transaction volume without a reported user fund loss. In November 2024 Cega was acquired by an undisclosed party and wound down its public-facing product suite, urging remaining depositors to withdraw.

BullX (neo.bullx.io) is a multi-chain DEX trading terminal and Telegram bot launched in mid-2024, primarily targeting Solana memecoin traders. The platform is operated by Future Bridge Inc., incorporated in Panama, with leadership known only by the pseudonym 'Blitz.' BullX accumulated over $12.4 billion in lifetime trading volume and $112 million in fees before suffering a sharp user decline in early 2025 amid allegations of referral commission withholding, CEO inaccessibility, and a two-month social media blackout — though the platform remains operational as of mid-2026.

CryptoZoo was a blockchain-based NFT game co-founded by YouTuber Logan Paul that launched in September 2021 promising players would earn money by breeding virtual animals using the $ZOO token; the game's core gameplay mechanics were never delivered, leading to investor losses, a prominent investigative YouTube series by Coffeezilla, class-action litigation, and an eventual partial refund program. A class-action lawsuit was dismissed with prejudice in October 2025 on the grounds that Paul's promotional statements constituted non-actionable 'puffery', while Paul's own defamation lawsuit against Coffeezilla was proceeding toward a May 2026 jury trial as of the most recent available public records.

Karatbars International GmbH is a Stuttgart-based multi-level marketing company founded in 2011 by Harald Seiz that sold small gold bars through an affiliate network before launching the KaratGold Coin (KBC) in a 2018 ICO that allegedly raised $100 million. Regulatory authorities in Namibia, Germany (BaFin), South Africa, Canada, New Zealand, and the United States (Florida) issued warnings or enforcement actions against the company between 2014 and 2020, with Namibia's central bank formally declaring it a pyramid scheme in May 2019. By late 2020 the company had rebranded as Freebay after the KBC token collapsed; its founder Harald Seiz relocated to Thailand and a German court issued an arrest warrant against him in 2023.

HashOcean (hashocean.com) was a cloud-mining platform that operated from approximately 2014 to 2016, claiming to run data centers in San Francisco, New York, Nuremberg, and Singapore and offering free hashrate to new signups. The site disappeared on or after June 25, 2016, affecting an alleged 700,000 users worldwide. Independent analysis and community assessments characterized it as a Ponzi scheme; no verified law enforcement action or identified operators have been publicly confirmed.

HEX is an ERC-20 token launched in December 2019 by Richard Heart (legal name Richard Schueler), marketed as a blockchain-based certificate of deposit with high staking yields. The U.S. Securities and Exchange Commission filed suit in July 2023 alleging Heart raised over $1 billion through unregistered securities offerings across HEX, PulseChain, and PulseX, and misappropriated at least $12 million for personal luxury purchases; a federal judge dismissed the case in February 2025 on jurisdictional grounds, and the SEC declined to refile. Separate from the U.S. action, Finnish authorities are pursuing Heart on charges of aggravated tax fraud and assault, and Interpol issued a Red Notice for his arrest in December 2024.

GraceToken is an ambiguous name shared by at least two unrelated cryptocurrency projects. The first (ticker: GRCE, Ethereum) was a 2017 charity-fundraising ICO that officially announced its shutdown in January 2018, citing resource exhaustion and inability to gain traction; its team identities were never publicly disclosed. The second (ticker: GRC, BNB Smart Chain) is a separate 2022 community-oriented meme token that reached an all-time high of approximately $0.87 in April 2022 before collapsing to near-zero, with no remaining liquidity or active trading; no Tier 1 or Tier 2 source has confirmed a deliberate rug pull for either project.

Gemcoin was a fraudulent cryptocurrency launched in September 2014 by Steve Chen through his company US Fine Investment Arts (USFIA), operating out of Arcadia, California. The scheme falsely claimed that Gemcoin tokens were backed by billions of dollars in amber and gemstone mine holdings in the Dominican Republic, Argentina, Mexico, and the United States; those mines did not exist. The SEC filed fraud charges and obtained asset freezes in September 2015 when at least $32 million had been raised; a subsequent court-appointed receiver and DOJ criminal prosecution ultimately established total investor losses of approximately $147 million from around 70,000 victims, predominantly Chinese and Chinese-American investors. Steve Chen pleaded guilty in 2020 to conspiracy to commit wire fraud and tax evasion, was sentenced to ten years in federal prison in January 2021, and died in custody on November 19, 2022.

GainBitcoin was an alleged cryptocurrency Ponzi scheme launched in 2015 by Amit Bhardwaj and associates through Singapore-registered Variabletech Pte. Ltd., promising investors 10% monthly returns in Bitcoin over 18 months via purported cloud mining contracts. Indian authorities estimate the scheme defrauded tens of thousands of investors of approximately 80,000 bitcoins valued at roughly Rs 6,600 crore (approximately $790 million), with some estimates placing total losses significantly higher. Bhardwaj was arrested in 2018, died on bail in January 2022, and the Central Bureau of Investigation (CBI) continues to pursue co-accused, securing its first custodial arrest in March 2026.

Forsage (forsage.io) was a smart-contract-based MLM platform launched in January 2020 on Ethereum, Tron, and Binance Smart Chain that operated as a pyramid and Ponzi scheme, raising approximately $300–340 million from retail investors worldwide. The U.S. SEC filed civil charges against eleven individuals in August 2022, and a federal grand jury in Oregon indicted four founders in February 2023 on conspiracy to commit wire fraud; approximately 88% of participating addresses lost money. As of May 2026, one founder has been extradited and pleaded not guilty while three remain at large.

Finiko was a Russia-based cryptocurrency Ponzi scheme that operated from late 2019 until its collapse in July 2021. Founded by Kirill Doronin and several associates in Kazan, Russia, the scheme accepted Bitcoin and Tether from investors while promising monthly returns of up to 30 percent, and issued a proprietary FNK token. According to Chainalysis, Finiko received over $1.5 billion worth of Bitcoin across more than 800,000 deposits during its 19-month operation, netting an estimated $1.1 billion from victims; Russian authorities officially recorded over 7,700 victims and losses exceeding 5 billion rubles. Doronin was arrested in July 2021, several co-founders were subsequently apprehended through Interpol cooperation with the UAE, and the scheme was identified by U.S. Treasury's FinCEN as one of the top counterparties of sanctioned exchange Bitzlato.

Save the Kids ($KIDS) was a BEP-20 token launched on June 5, 2021, on Binance Smart Chain and traded on PancakeSwap, marketed as a charity token that would donate 1% of transaction fees to children's causes. The token collapsed approximately 70% within hours of launch following coordinated selling by pre-sale insiders, including FaZe Clan members who had promoted it to their predominantly teenage audiences. YouTuber-investigator Stephen 'Coffeezilla' Findeisen subsequently established through on-chain analysis and Discord evidence that the token's anti-whale protection had been secretly modified before launch to enable rapid insider dumps, and that FaZe Clan member Frazier 'Kay' Khattri and YouTube personality Sam Pepper were among the primary architects of the scheme.

FCoin was a cryptocurrency exchange launched in May 2018 by Zhang Jian, former CTO of Huobi, which pioneered the controversial 'trans-fee mining' model that briefly propelled it to claim the highest trading volume of any exchange globally. In February 2020, Zhang Jian publicly admitted the exchange was insolvent, citing an undetected system error that had over-issued mining rewards since mid-2018, leaving a shortfall estimated at 7,000–13,000 BTC (approximately $125–130 million). No credible compensation has materialized as of available records, and on-chain analysis firms raised allegations of a deliberate exit, though no definitive legal finding has been made.

DeFi100 (ticker: D100) was a synthetic index fund and elastic-supply rebase token launched on Binance Smart Chain in February 2021 by an anonymous developer group operating under the name Wrapp3d. On May 22, 2021, the project's website displayed a profane message claiming to have scammed investors, which the team attributed to a website hack rather than an intentional exit; the widely cited $32 million loss figure originated from an unverified Twitter claim and is contradicted by the project's own market-cap data, which placed its peak capitalization below $2 million. The project is effectively abandoned, and its token has lost more than 99% of its all-time-high value.

DavorCoin (DAV) was a cryptocurrency lending platform launched in late 2017 that operated a structure regulators characterized as a Ponzi scheme, promising investors returns of up to 48% per month through a lending program. On February 2, 2018, the Texas State Securities Board issued an Emergency Cease and Desist Order against DavorCoin for selling unregistered securities and making materially misleading statements. The platform shut down its lending program on approximately February 8, 2018, repaying investors in near-worthless DAV tokens rather than the Bitcoin they deposited.

Centra Tech was a Miami-based cryptocurrency startup that conducted a fraudulent initial coin offering (ICO) in mid-2017, raising over $32 million from thousands of investors through an extensive web of fabricated executives, fake partnerships with Visa and Mastercard, and undisclosed celebrity endorsements from Floyd Mayweather Jr. and DJ Khaled. All three co-founders — Sohrab Sharma, Robert Farkas, and Raymond Trapani — pleaded guilty to federal securities fraud, wire fraud, and mail fraud charges; Sharma was sentenced to eight years in federal prison. The case remains one of the most significant ICO enforcement actions in U.S. history.

Bitfinex is a cryptocurrency exchange and Tether (USDT) is the world's largest stablecoin by market capitalization, both operated under the parent company iFinex Inc., incorporated in the British Virgin Islands. The two entities have faced multiple significant regulatory actions, including an $18.5 million settlement with the New York Attorney General over alleged concealment of an $850 million loss, a $42.5 million CFTC fine for misrepresenting USDT reserve backing, and an ongoing DOJ bank-fraud investigation. Tether's USDT reached approximately $188 billion in circulation as of May 2026, and the company engaged KPMG for its first full reserve audit in March 2026.

BitClave PTE Ltd. was a Singapore-incorporated, San Jose-based blockchain startup that raised approximately $25.5 million in 32 seconds through the sale of Consumer Activity Tokens (CAT) during its November 2017 ICO. In May 2020, the U.S. Securities and Exchange Commission charged BitClave with conducting an unregistered securities offering, resulting in a settlement requiring disgorgement of $25.5 million, prejudgment interest of $3.44 million, and a $400,000 civil penalty. The promised BitClave Active Search Ecosystem platform was never delivered, the company ceased operations, and as of 2026 only a fraction of the settlement obligation had been distributed to investors through a SEC-administered Fair Fund.

BitClub Network was a fraudulent cryptocurrency mining investment scheme that operated from April 2014 through December 2019, raising at least $722 million from investors worldwide by falsely promising returns from shared bitcoin mining pools. Five individuals were indicted by a US federal grand jury in December 2019; multiple co-defendants have pleaded guilty while principal operator Matthew Brent Goettsche rejected a plea deal and awaits trial as of mid-2026.

Bidao (BID) is a DeFi project that conducted a year-long ICO from September 2019 to September 2020, raising an alleged ~$18 million to build a collateral-backed stablecoin (BAI) and governance token (BID) on Binance Chain. Despite a hard cap of approximately $19.5 million and the 2020 token listing, the promised stablecoin infrastructure was never delivered; the BID token subsequently lost over 99% of its all-time-high value. The project's operator, Bastian Aigner, later pivoted to launch a separate ERC-20 token called Bidao Smart Chain (BISC) in March 2023, while the original BID token and its obligations to investors remained unfulfilled, prompting multiple community petitions alleging fraud and misuse of ICO funds.

Bernard L. Madoff (1938–2021) was an American financier and former NASDAQ chairman who operated the largest Ponzi scheme in recorded history through his firm Bernard L. Madoff Investment Securities LLC (BLMIS), defrauding approximately 4,800 client accounts of an estimated $64.8 billion over several decades before his arrest in December 2008. Madoff pleaded guilty to 11 federal felonies in 2009 and died in federal prison in 2021 while serving a 150-year sentence. His name is widely invoked in the cryptocurrency industry as the archetypal benchmark for large-scale Ponzi fraud, with figures including Sam Bankman-Fried, Do Kwon, and Ruja Ignatova frequently compared to Madoff by regulators, prosecutors, and commentators.

Baller Ape Club was a Solana-based NFT project that launched on October 1, 2021, and immediately executed a rug pull, stealing approximately $2.6 million from investors. The project's operator, Le Anh Tuan, a 26-year-old Vietnamese national, was charged by the U.S. Department of Justice on June 30, 2022, with conspiracy to commit wire fraud and conspiracy to commit international money laundering — representing the largest NFT fraud case charged by federal prosecutors at the time.

In December 2021, BadgerDAO suffered one of the largest DeFi exploits of that year when an attacker used a compromised Cloudflare API key to inject malicious scripts into the protocol's front-end, tricking users into granting unlimited ERC-20 token approvals. Approximately $120–130 million in Bitcoin-pegged and other tokens were drained from roughly 500 user wallets, with Celsius Network reportedly the single largest victim at approximately $50–55 million. BadgerDAO subsequently engaged Mandiant and Chainalysis for forensic investigation, coordinated with U.S. and Canadian law enforcement, and initiated a multi-tranche governance-driven restitution plan that remained ongoing as of 2025.

Pond0x is a decentralized exchange and token ecosystem launched in July 2023 by Jeremy Cahen, known online as Pauly0x. The project's initial token launch (PNDX) resulted in more than $2.2 million in investor losses due to a smart contract vulnerability that allowed any user to transfer tokens from another wallet without authorization; critics alleged this was intentional. The founder has an extensive record of legal and regulatory entanglements including a $9 million trademark judgment from Yuga Labs (later vacated on appeal and settled), court-documented allegations of evading asset seizure, and a February 2025 listing on San Juan, Puerto Rico's Top 10 Most Wanted list for alleged aggravated assault.

The SpaceX brand has been systematically exploited by unaffiliated third-party scammers to promote fraudulent cryptocurrency schemes since at least 2020. SpaceX (the aerospace company founded by Elon Musk) has no official cryptocurrency, token, or digital asset. Documented fraud typologies include fake token presales with rug pulls on Uniswap, fake crypto giveaway and doubling scams, AI deepfake livestreams on YouTube and social media, and wallet-draining airdrop phishing sites — collectively responsible for tens of millions of dollars in documented victim losses.

The Solana address FQ1tyso61AH1tzodyJfSwmzsD3GToybbRNoZxUBz21p8 is the token mint for Dasha (ticker: VVAIFU), the native token of vvaifu.fun — a no-code AI agent launchpad on Solana launched via Pump.fun on October 19, 2024. The token reached an all-time high of approximately $0.21 in November 2024, driven by speculative hype around the AI agent narrative, but has since collapsed approximately 99.9% to under $0.0003 as of mid-2026. The team behind vvaifu.fun operates pseudonymously, no formal audits have been disclosed, and CoinMarketCap lists a CertiK security score of 3.5 out of 10.

In June 2023, Atomic Wallet — an Estonian non-custodial cryptocurrency wallet with approximately five million users — suffered a major security breach in which attackers drained funds from an estimated 5,500 user wallets. Blockchain analytics firms Elliptic and on-chain investigators attributed the attack to North Korea's Lazarus Group with high confidence, and the FBI later confirmed this attribution. The total loss figure is disputed, with Elliptic placing it above $100 million and independent researcher Taylor Monahan estimating a minimum of $115 million; the underlying attack vector was never publicly confirmed by Atomic Wallet.

"Africoin" is a name that has been used by at least five unrelated cryptocurrency projects and schemes operating across Africa since approximately 2013. The most widely documented uses involve a Nigeria/Ghana-based pseudo-cryptocurrency launched around 2016–2017, alleged to be a Ponzi scheme with anonymous or pseudonymous operators, and a separate South African entity sometimes confused with it called Africrypt (unrelated). A more recent entity also named Africoin — a Rwanda-headquartered real-world asset tokenization platform led by Vinod Khatumal — was admitted to Ghana's SEC regulatory sandbox in 2026 and represents a distinct, separately regulated operation. Because multiple operators have shared the same name, investigators must clearly disambiguate which entity is under review.

zkSync Era is an EVM-compatible ZK rollup Layer 2 network on Ethereum, developed by Matter Labs and governed through the ZK Nation framework. The network launched its ZK token in June 2024 to significant community controversy over airdrop eligibility and alleged Sybil-farming failures. In April 2025, an admin private-key compromise allowed an attacker to mint 111 million unclaimed ZK tokens worth approximately $5 million from airdrop contracts, though 90% of funds were later recovered via a bounty agreement.

XRP is a cryptocurrency native to the XRP Ledger (XRPL), a public blockchain co-designed in 2011–2012 by Jed McCaleb, David Schwartz, and Arthur Britto. Ripple Labs, Inc. is the San Francisco-based company that co-developed the ledger and has historically used XRP sales to finance operations, accumulating approximately 80 billion of the fixed 100 billion token supply at launch. A landmark U.S. Securities and Exchange Commission lawsuit filed in December 2020 — alleging over $1.3 billion in unregistered securities offerings — concluded in August 2025 when both parties dropped their appeals, cementing a $125 million civil penalty and a permanent injunction against further unregistered institutional XRP sales in the U.S.

USD Coin (USDC) is a fiat-backed stablecoin issued by Circle Internet Group, pegged 1:1 to the US dollar and backed by cash and short-dated US Treasury instruments held in a regulated money market fund. First launched in September 2018 via the Centre Consortium (a joint venture with Coinbase), USDC is among the largest and most regulated stablecoins globally, with approximately $75.8 billion in circulation as of May 2026. The stablecoin has maintained a generally stable peg but experienced a significant temporary depeg to $0.87 in March 2023 following Circle's disclosure of $3.3 billion in deposits held at the failed Silicon Valley Bank.

Synthetix is an Ethereum-based decentralized derivatives liquidity protocol originally launched in 2017 as Havven by Australian entrepreneur Kain Warwick, rebranding in 2018 to enable the creation of synthetic assets tracking real-world prices. The protocol reached a peak total value locked during the 2021 DeFi bull market and has been a pioneer in on-chain derivatives, but has faced recurring issues including a critical oracle exploit in 2019, persistent front-running vulnerabilities, a contentious DWF Labs market-maker arrangement, and a prolonged sUSD stablecoin depeg crisis beginning in 2025 triggered by the SIP-420 protocol overhaul.

MYX Finance is a Singapore-based decentralized perpetual futures exchange founded in 2023 by Mark Zhang (Yihao Zhang), a former Huobi futures executive. The protocol raised $10 million across two funding rounds and launched its MYX token via airdrop in May 2025. Following a 1,400% token price surge in September 2025, on-chain analytics firm Bubblemaps alleged the largest Sybil airdrop attack in crypto history — tracing approximately $170 million in token claims across ~100 coordinated wallets back to a wallet linked to the project's creator — and on-chain investigator ZachXBT subsequently identified MYX among a cluster of tokens exhibiting a common supply-control manipulation pattern attributed to an unknown market maker operating through Asian centralized exchanges.

Starknet is a permissionless ZK-rollup Layer 2 network on Ethereum, developed by Israeli cryptography firm StarkWare Industries. It uses STARK-based validity proofs and the Cairo programming language to scale Ethereum throughput. The project launched its STRK token in February 2024 and reached L2Beat Stage 1 decentralization in May 2025, but has faced significant community criticism over its airdrop eligibility criteria and an early, aggressive token unlock schedule for investors and early contributors.

Spark Protocol is a decentralized lending and capital allocation platform incubated within the MakerDAO (now Sky) ecosystem, built by the core contributor team Phoenix Labs. Launched on Ethereum in May 2023, it operates SparkLend (a money market), Spark Savings (sUSDS yield vault), and a cross-chain Spark Liquidity Layer, reaching over $8 billion in combined TVL by mid-2025. The protocol issued its SPK governance token via airdrop in June 2025 and has faced community criticism over geographic access restrictions, VPN blocking, centralization concerns inherited from Sky's governance structure, and post-airdrop token price volatility.

Scroll is an Ethereum Layer 2 ZK rollup that launched its mainnet in October 2023, offering bytecode-level EVM compatibility via zero-knowledge proofs. The project raised $83 million in venture funding and launched its SCR governance token in October 2024, but faced significant community backlash over airdrop distribution mechanics, concentrated whale allocations, and a 32% same-day price decline. By early 2026, Scroll's TVL had collapsed approximately 96% from its peak and the project triggered further controversy by proposing to dissolve its Security Council and reduce DAO contributor roles.

Rocket Pool is a decentralized, non-custodial Ethereum liquid staking protocol founded in 2016 by David Rugendyke and launched on mainnet in November 2021. It issues two tokens: rETH (a liquid staking derivative) and RPL (a governance and collateral token). As of mid-2026, the protocol holds approximately $924 million in total value locked, making it the second-largest decentralized Ethereum staking provider by TVL, behind Lido Finance.

Robinhood Crypto, LLC is the cryptocurrency trading subsidiary of publicly-traded Robinhood Markets, Inc. (NASDAQ: HOOD), offering retail crypto trading in the United States and Europe. The entity has accumulated over $170 million in regulatory fines and settlements across multiple U.S. jurisdictions since 2020 related to AML deficiencies, misleading disclosures, customer asset restrictions, and cybersecurity failures, though it remains a licensed and operational platform with growing global ambitions including the $200 million acquisition of Bitstamp completed in June 2025.

Optimism is an Ethereum Layer 2 optimistic rollup network operated by OP Labs PBC, with ecosystem governance stewarded by the Optimism Foundation. Launched on mainnet in January 2021, it issues the OP governance token and anchors the Superchain — a shared framework that powers Base, Zora, Mode, and more than two dozen other OP Stack-based chains. The network has a credible technical pedigree and documented decentralization progress, but retains meaningful centralization in its sequencer and upgrade-key infrastructure, and has experienced several notable security incidents.

NEAR Protocol is a layer-1 proof-of-stake blockchain founded in 2017 by Illia Polosukhin and Alexander Skidanov, featuring a sharded architecture (Nightshade) and human-readable account names, with mainnet launching in April 2020. The project has raised over $540 million from notable investors including Andreessen Horowitz and Tiger Global, and has maintained an active development roadmap pivoting toward AI agent infrastructure. No direct fraud or regulatory enforcement actions have been identified against the protocol itself, though ecosystem-level exploits, centralization concerns, and investor overlap with collapsed entities such as FTX Ventures and Three Arrows Capital have been noted.

Linea is a zkEVM Layer 2 rollup built by Consensys that launched on Ethereum mainnet in July–August 2023 and uses a proprietary zk-SNARK proving library called gnark. The network is classified as Stage 0 by L2BEAT, operates a single centralized sequencer with no permissionless fallback, and demonstrated this centralization risk in June 2024 when it unilaterally halted block production during the Velocore DEX hack. The LINEA token launched in September 2025 and suffered a 93% price collapse within hours amid a delayed community airdrop contract, sequencer outage, and allegations of treasury wallet selling pressure.

Gemini is a New York-based cryptocurrency exchange and custodian bank founded in 2015 by Cameron and Tyler Winklevoss, regulated under a NYDFS Limited Purpose Trust Charter. The exchange gained significant notoriety following the collapse of its Gemini Earn lending program in late 2022, which left approximately 340,000 users with roughly $900 million in frozen assets; subsequent SEC and NYDFS enforcement actions were resolved by early 2024 and 2026 respectively with full customer restitution. Gemini went public on the Nasdaq in September 2025 under the ticker GEMI, but its stock has since declined more than 80% amid deepening losses, executive departures, mass layoffs, and a contested post-IPO strategic pivot to prediction markets.

SKYAI is a BNB Smart Chain BEP-20 token marketed as an AI data infrastructure protocol using the Model Context Protocol (MCP). The token experienced a roughly 4,100% price surge from late April through early May 2026, driven in part by a Bitget exchange listing, before collapsing approximately 79% from its all-time high of ~$0.85. On-chain investigators ZachXBT and SpecterAnalyst have alleged SKYAI belongs to a recurring supply-control manipulation playbook — attributed to an unknown market maker operating through Chinese exchanges — that has also been observed in RIVER, RAVE, SIREN, MYX, and LAB tokens, with HSBG (Heisenberg Guru) separately identified as a Hong Kong entity potentially connected to this broader network. The project team has not made its identity public.

Gate.io (rebranded to Gate.com in May 2025) is a major global cryptocurrency exchange founded in 2013 as Bter.com by Lin Han, currently incorporated in the Cayman Islands and serving over 52 million users across more than 4,600 assets. The exchange has faced significant scrutiny including an alleged undisclosed $230 million hack in 2018 attributed to North Korean state actors, a 2025 public notice from the Cayman Islands Monetary Authority (CIMA) confirming it has never been licensed in its ostensible home jurisdiction, and a pattern of user complaints regarding account freezes, withdrawal blocks, and a disputed $LA futures incident in 2025. The exchange publishes monthly proof-of-reserves reports audited by Hacken and holds licenses in several jurisdictions including Malta (MiCA), Dubai (VARA), Cyprus (CySEC), and Australia (AUSTRAC).

Frax Finance is a decentralized stablecoin protocol launched in December 2020, originally pioneering a fractional-algorithmic design for its FRAX stablecoin. Following the collapse of algorithmic stablecoins in 2022, the protocol voted in 2023 to move to full collateralization, and has since expanded into a broader DeFi ecosystem including liquid staking (frxETH), a lending market (Fraxlend), a Layer 2 blockchain (Fraxtal), and a fully-backed institutional stablecoin (frxUSD) collateralized by BlackRock's BUIDL fund. The protocol faces documented concerns about historical centralization via a core-team-controlled multisig, an unresolved bug bounty attribution dispute, and prior security incidents including a DNS domain hijacking and an X account compromise.

Ethena is a synthetic-dollar protocol launched on Ethereum in 2023, issuing USDe — a delta-neutral synthetic dollar backed by crypto spot collateral and offsetting short perpetual futures positions rather than fiat bank deposits. The protocol also issues a governance token (ENA) and a yield-bearing staked variant (sUSDe) marketed as an 'Internet Bond.' While it achieved a peak supply exceeding $14 billion in 2025, it has faced regulatory enforcement in Germany under MiCAR, a localized depeg event on Binance in October 2025, ongoing counterparty and negative-funding-rate risk critiques, and comparisons — contested by the founding team — to the failed Terra/UST model.

Álvaro Romillo Castillo, a Spanish cryptocurrency influencer operating publicly as 'CryptoSpain,' was arrested on November 6, 2025, by Spain's Civil Guard under Operation PONEI on charges of large-scale fraud, money laundering, and criminal organization in connection with the Madeira Invest Club (MIC), an alleged Ponzi scheme that authorities say defrauded over 3,000 investors of approximately €260 million (roughly $300 million USD) between early 2023 and September 2024. A Spanish National Court judge ordered Romillo held without bail citing flight risk, and the case has acquired a political dimension following revelations of an alleged undisclosed €100,000 cash transfer from Romillo to far-right MEP Luis 'Alvise' Pérez Fernández days before the June 2024 European elections. Romillo faces up to 18 years in prison if charges are classified as mass offenses.

Forsage was a smart-contract-based pyramid and Ponzi scheme launched in January 2020 that raised approximately $340 million from investors worldwide across the Ethereum, Tron, and Binance Smart Chain networks. Four founders — including Ukrainian national Olena Oblamska (known online as 'Lola Ferrari') and Russian national Vladimir Okhotnikov (known as 'Lado') — were indicted by the U.S. DOJ in February 2023 on conspiracy to commit wire fraud charges. As of May 2026, Oblamska has been extradited from Thailand and has pleaded not guilty, with a jury trial scheduled for July 14, 2026; the remaining three co-founders are believed to be at large.

SIGMA is a multi-chain Telegram trading bot operating at sigma.win that supports Ethereum, BSC, Base, Solana, Avalanche, and other networks. On May 11, 2026, a crypto trader known as Unihax0r suffered a private key compromise draining over $200,000 across Ethereum, Base, and BSC, with both affected wallets traceable exclusively to SIGMA's wallet generation infrastructure. SIGMA has published no post-mortem, security advisory, or public statement in response to the incident as of late May 2026.

Convex Finance is a decentralized finance yield-optimization protocol launched in May 2021 on Ethereum, designed to boost rewards for Curve Finance liquidity providers and CRV stakers by aggregating veCRV voting power. The protocol rapidly became one of the largest DeFi platforms by total value locked, peaking near $21 billion in January 2022, and accumulated controlling influence over Curve governance by holding approximately 47–50% of all veCRV supply at peak. The team has remained anonymous since launch, and the protocol experienced a critical multi-signature vulnerability in December 2021 — discovered and disclosed by OpenZeppelin — which was patched without any loss of user funds.

Celestia is a modular blockchain network that provides a dedicated data availability (DA) and consensus layer for rollups and application-specific chains, using data availability sampling to allow light nodes to verify block data without downloading full blocks. Developed by Celestia Labs and launched on mainnet on October 31, 2023, the project raised $155 million from prominent venture capital firms including Bain Capital Crypto and Polychain Capital. The project has faced significant controversy over its tokenomics, alleged insider token selling, and a 95%+ decline in the TIA token from its June 2024 all-time high of approximately $20.91.

Blast is an Ethereum Layer 2 optimistic rollup that launched in November 2023, distinguished by its 'native yield' mechanism routing bridged ETH and stablecoins through Lido and MakerDAO respectively. Founded by Tieshun Roquerre ('Pacman'), the creator of the Blur NFT marketplace, Blast raised $20 million from Paradigm and others, attracted over $2 billion in TVL before its February 2024 mainnet launch, and airdropped the BLAST token in June 2024. The network has since experienced a dramatic decline, losing approximately 97% of its peak TVL and facing persistent criticism over centralization, lack of fraud proofs, a controversial airdrop distribution, and multiple high-profile exploits on ecosystem applications.

Bitstamp is a Luxembourg-headquartered cryptocurrency exchange founded in 2011 by Nejc Kodric and Damijan Merlak, widely regarded as the world's longest-running active crypto exchange. It was acquired by Robinhood Markets for approximately $200 million in June 2025 and holds over 50 active licenses and registrations globally, including an EU MiCA CASP license and a MiFID MTF license. The exchange has maintained a strong regulatory compliance posture for most of its history, though it suffered a significant $5.3 million hack in 2015 and a 2025 French court found it civilly liable for a period of unregistered operation in France.

Berachain is an EVM-identical Layer 1 blockchain launched on February 6, 2025, built around a novel 'Proof of Liquidity' (PoL) consensus mechanism designed to align validators, applications, and users around on-chain economic activity. The project raised $142 million across two funding rounds, achieved a peak TVL of over $3.3 billion at mainnet launch, and distributed approximately 79 million BERA tokens via airdrop. Since launch, the project has faced significant controversies including alleged insider token selling by a co-founder, a preferential refund arrangement for institutional investor Brevan Howard, a $12.8 million BEX exploit requiring an emergency hard fork in November 2025, and a prolonged token price decline of over 97% from its all-time high.

Aerodrome Finance is a decentralized exchange (DEX) and automated market maker (AMM) launched on August 28, 2023 on Coinbase's Base Layer-2 network. It operates a ve(3,3) tokenomics model inherited from Velodrome Finance and has grown to become the dominant DEX on Base by total value locked and trading volume. The protocol has no history of smart contract exploits but suffered a significant DNS hijacking attack in November 2025 that resulted in approximately $700,000 to $1 million in user losses.

CoW Protocol (trading interface: CoW Swap) is a decentralized exchange aggregator and MEV-protection protocol spun out of GnosisDAO in 2022. On April 14, 2026, the protocol's cow.fi domain was hijacked via a social engineering attack that exploited registrar Gandi SAS and the Finnish .fi registry authority Traficom using forged identity documents, redirecting users to a phishing interface for approximately 90 minutes and causing confirmed losses of approximately $1.2 million. The protocol's smart contracts were not compromised; CoW DAO subsequently passed CIP-86 in May 2026 to offer discretionary grants reimbursing verified victims up to 100% of their losses.

StablR is a Malta-based, MiCA-regulated stablecoin issuer holding an Electronic Money Institution license from the Malta Financial Services Authority (MFSA), backed by strategic investors including Tether and Kraken. On May 24, 2026, an attacker compromised a single private key on the issuer's 1-of-3 minting multisig, gaining full administrative control and minting approximately 8.35 million USDR and 4.5 million EURR (~$13.5 million face value in unbacked tokens). The attacker extracted an estimated $2.8 million net profit after selling into thin DEX liquidity, causing both stablecoins to depeg by more than 20%; StablR subsequently froze minting and redemption, acknowledged the breach caused a MiCA-mandated 1:1 reserve shortfall, and engaged law enforcement and external cybersecurity firms.

Álvaro Romillo Castillo, a Spanish crypto influencer operating under the alias 'CryptoSpain,' was arrested on November 6, 2025, and detained without bail by Spain's National Court on charges of fraud, money laundering, and participation in a criminal organization. Romillo is alleged to have operated Madeira Invest Club (MIC), a Ponzi scheme that Spanish authorities say defrauded over 3,000 investors of approximately €260 million (roughly $300 million) between early 2023 and September 2024 by falsely promising annual returns of up to 53% through purported investments in luxury assets and cryptocurrencies. The case, conducted under Operation PONEI with support from Europol and law enforcement agencies in the US, Singapore, Malaysia, and Thailand, is considered Spain's largest crypto influencer fraud.

Goliath Ventures (formerly Gen-Z Venture Firm) was an Orlando, Florida-based cryptocurrency investment company whose CEO, Christopher Alexander Delgado, was arrested on February 24, 2026 on federal wire fraud and money laundering charges. Federal prosecutors allege the firm operated as a Ponzi scheme from January 2023 through January 2026, raising at least $328 million from approximately 1,500 to 2,000 investors under false promises of 3–8% monthly returns from cryptocurrency liquidity pools, while actually placing only approximately $1.5 million into any crypto platform. The company filed for Chapter 11 bankruptcy on March 16, 2026, and subsequent civil litigation has named JPMorgan Chase, Bank of America, Coinbase, and the law firm Alston & Bird as alleged enablers.

Heisenberg Guru (HSBG) is a Hong Kong-based cryptocurrency market maker alleged by on-chain investigator ZachXBT to have orchestrated coordinated supply-control manipulation schemes across at least six tokens — RIVER, RAVE, SIREN, MYX, SKYAI, and LAB — primarily through Bitget, with Binance and Gate.io as secondary venues. On May 19, 2026, ZachXBT posted a $10,000 personal bounty for insider evidence identifying the firm's operators, naming 'Sion' and 'Chao' as core team members. As of May 31, 2026, HSBG has not publicly responded to the allegations, no regulatory action has been confirmed, and the bounty remains open.

Nathan Fuller, a resident of Cypress, Texas, operated Privvy Investments LLC and affiliated entity Gateway Digital Investments to raise approximately $12.3 million from roughly 150 investors between October 2022 and mid-2024. The U.S. Securities and Exchange Commission filed a federal complaint on May 28, 2026 alleging Fuller ran a Ponzi scheme predicated on fabricated AI trading bots, false regulatory claims, and forged documentation, diverting over $11.7 million to personal use and recycled investor payments while deploying less than 3% of raised funds to any actual trading activity. Fuller has already been denied a bankruptcy discharge by a Texas bankruptcy court after admitting in those proceedings that he operated Privvy as a Ponzi scheme.

[MERGED] Consolidated into the canonical 'drift' investigation on 2026-05-30. This page's richer content was ported to /drift; full pre-merge content preserved in investigation_logs.

On February 4, 2021, an attacker exploited Yearn Finance's v1 yDAI vault using a multi-protocol flash loan to manipulate exchange rates in Curve Finance's 3pool, causing approximately $11 million in vault losses while the attacker personally profited roughly $2.8 million. Yearn Finance's security team contained the exploit within eleven minutes, preserving $24 million of the vault's $35 million under management. Yearn subsequently reimbursed affected depositors by minting 9.7 million DAI against YFI collateral in a MakerDAO vault, with the intent to repay the debt from ongoing protocol revenue.

Velocore was a ve(3,3) decentralized exchange deployed on zkSync Era and Linea that suffered a critical smart contract exploit on June 2, 2024, resulting in the theft of approximately $6.8 million in ETH. A vulnerability in the protocol's Balancer-style CPMM pool fee calculation logic allowed an attacker to manipulate the feeMultiplier parameter beyond 100%, enabling draining of all volatile liquidity pools. Stolen funds were laundered through Tornado Cash with no recovery, and the hack triggered a controversial unilateral block production halt by Linea's sequencer operator Consensys.

Value DeFi Protocol is a yield aggregation and automated market-making platform that operated on Ethereum and Binance Smart Chain, offering products including vSafe vaults, vSwap, and governance staking. The protocol suffered at least three major security exploits between November 2020 and May 2021, resulting in a combined estimated loss of approximately $23 million across multiple incidents. The protocol is notably remembered for having publicly claimed flash loan attack prevention the day before its first and most publicized exploit.

Stars Arena was an Avalanche-based SocialFi protocol launched on September 27, 2023, modeled closely on Friend.tech, allowing users to trade tokenized access to creators. Within ten days of launch the platform suffered two sequential smart contract exploits, with the second on October 7, 2023 draining approximately $2.9 million in AVAX through a reentrancy vulnerability — the entirety of its TVL. Following a partial fund recovery via bounty negotiation and a security audit, the platform was acquired by a new team in November 2023, rebranded as The Arena, and relaunched with a rebuilt contract.

Squid Game Token (SQUID) was a fraudulent Binance Smart Chain token launched in late October 2021 that exploited the global popularity of Netflix's Squid Game series. The anonymous developers embedded a smart contract mechanism preventing any investor from selling their tokens while reserving that ability exclusively for themselves. On November 1, 2021, they drained approximately $3.38 million in liquidity within minutes, crashing the price from a peak of $2,861 to nearly zero, then deleted all project communications and disappeared.

Spartan Protocol is a BSC-based decentralized liquidity protocol offering token swapping and synthetic asset generation via a liquidity-sensitive AMM. On May 2, 2021, a flash loan exploit targeting a flaw in the protocol's liquidity share calculation resulted in the loss of approximately $30 million in user funds, none of which were verifiably recovered. The protocol relaunched as V2 in October 2021 but has seen drastically reduced activity and a near-total collapse in token value.

Socket Protocol (also marketed as Bungee Exchange) is a cross-chain interoperability and liquidity-routing protocol founded in 2021 by Vaibhav Chellani and Rishabh Khurana. On January 16, 2024, a newly deployed route module containing an unvalidated calldata vulnerability was exploited, draining approximately $3.3 million from approximately 230 wallets that had granted infinite token approvals to the SocketGateway contract. In an unusual outcome for a DeFi exploit, Socket negotiated the return of 1,032 ETH (~$2.3 million) from the attacker and covered the remaining ~$1.1 million shortfall itself, making all affected users whole.

Samourai Wallet was a privacy-focused, non-custodial Bitcoin wallet developed since 2015 that offered CoinJoin mixing (Whirlpool), transaction obfuscation (Ricochet), and self-hosted node support (Dojo). In April 2024, co-founders Keonne Rodriguez and William Lonergan Hill were arrested by the U.S. Department of Justice on charges of conspiracy to operate an unlicensed money transmitting business and conspiracy to commit money laundering; both pleaded guilty in July 2025 and were sentenced to five and four years in federal prison respectively in November 2025. The case generated significant legal controversy, including a Brady disclosure revealing that FinCEN had told prosecutors before the indictment that Samourai did not qualify as a money transmitter, and a subsequent DOJ policy memo directing prosecutors to stop targeting non-custodial wallet developers.

Nirvana Finance was a Solana-based algorithmic DeFi protocol issuing the ANA metastable token and the NIRV stablecoin. On July 28, 2022, the protocol was exploited via a flash loan attack orchestrated by security engineer Shakeeb Ahmed, who drained approximately $3.5 million — effectively the entirety of the treasury — causing ANA to collapse ~85% and NIRV to permanently lose its dollar peg. Ahmed was later convicted in the first-ever U.S. criminal prosecution for hacking a DeFi smart contract and was sentenced to three years in prison in April 2024; the protocol attempted a partial relaunch as Nirvana V2 in December 2024.

Meter Passport is the cross-chain bridge product of Meter Protocol, a layer-1 blockchain infrastructure project. On February 5, 2022, the bridge was exploited for approximately $4.4 million due to a flawed trust assumption in the ERC20 handler contract's treatment of wrapped native tokens (WETH and BNB). Cascading effects from the exploit caused an additional ~$2.1 million in losses to the Hundred Finance protocol on Moonriver, bringing total ecosystem damage to roughly $6.5 million.

On September 25, 2020, the KuCoin cryptocurrency exchange suffered a major security breach in which hackers obtained the private keys to the exchange's hot wallets and stole approximately $281 million in Bitcoin, Ethereum, ERC-20 tokens, and other assets — the largest exchange hack of 2020. KuCoin subsequently recovered approximately 84% of stolen funds through on-chain tracking, project-team token swaps, and law enforcement cooperation, with the remaining 16% covered by the exchange's insurance fund. The hack was attributed to North Korea's Lazarus Group by blockchain analytics firm Chainalysis; separately, in March 2024 the U.S. Department of Justice criminally charged KuCoin and two of its founders for operating an unlicensed money transmitting business and Bank Secrecy Act violations, resulting in a $297.4 million guilty plea settlement in January 2025.

Hedgey Finance is a token vesting and claims infrastructure protocol founded in 2021 and used by over 100 blockchain projects including Arbitrum DAO and ENS DAO. On April 19, 2024, the protocol suffered a critical smart contract exploit that drained approximately $44.7 million across Ethereum mainnet and Arbitrum through a flash loan attack exploiting insufficient input validation in the ClaimCampaigns contract. In December 2025, Hedgey was acquired by Anchorage Digital, the first federally chartered crypto bank in the United States.

Fortress Protocol was a BSC-based lending and borrowing protocol operated as the lending arm of JetFuel Finance. On May 9, 2022, an attacker exploited simultaneous vulnerabilities in the protocol's governance system and Umbrella Network price oracle, draining approximately $2.98 million in user funds. Stolen assets were laundered through Tornado Cash and were never recovered; the protocol subsequently removed on-chain governance and has remained largely inactive.

Exactly Protocol is a decentralized, non-custodial fixed and variable interest rate lending protocol deployed on the Optimism Layer 2 network. On August 18, 2023, the protocol suffered a critical exploit in its DebtManager periphery contract that drained approximately $7.3 million from 117 user accounts through an access control bypass and reentrancy attack. Despite multiple prior audits of its core contracts, the vulnerable periphery contract was outside the audit scope at the time of the attack; the stolen funds were bridged to Ethereum and have not been publicly confirmed as recovered.

Evolved Apes was a collection of 10,000 Ethereum-based NFTs launched on September 24, 2021, that promised holders access to an unreleased blockchain fighting game. Approximately one week after the mint sold out, the anonymous developer known only as 'Evil Ape' disappeared with approximately 798 ETH (roughly $2.7 million at the time), taking down the project's website and Twitter account in what became one of the most prominent early NFT rug pulls. In June 2024, the U.S. Attorney's Office for the Southern District of New York charged three UK nationals — Mohamed-Amin Atcha, Mohamed Rilaz Waleedh, and Daood Hassan — with conspiracy to commit wire fraud and conspiracy to commit money laundering in connection with the scheme.

EasyFi Network was a Polygon-based DeFi lending protocol that suffered one of the largest private-key compromise incidents in early DeFi history. On April 19, 2021, an attacker remotely compromised founder Ankitt Gaur's machine and extracted MetaMask admin keys, stealing approximately $6 million in stablecoins and 2.98 million EASY tokens (face value ~$75–80 million, liquid value ~$6 million). Following a hard fork to a new EZ token and a partial compensation plan, the protocol never recovered meaningful adoption; the EZ token as of 2025 trades at near-zero value.

dForce Network is a China-founded DeFi protocol suite offering lending, stablecoin, and trading products, founded in late 2018 by Mindao Yang and Xin Xu. The protocol suffered two significant security incidents: a $25 million ERC-777 reentrancy exploit in April 2020 and a $3.65 million read-only reentrancy attack in February 2023, with funds returned in both cases. Despite recovering from both exploits and continuing to operate across multiple chains, the protocol's pattern of deploying code without fully auditing all integrated components remains a documented risk factor.

DEUS DAO (also known as DEUS Finance) is a Fantom-based decentralized derivatives and lending protocol that suffered three major security exploits between March 2022 and May 2023, resulting in cumulative losses of approximately $22–23 million. The protocol's algorithmic stablecoin DEI permanently lost its dollar peg in 2022 and was never restored to stability. No regulatory or law enforcement actions against the protocol have been publicly identified.

DAO Maker is a crypto fundraising and launchpad platform founded in 2018 by Christoph Zaknun and Giorgio Marciano, known for its Strong Holder Offering (SHO) and Dynamic Coin Offering (DYCO) mechanisms. The platform suffered two confirmed exploits in August and September 2021 totaling approximately $11 million in losses, affecting over 5,200 users. A promised multi-phase compensation plan was subsequently undermined by an alleged governance vote manipulation, leaving a significant portion of hack victims unreimbursed as of 2024.

C.R.E.A.M. Finance is a decentralized lending protocol that launched on Ethereum in August 2020, originally forked from Compound Finance. The protocol suffered three major exploits across 2021, losing approximately $186 million in total user funds, and has been effectively dormant since early 2022 with minimal development activity and a TVL that collapsed from over $2 billion to under $3 million.

BitMEX (Bitcoin Mercantile Exchange) is a cryptocurrency derivatives exchange founded in 2014 by Arthur Hayes, Ben Delo, and Samuel Reed that pioneered the perpetual swap contract and at its peak was one of the largest crypto derivatives platforms in the world. In October 2020, the CFTC and DOJ charged the exchange and its co-founders with operating an unregistered trading platform and willfully failing to implement anti-money laundering and know-your-customer programs in violation of the Bank Secrecy Act. All three co-founders subsequently pleaded guilty, the exchange paid a $100 million civil settlement, and in March 2025 the founders and the corporate entity received presidential pardons from Donald Trump.

On December 1–2, 2022, a former Ankr employee carried out a supply chain attack that compromised the protocol's deployer private key, enabling the minting of trillions of aBNBc tokens and the draining of approximately $5 million in liquidity. Hours later, a separate attacker exploited Helio Protocol's slow price oracle to borrow $16.4 million in HAY stablecoin against nearly worthless aBNBc collateral, ultimately netting around $15.5 million. Combined losses exceeded $20 million, making it one of the most significant DeFi insider-threat incidents of 2022.

Alpha Finance Lab, now rebranded as Alpha Venture DAO, is a DeFi protocol suite founded in 2020 and best known for Alpha Homora, a leveraged yield farming platform. On February 13, 2021, Alpha Homora V2 suffered one of the most technically complex exploits in DeFi history, losing approximately $37.5 million through a multi-step flash loan attack that exploited a rounding error and an undisclosed sUSD pool. The exploit triggered a prolonged inter-protocol dispute with Iron Bank (Cream Finance) over $32.4 million in bad debt that remained only partially resolved as of 2023.

Alchemix Finance is an Ethereum-based DeFi protocol that offers self-repaying loans, allowing users to deposit yield-bearing collateral and borrow synthetic assets whose debt is automatically paid down by the underlying yield. The protocol has experienced several notable security incidents since its February 2021 launch, including a June 2021 alETH transmuter bug (~2,700 ETH overclaimed), and a July 2023 Curve pool exploit (~$20M stolen and subsequently fully returned). Alchemix has maintained operational continuity through each incident and continues to develop a V3 upgrade with an active Immunefi bug bounty program.

LAB is the native token of an AI-powered multi-chain trading terminal that launched via a Binance Wallet exclusive Token Generation Event in October 2025. In May 2026, on-chain investigator ZachXBT published two investigations alleging that insiders controlled more than 95% of the token supply, coordinated a pump to a $6 billion fully diluted valuation, and withdrew approximately 100 million LAB tokens worth $480 million through 10 freshly created wallets before the price crashed more than 65%. The alleged scheme involved a BVI-registered shell company, predatory OTC loan agreements, unilateral vesting changes, and on-chain links to a broader pattern of exchange-facilitated supply-control manipulation attributed to an unknown market maker operating primarily through Bitget.

TAC Protocol is an EVM-compatible Layer-1 blockchain built on Cosmos SDK that bridges Ethereum DeFi applications to the TON blockchain and Telegram ecosystem. On May 12, 2026, its cross-chain bridge was exploited for approximately $2.86 million — the protocol's entire TVL at the time — due to missing validation in sequencer software that allowed attackers to forge Jetton wallets. The attacker subsequently accepted a 10% white-hat bounty, returning roughly 90% of stolen funds to TAC's multisig; the bridge remains paused pending an independent security audit as of late May 2026.

Nishad Singh is a former software engineer who served as Director of Engineering at FTX, the cryptocurrency exchange that collapsed in November 2022 following the misappropriation of more than $8 billion in customer funds. Singh pleaded guilty in February 2023 to six criminal charges including wire fraud, commodities fraud, securities fraud, money laundering conspiracy, and campaign finance violations, and was sentenced in October 2024 to time served with no prison after providing extensive cooperation against FTX founder Sam Bankman-Fried. A supplemental CFTC civil settlement was reached in April 2026, requiring Singh to disgorge $3.7 million and subjecting him to a five-year trading ban.

Caroline Ellison is the former co-CEO and sole CEO of Alameda Research, the cryptocurrency trading firm affiliated with FTX, who pleaded guilty in December 2022 to seven federal counts of fraud and conspiracy related to the misappropriation of billions of dollars in FTX customer funds. She served as the prosecution's star witness in the trial of FTX founder Sam Bankman-Fried, whose conviction in November 2023 and subsequent 25-year sentence were substantially aided by her testimony. Ellison was sentenced to two years in federal prison in September 2024, ordered to forfeit $11 billion, and was released in January 2026 after serving approximately 14 months.

Zixiao 'Gary' Wang is the co-founder and former Chief Technology Officer of FTX, the cryptocurrency exchange that collapsed in November 2022 following the discovery of an $8 billion shortfall caused by the misappropriation of customer funds to affiliated hedge fund Alameda Research. Wang pleaded guilty in December 2022 to four counts of wire fraud and conspiracy, served as a principal cooperating witness against former CEO Sam Bankman-Fried, and was sentenced in November 2024 to time served with three years of supervised release and $11 billion in forfeiture obligations.

Radiant Capital is a decentralized cross-chain lending protocol built on LayerZero that launched in July 2022 on Arbitrum. In 2024 it suffered two separate security incidents totaling approximately $54.5 million in losses: a $4.5 million flash loan exploit in January 2024 and a $50 million multisig compromise in October 2024 attributed by Mandiant to North Korean state-sponsored hackers (UNC4736/Citrine Sleet). The October 2024 hack reduced TVL by roughly 98%, led to major exchange delistings, and stolen funds were subsequently laundered through Tornado Cash.

Balancer is a decentralized automated market maker (AMM) protocol on Ethereum, founded in 2018 by Fernando Martinelli and Mike McDonald, that allows multi-token liquidity pools with customizable weighting. The protocol has suffered six documented security incidents between 2020 and 2025, resulting in cumulative losses exceeding $140 million, including a catastrophic $128 million exploit in November 2025 caused by an arithmetic precision flaw in Composable Stable Pool contracts. Despite multiple audits by major firms including Trail of Bits, OpenZeppelin, and Certora, systemic smart contract vulnerabilities and a highly complex protocol architecture have repeatedly exposed user funds to loss.

Abracadabra Money is a multi-chain DeFi lending protocol founded in 2021 that allows users to mint Magic Internet Money (MIM), a USD-pegged stablecoin, using interest-bearing tokens as collateral. The protocol has suffered four significant security incidents between 2022 and 2025, losing over $21 million in aggregate, and its MIM stablecoin has lost its dollar peg on multiple occasions. The protocol is also linked to the Wonderland/Sifu scandal of early 2022, which caused severe reputational and financial contagion across its interconnected 'Frog Nation' ecosystem.

UwU Lend is an Ethereum-based DeFi lending protocol forked from Aave, founded in September 2022 by Michael Patryn (pseudonym 0xSifu), co-founder of the collapsed Canadian crypto exchange QuadrigaCX. In June 2024, the protocol suffered two successive exploits totaling approximately $23 million — a $19.3 million oracle manipulation attack on June 10 followed by a $3.7 million secondary drain on June 13 by the same attacker — rendering it one of the largest DeFi hacks of 2024. The protocol's association with a founder carrying prior criminal convictions and a history of involvement in failed or scandal-ridden crypto ventures constitutes a persistent and material reputational and risk concern.

Alpha Homora is a leveraged yield farming protocol developed by Alpha Finance Lab (later rebranded to Alpha Venture DAO, then Stella) that allows users to take on leveraged positions in liquidity pools. On February 13, 2021, the protocol suffered a critical exploit in which an attacker drained approximately $37.5 million from Iron Bank (C.R.E.A.M. Finance) by exploiting multiple smart contract vulnerabilities in Alpha Homora V2, including a hidden undisclosed sUSD lending pool, a rounding miscalculation in the borrow function, and an unrestricted reserve function callable by anyone. The resulting bad debt between the two protocols remained largely unresolved for years, culminating in a public dispute in 2023 in which Iron Bank froze Alpha Homora user accounts, and Alpha Homora proposed surrendering approximately $32 million in user funds to satisfy the outstanding obligation.

Stake.com is the world's largest crypto gambling platform by revenue, founded in 2017 by Australian entrepreneurs Ed Craven and Bijan Tehrani and operating under a Curacao gaming license. In September 2023, the platform suffered a $41 million hot wallet breach that the FBI formally attributed to North Korea's Lazarus Group (APT38). The platform faces mounting legal and regulatory pressure across multiple jurisdictions, including a landmark California civil suit filed by the Los Angeles City Attorney in 2025, multiple class action lawsuits, and a UK exit following a Gambling Commission investigation.

Kyle Davies is the co-founder of Three Arrows Capital (3AC), a Singapore-based cryptocurrency hedge fund that collapsed in June 2022 with approximately $3.5 billion in liabilities owed to 27 creditors. Following the collapse, Davies evaded liquidators, was sentenced in absentia to four months imprisonment in Singapore for failing to cooperate with court-ordered investigations, and received a nine-year ban from Singapore's Monetary Authority of Singapore (MAS) for regulatory violations including providing false information to regulators. He subsequently co-founded OPNX, a crypto bankruptcy claims exchange that also failed and shut down in early 2024.

Roman Storm is a Russian-born, naturalized U.S. citizen and co-founder of Tornado Cash, an Ethereum-based cryptocurrency mixing protocol sanctioned by OFAC in August 2022. He was arrested in August 2023 and indicted in the Southern District of New York on three counts: conspiracy to commit money laundering, conspiracy to operate an unlicensed money transmitting business, and conspiracy to violate U.S. sanctions (IEEPA). A jury convicted him in August 2025 on the unlicensed money transmitting count while deadlocking on the two more serious charges, and prosecutors have filed to retry him on the deadlocked counts in October 2026.

Pickle Finance was a DeFi yield aggregator launched in September 2020 that allowed users to auto-compound returns via tokenized strategy vaults called 'Jars.' On November 21, 2020, an attacker exploited a combination of smart contract vulnerabilities in the unaudited ControllerV4 contract to drain 19,759,355 DAI (~$19.7 million) from the pDAI Jar in what analysts described as one of the most technically complex DeFi exploits of its era. The protocol subsequently partnered with Yearn Finance, issued a CORNICHON compensation token to victims, and continued operating until it announced a full shutdown effective October 1, 2025.

Infini is a Hong Kong-based stablecoin neobank offering yield, payments, and enterprise treasury tools built on DeFi infrastructure. In February 2025, the platform suffered a $49.5 million exploit when a former contract developer who had secretly retained administrative privileges drained the Morpho MEVCapital USDC Vault across two transactions. Founder Christian Li pledged personal coverage of losses and offered a 20% bounty to the attacker; as of mid-2026 the stolen funds have not been recovered, with the exploiter laundering proceeds through Tornado Cash.

LI.FI (formerly Li.Finance) is a cross-chain liquidity aggregation protocol founded in 2021 that routes swaps across bridges and DEXs via a unified API, SDK, and widget. The protocol has suffered two distinct smart contract exploits — a $600,000 approval drain in March 2022 and an approximately $11.6 million drain in July 2024 — with security firm PeckShield noting the root causes were 'basically the same.' Both incidents involved arbitrary-call vulnerabilities that allowed attackers to abuse users' infinite token approvals, raising concerns about repeated security failures despite prior disclosure.

NovaTech Ltd. (also marketed as NovaTechFX) was a multi-level marketing crypto and foreign exchange investment platform that operated from 2019 to May 2023. Co-founders Cynthia and Eddy Petion are alleged by the SEC and the New York Attorney General to have raised more than $650 million — and by some accounts over $1 billion — from more than 200,000 investors worldwide via a Ponzi and pyramid scheme. The SEC filed a complaint in August 2024; Canadian regulators have already issued a $2.5 million sanction, and a $2.3 billion RICO class-action lawsuit is pending in federal court.

Transit Finance (also known as Transit Swap) is a cross-chain DEX aggregator supporting over 122 decentralized exchanges across Ethereum, BNB Chain, TRON, Solana, Polygon, and other networks. The protocol has suffered two confirmed security exploits: a $28.9 million hack in October 2022 due to an arbitrary external call vulnerability in its routing contract, with approximately $18.9 million recovered; and a second $1.88 million exploit in May 2026 via a deprecated TRON smart contract that remained on-chain and exploitable years after official deprecation. ZachXBT flagged the protocol amid broader DeFi monitoring, and the 2022 attacker routed funds through OFAC-sanctioned Tornado Cash.

AnubisDAO was a dog-themed DeFi project that launched a 24-hour token sale on October 28, 2021, raising approximately 13,597 ETH (~$60 million) through the sale of its native ANKH token on the Copper liquidity bootstrapping platform. Twenty hours into the fundraise, all pooled funds were drained to an external wallet by the address that had created and controlled the liquidity pool, leaving investors holding worthless ANKH tokens with no liquid market. No funds have been recovered; the project had no website, whitepaper, or publicly identified team at launch.

Atomic Wallet is a non-custodial, multi-currency cryptocurrency wallet founded in 2017 and headquartered in Tallinn, Estonia. In June 2023, attackers attributed to North Korea's Lazarus Group (TraderTraitor) stole approximately $100 million in cryptocurrency from an estimated 5,500 user wallets in one of the largest crypto theft events of that year. Prior to the hack, an independent security firm had publicly disclosed unresolved critical vulnerabilities in the wallet's cryptography implementation as early as February 2022, and Atomic Wallet did not adequately address those findings before the breach occurred.

An active phishing campaign exploiting Google Search sponsored advertisements to impersonate the Uniswap decentralized exchange was publicly exposed on May 25, 2026, by on-chain analyst b_block_oficial. Attackers operating two identified Ethereum wallets have allegedly stolen over $400,000 from multiple victims by deploying wallet-drainer malware services (Inferno Drainer and Vanilla Drainer), which siphon assets after victims approve malicious smart contracts on cloned Uniswap interfaces. The Security Alliance (SEAL) has confirmed blocking 356+ related fraudulent advertisement URLs and describes the broader Google Ads phishing trend as active and ongoing for more than a year.

WooFi (WOOFi Swap) is the decentralized exchange component of WOO Network, a crypto liquidity ecosystem incubated by Kronos Research and launched in 2019. On March 5, 2024, WooFi's synthetic proactive market making (sPMM) algorithm on Arbitrum was exploited via flash loan oracle manipulation, resulting in approximately $8.75 million in losses — one of the largest DeFi exploits of early 2024. The team responded by pausing contracts within 13 minutes, commissioning post-exploit audits by Sherlock and Zellic, and pledging to redeploy after fixes; funds were never recovered.

Su Zhu is the co-founder and former CEO of Three Arrows Capital (3AC), a Singapore-based cryptocurrency hedge fund that collapsed in June 2022 with approximately $3.5 billion owed to 27 creditors, triggering cascading bankruptcies at Voyager Digital, Celsius Network, and Genesis Global Trading. Zhu was convicted of contempt of court for failing to cooperate with liquidators, arrested at Singapore's Changi Airport in September 2023 while allegedly attempting to flee, and sentenced to four months in prison. Following his release he became involved in additional ventures including OPNX, a bankruptcy-claims trading exchange that was fined $2.7 million by Dubai's Virtual Assets Regulatory Authority and subsequently shut down in February 2024.

Satish Kumbhani is the founder of BitConnect, a cryptocurrency platform that the U.S. Department of Justice, SEC, and multiple state regulators have determined operated as a global Ponzi scheme defrauding investors of approximately $2.4 billion between 2016 and 2018. Kumbhani was indicted by a federal grand jury in San Diego on February 25, 2022, on charges carrying a maximum penalty of 70 years in prison, and has remained a fugitive from justice since disappearing from India following his U.S. indictment.

Qubit Finance was a BSC-based DeFi lending and borrowing protocol developed by South Korean firm Mound Inc., the same team behind PancakeBunny. On January 27, 2022, an attacker exploited a logical flaw in the protocol's Ethereum-BSC cross-chain bridge (QBridge), minting 77,162 qXETH without depositing any real ETH on Ethereum, ultimately draining approximately $80 million in user funds. No funds were recovered, the attacker's identity was never established, and the compensation plan announced by the team was never verifiably fulfilled.

Prisma Finance was an Ethereum-based collateralized debt position (CDP) protocol that issued stablecoins (mkUSD and ULTRA) backed by liquid staking and restaking tokens (LRTs/LSTs). On March 28, 2024, a critical input validation flaw in the MigrateTroveZap contract was exploited via flash loan, resulting in the theft of approximately 3,479 ETH (~$12 million) from user vaults. Following the exploit, the core team effectively abandoned the protocol, which was subsequently shut down via DAO governance (PIP-46) and succeeded by Resupply Finance.

Orbit Bridge is the cross-chain bridging protocol of Orbit Chain, developed by South Korean blockchain company Ozys. On December 31, 2023, attackers compromised seven of ten multisig private keys and drained approximately $81.5 million in ETH, WBTC, USDT, USDC, and DAI from the Ethereum vault in the largest crypto hack of New Year's Eve 2023. The attack has been attributed with medium-to-high confidence to North Korea's Lazarus Group, with an additional alleged insider-threat dimension involving Ozys' former chief information security officer, who allegedly sabotaged the company firewall weeks before the exploit.

LIBRA ($LIBRA) is a Solana-based memecoin launched on February 14, 2025 by Kelsier Ventures as part of the 'Viva La Libertad' project, and publicly endorsed by Argentine President Javier Milei minutes after its creation. Within roughly one hour, the token's market cap peaked near $4.6 billion before crashing approximately 89% as insider wallets linked to the founding team extracted an estimated $87–107 million in liquidity, leaving an estimated 44,000–114,000 retail investors with severe losses. The incident triggered over 112 criminal complaints in Argentina, a federal fraud investigation, congressional proceedings, international asset freezes, and an Interpol Red Notice request against key operator Hayden Davis.

Justin Sun is the founder of the TRON blockchain and TRX token, and the controlling figure behind HTX (formerly Huobi) and Poloniex exchanges. In March 2023, the U.S. Securities and Exchange Commission charged Sun and three of his companies with fraud, market manipulation through wash trading, unregistered securities offerings, and orchestrating an undisclosed celebrity promotion scheme; the case partially settled in March 2026 with Rainberry Inc. paying a $10 million penalty while claims against Sun personally were dismissed. Sun has faced additional scrutiny including a reported FBI/DOJ criminal investigation, UK sanctions against an HTX entity over alleged Russia-linked transactions, a $114 million hot-wallet hack at Poloniex in November 2023, and disputed claims of diplomatic immunity through a Grenada WTO ambassadorship he held until mid-2022.

Inverse Finance is an Ethereum-based DeFi protocol known for its DOLA stablecoin and FiRM fixed-rate lending market, founded in late 2020 by Nour Haridy. The protocol suffered two oracle price manipulation exploits within two months in 2022 — the first in April for approximately $15.6 million and the second in June for a protocol loss of approximately $5.8 million — collectively representing one of the most significant serial oracle attack sequences in DeFi history. The protocol has since deprecated the vulnerable Anchor and Frontier lending markets, rebuilt on FiRM with Chainlink oracles, and undertaken a multi-year bad-debt repayment program.

Huione Group is a Cambodia-based conglomerate accused of operating the largest illicit online marketplace in history and serving as a primary node for laundering proceeds from pig-butchering crypto scams, North Korean state-sponsored heists, and other cybercrimes. The U.S. Treasury's FinCEN designated Huione Group a foreign financial institution of primary money laundering concern under Section 311 of the USA PATRIOT Act in May 2025 and issued a final rule severing it from the U.S. financial system in October 2025. Key subsidiaries include Huione Pay PLC, Huione Crypto, and the Telegram-based marketplace Haowang Guarantee (formerly Huione Guarantee), which processed an estimated $24–27 billion in illicit transactions.

Hayden Mark Davis (born November 27, 1996) is an American cryptocurrency marketer and CEO of Kelsier Ventures who orchestrated the launch of the $LIBRA token on February 14, 2025 — a memecoin promoted by Argentine President Javier Milei that collapsed 85–95% within hours, causing an estimated $251 million in losses across approximately 44,000 to 74,000 investors. On-chain analytics by Bubblemaps and Nansen identified insider wallets tied to Davis and associates extracting between $87 million and $107 million in liquidity during the price peak. Davis is subject to an Interpol Red Notice sought by Argentine prosecutors, a U.S. federal class action (Hurlock v. Kelsier, S.D.N.Y.), and parallel Argentine criminal proceedings; he denies fraud allegations, characterizing the collapse as 'a plan gone miserably wrong.'

Gala Games is a blockchain gaming platform founded in 2019 by Eric Schiermeyer (co-founder of Zynga) and Wright Thurston, issuing the GALA utility and governance token. The company has been beset by a high-profile inter-founder legal dispute alleging $130 million in token theft, a May 2024 smart contract exploit in which 5 billion GALA tokens worth approximately $200–240 million were minted by a compromised admin wallet, and co-founder Wright Thurston's prior SEC lawsuit over an unrelated $18 million unregistered securities offering. These compounding governance failures, security incidents, and legal controversies place the platform among the more heavily scrutinized projects in the blockchain gaming sector.

Curve Finance is a major decentralized exchange (DEX) on Ethereum optimized for stablecoin and pegged-asset trading, operating since January 2020. On July 30, 2023, a latent vulnerability in the Vyper smart-contract compiler (versions 0.2.15, 0.2.16, and 0.3.0) was exploited across multiple Curve liquidity pools, draining approximately $70 million and triggering a near-systemic crisis when the resulting CRV price drop threatened to cascade-liquidate founder Michael Egorov's heavily collateralized on-chain loans. Roughly 73% of stolen funds were ultimately recovered or returned, and in December 2023 the Curve DAO voted to disburse approximately $49 million in compensation to affected liquidity providers.

Changpeng Zhao (CZ), born February 10, 1977, is the founder and former CEO of Binance, the world's largest cryptocurrency exchange by trading volume. On November 21, 2023, Zhao pleaded guilty to a federal charge of failing to implement an effective anti-money laundering (AML) program under the Bank Secrecy Act, as part of a landmark $4.3 billion resolution between Binance and U.S. federal regulators. He was sentenced to four months in federal prison in April 2024, served that term, and was subsequently pardoned by President Donald Trump in October 2025.

Sinbad.io was a Bitcoin mixing service that operated from October 2022 until its seizure by U.S., Dutch, and Finnish law enforcement in November 2023. OFAC designated it a key money-laundering tool of North Korea's Lazarus Group, which used it to launder proceeds from multiple major crypto hacks including Axie Infinity's Ronin Bridge and Atomic Wallet. On-chain analytics firms assessed it to be highly likely a rebranding of Blender.io, the first crypto mixer ever sanctioned by OFAC.

Fei Protocol and Rari Capital merged in December 2021 under Tribe DAO to form a combined DeFi liquidity and lending platform. On April 30, 2022, a reentrancy attack targeting a known flaw in the Compound Finance codebase drained approximately $80 million from seven Rari Fuse lending pools. Tribe DAO ultimately wound down in late 2022 following contentious governance disputes over victim compensation, and Rari Capital's co-founders faced SEC enforcement action in 2024.

Avraham Eisenberg, also known as 'Avi Eisenberg,' is a crypto trader who in October 2022 executed an oracle manipulation attack against Mango Markets, a Solana-based DeFi protocol, extracting approximately $110–117 million in digital assets. He publicly claimed the scheme was a 'highly profitable trading strategy' and a legal use of the protocol, returned approximately $67 million after a DAO-mediated settlement, and was subsequently charged by the DOJ, SEC, and CFTC. A federal jury convicted him in April 2024, but a federal judge vacated all criminal convictions in May 2025 on grounds of improper venue and insufficient evidence of material misrepresentation; prosecutors have appealed. Eisenberg is currently serving a separate 52-month federal prison sentence for possession of child sexual abuse material.

ZKasino was a Web3 gambling platform that raised approximately $33 million from over 10,000 investors through a 'Bridge-to-Earn' campaign in early 2024, promising depositors their ETH would be returnable within 30 days. Instead, the platform converted depositor ETH into its native ZKAS tokens and staked the funds on Lido without user consent, prompting Dutch authorities (FIOD) to arrest founder Elham Nourzai in April 2024 and seize over EUR 11 million in assets. A second suspect linked to the WhiteRock token project was arrested in the UAE in July 2025 and faces extradition to the Netherlands, while partial refunds to affected depositors remained incomplete as of late 2025.

Wormhole Bridge is a cross-chain messaging and token bridge protocol originally developed by Certus One, later owned by Jump Crypto, enabling asset transfers between Solana, Ethereum, and other blockchains. On February 2, 2022, an attacker exploited a signature verification flaw in the Solana-side smart contract to fraudulently mint 120,000 wrapped ETH (wETH) worth approximately $320–326 million without posting collateral, making it the second-largest DeFi exploit in history at the time. Jump Crypto replenished the stolen ETH within 24 hours to prevent ecosystem collapse, and a court-authorized counter-exploit in February 2023 recovered approximately $140 million of the remaining stolen funds.

Ruja Ignatova, known as the 'Cryptoqueen,' is the Bulgaria-born German co-founder of OneCoin, a fraudulent pyramid scheme that defrauded approximately 3.5 million victims of more than $4 billion between 2014 and 2019. Indicted in 2017 by a U.S. grand jury on charges of wire fraud, money laundering, and securities fraud, she fled law enforcement in October 2017 and remains a fugitive. She is currently an FBI Ten Most Wanted Fugitive with a $5 million reward for information leading to her arrest.

Ronin Network is an Ethereum sidechain developed by Sky Mavis to support the Axie Infinity play-to-earn game. In March 2022, it suffered the largest cryptocurrency hack in history when attackers — subsequently attributed by the FBI and U.S. Treasury to North Korea's Lazarus Group — exploited compromised validator private keys to drain approximately $625 million in ETH and USDC. A second, smaller exploit occurred in August 2024, though those funds were returned by a white-hat MEV bot operator.

PancakeBunny was a Binance Smart Chain yield aggregator and optimizer built by a team known as Mound, launched in December 2020. The protocol suffered two major flash loan exploits in 2021: a May 20, 2021 attack that caused the BUNNY token to crash over 95% and wiped out approximately $200 million in market capitalization, and a July 16, 2021 attack on its Polygon fork PolyBunny that resulted in $2.4 million in losses. Both exploits stemmed from oracle price manipulation vulnerabilities in the minting reward logic, and the protocol has never recovered to its pre-exploit state.

Nomad Bridge, operated by Illusory Systems Inc., was a cross-chain asset bridge that suffered a catastrophic $190 million exploit on August 1, 2022, when a routine smart contract upgrade inadvertently initialized trusted Merkle roots to a zero value, rendering all message proofs automatically valid. The vulnerability enabled a widely replicated 'crowd-sourced' draining event involving approximately 300 addresses over roughly 150 minutes — widely regarded as the first 'permissionless' mass-exploitation event in DeFi history. Subsequent actions include a class-action lawsuit, a December 2025 FTC settlement requiring repayment of approximately $37.5 million to affected users, and the 2025 arrest and extradition of a key suspect, Russian-Israeli national Alexander Gurevich.

Mango Markets was a Solana-based decentralized trading platform offering spot trading, perpetual futures, and lending with cross-margining. In October 2022, trader Avraham Eisenberg executed an oracle manipulation attack, draining approximately $116–117 million from the protocol through artificially inflated MNGO collateral. The protocol subsequently faced enforcement actions from the DOJ, SEC, and CFTC, settled with regulators in 2024, and formally shut down in January 2025.

KyberSwap is a multi-chain decentralized exchange aggregator and concentrated liquidity protocol operated by Kyber Network. On November 22, 2023, its Elastic liquidity pool contracts were exploited via a sophisticated tick-manipulation and liquidity double-counting attack, resulting in approximately $48.8 million in losses across 13 chains. The alleged attacker, Canadian national Andean Medjedovic, subsequently attempted to extort full corporate and governance control of Kyber Network in exchange for returning 50% of stolen funds; he was indicted by the U.S. Department of Justice in February 2025 and remains a fugitive.

The Harmony Horizon Bridge was a cross-chain bridge enabling asset transfers between Harmony, Ethereum, and Binance Smart Chain. On June 23–24, 2022, attackers exploited a critically under-configured 2-of-5 multisignature scheme to steal approximately $99.7 million across 14 asset types. The FBI formally attributed the attack to the North Korean state-linked Lazarus Group (APT38) in January 2023.

Genesis Global Capital, LLC was the institutional crypto lending subsidiary of Digital Currency Group (DCG), founded in 2018 as an extension of Genesis Global Trading. Following cascading losses from Three Arrows Capital's June 2022 default and FTX's November 2022 collapse, Genesis halted customer withdrawals on November 16, 2022 and filed for Chapter 11 bankruptcy on January 19, 2023, with liabilities estimated between $1 billion and $10 billion owed to over 100,000 creditors. The entity faced multiple regulatory actions including SEC charges for unregistered securities offerings, a New York Attorney General fraud lawsuit naming DCG CEO Barry Silbert by name, and a separate 2025 SEC settlement against DCG and former Genesis CEO Soichiro Moro for misleading investors about Genesis's financial condition.

Faruk Fatih Ozer is the Turkish founder and CEO of Thodex, a cryptocurrency exchange that collapsed in April 2021 after he fled to Albania, leaving approximately 391,000 users unable to access an estimated $2 billion in funds. He was arrested in Albania in August 2022, extradited to Turkey in April 2023, and sentenced on September 7, 2023 to 11,196 years, 10 months, and 15 days in prison on charges of aggravated fraud, founding a criminal organization, and money laundering. He was found dead in Tekirdag F-Type High Security Prison on November 1, 2025, with Turkish authorities indicating initial findings pointed to suicide.

Euler Finance is an Ethereum-based non-custodial lending protocol founded in 2020 by Michael Bentley (PhD, Oxford) that pioneered permissionless lending for long-tail ERC-20 assets. On March 13, 2023, the protocol suffered a ~$197 million flash loan exploit — the largest DeFi hack of 2023 — caused by a missing health check in the donateToReserves() function. In an unusual outcome, the attacker, who communicated under the alias 'Jacob,' returned approximately $240 million in assets (including ETH price appreciation) over three weeks following on-chain negotiations, enabling full user restitution. The protocol relaunched as Euler V2 in September 2024 with a modular architecture, 45+ security audits, and subsequently grew TVL to over $1.5 billion by early 2025.

ChipMixer was a darknet Bitcoin mixing service that operated from August 2017 to March 2023, processing over $3 billion in illicit cryptocurrency on behalf of ransomware groups, North Korean state hackers, Russian military intelligence, and darknet drug markets. On March 15, 2023, U.S. and German authorities seized its infrastructure, domains, and approximately $46 million in cryptocurrency in a coordinated international takedown. Minh Quoc Nguyen, 49, a Vietnamese national residing in Hanoi, was charged in the Eastern District of Pennsylvania with money laundering, operating an unlicensed money transmitting business, and identity theft; he remains a fugitive.

Cetus Protocol is a concentrated liquidity market maker (CLMM) decentralized exchange deployed on the Sui and Aptos blockchains. On May 22, 2025, the protocol suffered one of the largest DeFi exploits in history when an attacker exploited an integer overflow vulnerability in its smart contract math library to drain approximately $223 million from liquidity pools. Roughly $162 million was frozen on-chain through emergency validator action by the Sui network, and following a governance vote the protocol relaunched in June 2025 with partial user compensation.

The BSC Token Hub, BNB Chain's cross-chain bridge connecting BNB Beacon Chain and BNB Smart Chain, was exploited on October 6, 2022 via a forged IAVL Merkle proof that allowed an attacker to mint approximately 2 million BNB valued at roughly $566–570 million. Rapid validator coordination halted the chain and froze most funds on BSC, limiting the attacker's realized gain to an estimated $137 million, though the incident exposed deep structural centralization concerns about BNB Smart Chain's 21-validator Proof of Staked Authority model.

Blender.io was a Bitcoin mixing service that operated from approximately 2018 to 2022, processing over $500 million in Bitcoin before being shut down. On May 6, 2022, the U.S. Treasury's Office of Foreign Assets Control (OFAC) designated it as a Specially Designated National, marking the first time a virtual currency mixer had ever been sanctioned by the United States government. The service was designated for its role in laundering over $20.5 million in proceeds from North Korea's Lazarus Group following the $620 million Ronin Network hack, as well as for processing funds tied to Russian ransomware groups and the Hydra darknet market.

Beanstalk Farms is an Ethereum-based algorithmic stablecoin protocol that issues the BEAN token using a credit-based, uncollateralized peg mechanism. On April 17, 2022, the protocol suffered one of the largest governance exploits in DeFi history when an attacker used a flash loan to seize supermajority voting power and drain approximately $182 million from the protocol's liquidity pools. The protocol relaunched in August 2022 following a community fundraise, subsequent security audits, and governance restructuring, and later migrated to Arbitrum via BIP-50.

A coordinated international law enforcement operation announced on April 29, 2026, dismantled at least nine cryptocurrency investment fraud compounds operating across Southeast Asia and Dubai, resulting in 276 arrests and the restraint of over $701 million in cryptocurrency. The operation was led by Dubai Police in cooperation with the FBI, China's Ministry of Public Security, and Royal Thai Police, targeting 'pig-butchering' romance fraud schemes operated by three alleged criminal organizations—Ko Thet Company, Sanduo Group, and Giant Company—whose compounds employed trafficked workers held under coercive conditions. The U.S. Department of Justice charged six defendants in the Southern District of California, and separately charged two Chinese nationals for managing the Shunda compound in Myanmar; related OFAC sanctions targeted a Cambodian senator and 28 associates for protecting scam compound networks.

Syndicate Labs was an a16z-backed Ethereum rollup infrastructure company founded in 2021 by Will Papper and Ian Lee, raising over $28 million to build programmable smart sequencers and the Commons Chain L3. On April 29, 2026, its Commons cross-chain bridge was exploited via a compromised private key stored without multisig or hardware-signing protection, draining approximately 18.5 million SYND tokens (~$330,000) plus ~$50,000 in user funds; all affected users were subsequently made whole from treasury reserves. On May 21, 2026, the company announced a full wind-down, citing irrecoverable consolidation of the rollup market around Base and Arbitrum, causing SYND to fall to an all-time low of $0.01061.

Trenton Richard David Johnston is a 19-year-old Canadian national indicted by a federal grand jury in the Southern District of Florida on May 11, 2026, on charges of conspiracy to commit wire fraud and conspiracy to commit money laundering. Johnston allegedly led a support-impersonation scheme targeting cryptocurrency users that caused losses exceeding $13 million. He was residing in the United States unlawfully on an overstayed visa and is alleged to have spent over $1 million in stolen funds on luxury vehicles, jewelry, and nightlife in Miami.

Lido Finance is the largest Ethereum liquid-staking protocol, launched in December 2020, enabling users to stake ETH and receive the liquid derivative token stETH without meeting the standard 32 ETH validator minimum. Governed by the Lido DAO via the LDO token, the protocol held approximately 24% of all staked ETH and roughly $19 billion in TVL as of early 2026. Lido carries no fraud or exit-scam history, but poses well-documented systemic centralization risk to Ethereum consensus, governance-concentration concerns among LDO token holders, and faces an active US federal securities lawsuit alleging that LDO is an unregistered security.

OKX (formerly OKEx) is one of the world's largest centralized cryptocurrency exchanges by trading volume, founded in 2017 by Mingxing 'Star' Xu and operated by Aux Cayes Fintech Co. Ltd, incorporated in the Seychelles. In February 2025 its Seychelles operating entity pleaded guilty in U.S. federal court to operating an unlicensed money transmitting business for over seven years, agreeing to pay more than $504 million in fines and forfeitures. The exchange carries a moderate-to-elevated risk profile due to this criminal conviction, a pattern of AML failures across multiple jurisdictions, and historical incidents including a 42-day withdrawal freeze in 2020; it has taken substantive remediation steps including monthly proof-of-reserves publication since 2022, a MiCA license in the EU, and a US relaunch in April 2025 under new regional leadership.