June Crypto Attacks Reveal Hidden Dangers in Wallets L2 Networks and Supply Chains
June Crypto Attacks Reveal Hidden Dangers in
In June the crypto space saw many security problems that hit different parts of the system. Reports showed 40 big incidents with total losses near 76 million dollars. These attacks did not focus on one weak spot. They hit wallet code wallet signature rules Layer 2 designs and outside service chains all in the same month.
Wallet Signature Flaws Put Cardano Users at Risk
One clear case happened with a Cardano wallet called SecondFi. Between June 21 and 23 attackers moved about 16 million ADA from user addresses. This hit around 374 wallets and caused roughly 2.4 million dollars in losses at the time. The wallet team later locked another 129 million ADA that could have been at risk.
The strange part is that users did not give away their seed words. The problem came from how the wallet created signatures. It used public data from transactions instead of a secret value that should stay hidden. This let anyone who looked at the public blockchain data work out the private key for some addresses.
Users saw normal behavior. No fake pop ups appeared and the wallet worked as expected. Yet the math behind the signatures was broken. This shows why wallet code for key creation and signing should stay open for review. Open code lets experts check for errors before real money is lost.
If you used the affected version move your funds to a brand new address that never signed a transaction on that wallet. The best step is to create a fresh wallet with a new seed phrase and send assets there instead of reusing old addresses.
Layer 2 Systems Face Growing Risks
Layer 2 networks also saw problems. Two old Aztec rollup setups lost about 4.35 million dollars in attacks on June 14 and 18. The targets were older versions that are no longer used but the lessons apply to all zero knowledge rollups.
In one case the system let a deposit count without checking the matching balance drop on the main chain. In another a missing check in the proof circuit allowed a fake state tree to pass as valid. This let attackers pull assets from the bridge contract even though the proof looked correct on paper.
Taiko suffered a different issue on June 22. An attacker used a signing key that had been left in a public code folder. They also found that the on chain check did not block debug mode setups. This let them register a bad prover and fake an L2 state to drain bridge funds. Losses reached about 1.7 million dollars.
Base had two days of halted block production on June 25 and 26. A coding error in how failed transactions cleaned up state caused wrong gas math in later blocks. Other nodes rejected the bad blocks and the chain stopped. No user funds were taken but the event proved that smooth block creation is part of overall security.
Supply Chain Attacks Reach User Front Ends
On June 25 Polymarket reported that a third party service was hacked. Bad code was added to the site some users visited. Around 3 million dollars left 11 wallets. The stolen coins moved from Polygon to Ethereum and became about 1893 ETH. The team later removed the bad files and said they would repay users.
Users visited the real domain yet the loaded scripts were changed. This shows that even audited contracts can be at risk if the web page itself is altered. Attackers can swap addresses or change what a wallet signs.
How Users Can Lower Their Exposure
Security now covers the full path from key creation to final settlement. Users should split assets by purpose. Keep long term holdings in cold storage. Use small amounts for daily apps. Give limited approvals to new sites. Check twice before large moves.
Before using any Layer 2 confirm the official bridge and know how long withdrawals take. If a network stops or shows strange behavior stop sending more funds until things are fixed. Diversify across several networks instead of keeping everything on one chain or bridge.
Wallets should do more than store keys. Good wallets show clear transaction details warn about risky approvals and help users see what changes before they sign. Still no single tool removes every threat. Everyone in the chain must work to shrink weak spots.
June proved that Web3 safety now requires habits that go beyond keeping a seed phrase safe. By staying alert and using simple rules users can protect their assets even as risks spread across more layers.