Morning Edition · Saturday, June 27, 2026
Fresh On-Chain Thefts Catalogued, Led by a Roughly 800,000-Dollar Stablecoin Drain
Security researchers reproduced several exploits, a reminder that mid-size DeFi losses keep accumulating even in a quiet market.
Security researchers documented several incidents over the past day. The largest, labeled BCE, involved roughly 800,000 dollars in Tether, according to a proof-of-concept reproduction published by the research collective DeFiHackLabs. A second incident, labeled CheckoutPool, accounted for about 85,730 dollars in USD Coin. A third, StakeOnMe, lost roughly 0.28 Ether, a small sum that still warranted a documented reproduction.
The published commits reconstruct each attack so other developers can study it, but they do not yet identify a single root cause for the BCE drain. These mid-size losses usually trace to a familiar set of methods: access-control gaps that let an attacker call a privileged function, price or oracle manipulation through a flash loan, or logic and rounding errors in contract math. Without a confirmed post-mortem, the attribution and the precise mechanism remain open.
Separately, the exploit tracker Rekt News continues to maintain entries for protocols including Secret Network and Syscoin, part of a running record of bridge and validator-level compromises that have caused the bulk of large DeFi losses.
The pattern itself is the point. Even with prices subdued and trading volume thin, the rate of small and medium thefts has not slowed, which suggests the attack surface is structural rather than tied to a rising market. None of the funds in the newly catalogued incidents have been reported frozen or recovered.
What this means
Steady mid-size exploits are a continuous cost on the entire sector, and they accumulate regardless of price direction. The persistence of these losses through a quiet market shows that weaknesses in the underlying code and access controls, not speculative mania, are what keep funds at risk.
What to watch
- Whether a confirmed post-mortem identifies the BCE vector, because the root cause determines whether other contracts share the same flaw.
- Whether any of the stolen funds are frozen or returned, which would signal that on-chain tracing and exchange cooperation are improving.
Observations to monitor, not financial advice.
Synthesized from: DeFiHackLabs · DeFiHackLabs · Rekt News
Part of a tracked trend
Bridge and Mint Exploits Sustain Heavy DeFi Losses
Over 3-6 months, recurring bridge proof-validation and unauthorized-mint exploits keep monthly DeFi losses elevated, including drains of deprecated contracts.
More from this edition
- Strategy's Funding Model Draws Open Criticism as Preferred Shares Sink and ETF Money Exits
- Privacy Networks Reframe Confidential Execution as the Price of Institutional Adoption
- Spain Confirms No Reprieve as Europe's Crypto Licensing Deadline Arrives
- Ethereum Warned of a Funding Gap as Its Foundation Steps Back
- Stablecoins Are Becoming a Central Bank Concern Inside Treasury Markets
- Ethereum Researchers Propose a Fourth Protocol Layer Built Around Memory
- Galaxy Cuts Odds of US Market-Structure Bill as Senate Calendar Shrinks
- Securitize Heads to the NYSE as Tokenized Equities Gain Ground
- Singapore Puts Hyperliquid on a Warning List as Its Value Secured Falls
- US Crypto Perpetual Futures Go Live, but Liquidity Favors Bitcoin Alone
- Tally of Shuttered Crypto Projects Tops 60, Several Backed by Top Venture Funds