{"id":47004,"date":"2022-06-06T14:12:23","date_gmt":"2022-06-06T14:12:23","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33526\/Meet-The-Vigilantes-Who-Hack-Millions-In-Crypto-To-Save-It-From-Thieves.html"},"modified":"2022-06-06T14:12:23","modified_gmt":"2022-06-06T14:12:23","slug":"meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/","title":{"rendered":"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves"},"content":{"rendered":"
\n
\n
\"Screen<\/a><\/div>\n

Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.<\/p>\n<\/div>\n

<\/p>\n

It was early in the morning on March 9 when LP, who was still asleep, started getting calls on her Telegram. According to her, that is never a good sign. Still in her button-down pajamas with her bedroom shades drawn, she reached under the blanket and grabbed her laptop, and put in her contact lenses. It was time to try to save someone else\u2019s cryptocurrency\u2014by hacking them first. <\/p>\n

<\/span><\/p>\n

LP, who prefers not to use her real name to protect her privacy, is an engineer with a PhD who used to work at a Silicon Valley law firm and the founder of the cybersecurity companies RugDoc<\/a> and Paladin Blockchain Security<\/a>. She wants everyone to know that crypto is \u201cmore than basement dwelling white men,” she told Motherboard.<\/p>\n

<\/span><\/div>\n

<\/p>\n

The Telegram caller was one of her colleagues who told her that someone was hacking the investors of a cryptocurrency protocol called Fantasm<\/a>, which at the time had millions of dollars in liquidity locked up by investors, according to LP. <\/p>\n

<\/span><\/p>\n

Once she was awake enough to get on her laptop, she said she started working with two colleagues to save as much cryptocurrency as they could, in an attempt to beat the hacker and limit the damage. In the world of crypto, where stolen funds are usually gone for good due to the irreversible nature of the blockchain, rescuing funds like this means doing the hacking before the thief can. <\/p>\n

<\/span><\/p>\n

\u201cAn exploiter found out there was a very, very easy way to exploit this thing,\u201d LP said. \u201cAll of a sudden millions of dollars were getting drained from it.\u201d<\/p>\n

<\/span><\/p>\n

The race against the hacker was on. With the help of a colleague, who had been able to figure out the vulnerability that the hacker was exploiting, LP said she wrote a series of smart contracts designed to exploit the vulnerability faster than the hacker could. <\/p>\n

<\/span><\/p>\n

\n

\u201cAlright, guys, we just saved your butts here, you should give us something.\u201d<\/p>\n<\/blockquote>\n

<\/p>\n

Because actions on the blockchain are public, hacking events can quickly become feeding frenzies. LP and her colleagues’ exploit took some trial and error, which was recorded on the blockchain, so the hacker was able to notice their activities. At that point there were even other opportunistic hackers who saw what was happening and started draining funds, too. But LP and her two colleagues were able to save tens of thousands of dollars, and help the project fix the bug and stop the hack. However, the hacker still netted around 800 ETH, worth around $1.5 million as of this writing, according to LP. <\/p>\n

<\/span><\/div>\n

<\/p>\n

\u201cA lot of people lost money, and it wasn’t the happiest of endings. But it wasn’t as terrible as it could have been,\u201d said LP. <\/p>\n

<\/span><\/p>\n

The whole operation took around half an hour, according to LP.<\/p>\n

<\/span><\/p>\n

***<\/strong><\/p>\n

<\/span><\/p>\n

The term \u201cwhite hat<\/a>\u201d is as old as the internet, and it originally comes from Western movies<\/a>, where the good guys wore white hats, and the bad guys black hats. In the world of cybersecurity, a white hat is universally known to refer to a hacker with benevolent intentions, like LP. <\/p>\n

<\/span><\/p>\n

In the world of crypto, though, colors tend to bleed.<\/p>\n

<\/span><\/p>\n

There are the hackers who take advantage of vulnerabilities to steal money, then publicly announce that, actually, they are going to return it as long as they get a reward. This happened in the bizarre case of the Poly Network hack<\/a>, where the hacker returned the stolen crypto\u2014around $600 million\u2014after the company repeatedly and publicly pleaded with them, calling them Mr. White Hat, and in the more recent hack on Multichain<\/a>. In these cases, it\u2019s unclear if the hackers were really white hats all along or if they changed their minds after stealing the money and feeling the pressure as it sat in their crypto wallets, watched by the entire world. <\/p>\n

<\/span><\/div>\n

<\/p>\n

There are also the people who do \u201cwhite hatting\u201d like LP, who swoop in and save funds, often in a race with malicious hackers and sometimes without the consent of the users whose wallets are being targeted or the crypto protocol that\u2019s being hacked. These hackers always maintain the intention of returning the funds to the legitimate owners. <\/p>\n

<\/span><\/p>\n

\n

Do you have information about white hat hacks in the world of crypto? Or do you know of other web3 and crypto hacks? We\u2019d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr\/Telegram\/Wire @lorenzofb, or email lorenzofb@vice.com<\/strong><\/em><\/p>\n<\/blockquote>\n

<\/p>\n

Perhaps the first time the term became popular in this context was in 2016, when volunteer coders calling themselves the Robin Hood Group raced against the hackers who were stealing millions of dollars in ETH from The Decentralized Autonomous Organization (DAO)<\/a>, at the time one of the most promising organizations in crypto. In that case, the group was able to fight back against the hackers and saved around $15 million in ETH, an event that was widely<\/a> referred<\/a> to as a white hat hack. The following year, the same group, now calling themselves the White Hat Group, saved $200 million in crypto<\/a> after a hack on Ethereum client Parity. <\/p>\n

<\/span><\/div>\n

<\/p>\n

In recent times, the practice has become relatively more frequent along with the hacks targeting crypto protocols and users. Just in the first three months of this year, hackers and scammers have stolen approximately $1.23 billion in crypto, according to a report<\/a> by blockchain cybersecurity company Immunefi. <\/p>\n

<\/span><\/p>\n

For this story, Motherboard spoke to five people, including LP, who said they have had direct experience participating in this kind of white hatting. <\/p>\n

<\/span><\/p>\n

\u201cIn Web3, white hats really are held in high regard as heroes. It\u2019s definitely a win-win situation,\u201d Stephen Tong, the co-founder of blockchain security firm Zellic, told Motherboard in an online chat. \u201cIt’s accepted because if I don’t do it, then who else is gonna do it? Better me than some black hat. That\u2019s the mentality.\u201d<\/p>\n

<\/span><\/p>\n

It\u2019s unclear if white hatting other people\u2019s wallets, or other people\u2019s protocols without their prior consent, is above board, legally speaking.<\/p>\n

<\/span><\/p>\n

\u201cWhite-hat hacking, while noble, in crypto is nonetheless fraught with risk in the absence of the affirmative consent of the target,\u201d Preston Byrne, a lawyer who specializes in issues surrounding crypto, told Motherboard in an email. \u201cDisclosing a vulnerability is one thing; assuming the rights of an owner over third party funds, regardless of the reason, is quite another, and if the target is displeased with the hack for whatever reason this could expose the hacker to civil and criminal liability.\u201d<\/p>\n

<\/span><\/div>\n

<\/p>\n

That outcome may depend on the whims of the organization or individual whose crypto was taken by the white hat without their knowledge or consent.<\/p>\n

<\/span><\/p>\n

\u201cThe issue with a white\/gray hat hacker is that where one target would (quite rightly) be grateful to be notified about a vulnerability, another target might blow their stack and call the police instead,\u201d Preston said. \u201cThe best approach when a white hat identifies a vulnerability in a smart contract system is to privately notify the devs and leave it at that. You\u2019re not Superman and saving the world is not your problem.\u201d<\/p>\n

<\/span><\/p>\n

The practice of white hat hacking when it involves taking crypto from users\u2019 wallets or even the hackers\u2019 wallets could be compared to the controversial concept of hacking back<\/a>. In cybersecurity, hacking back happens when the victim of a data breach goes and tries to recover the stolen files on their own, and collect information on the hackers\u2019 whereabouts and identities\u2014hacking the hackers, basically. While highly controversial, hacking back does happen<\/a>, albeit in secret, given the legal risks. <\/p>\n

<\/span><\/p>\n

Some people involved in white hatting in the world of crypto try to avoid the risk of getting prosecuted.<\/p>\n

<\/span><\/div>\n

<\/p>\n

Emiliano Bonassi is a blockchain cybersecurity researcher who has also participated in several white hat operations. In one case last year, the wallets of the users of Primitive Finance, a crypto investing platform, were exposed to anyone who knew how to exploit a bug. <\/p>\n

<\/span><\/p>\n

\u201cThe only way that we could save the users of the protocol was to drain funds from their wallet, and then notify them. So this is the worst case you may experience because you have to basically drain the funds of your users,\u201d Bonassi told Motherboard in a call. <\/p>\n

<\/span><\/p>\n

Bonassi worked with Immunefi founder Mitchell Amador as an intermediary in this case, and researchers from crypto cybersecurity firm Dedaub. Crucially, people from Primitive Finance were involved in the rescue from the very beginning, according to a postmortem of the white hat hack<\/a>. <\/p>\n

<\/span><\/p>\n

Unlike LP, Bonassi and the people working with him did not use their own wallets to save the funds and only showed the protocol developers how to do the white hat hack themselves. <\/p>\n

<\/span><\/p>\n

\u201cWe demonstrated to them how to perform, we developed the scripts to perform, we simulated, and after we said to them: \u2018We have your back, you execute the command, if everything goes wrong, we will take action,\u2019\u201d Bonassi said. <\/p>\n

<\/span><\/p>\n

Some blockchain cybersecurity researchers are well aware of the risks of using their own wallets, and hacking without the consent of the users with the vulnerable wallets, or the devs who built the vulnerable protocol. <\/p>\n

<\/span><\/div>\n

<\/p>\n

A cybersecurity researcher who spoke to Motherboard asked to remain anonymous precisely because of the risk of using people\u2019s wallets when saving other people\u2019s crypto, something he said he had done in some cases in the past.<\/p>\n

<\/span><\/p>\n

\u201cIt is worrying, which is maybe a good reason not to go ahead and publish names. This whole business is a bit stressful, which is why I’m not actively doing this anymore,\u201d the researcher told Motherboard in a call. <\/p>\n

<\/span><\/p>\n

Others just flat-out never use their own wallets. <\/p>\n

<\/span><\/p>\n

\u201cAs a personal policy, I don\u2019t ever send out transactions on my own. And I certainly won\u2019t take funds into my own custody,\u201d Samczsun, a pseudonymous security researcher who works at crypto investing firm Paradigm, told Motherboard in a phone call. \u201cMy policy is: \u2018I\u2019ll give you everything you need to know, to get you up to speed. And then I will let you make the decisions.\u2019 I see myself not as someone that steps in and takes the reins by force. If you want me to help, I’ll help. If you’d rather handle this by yourself, I’m happy to step to the side and let you take care of it.\u201d<\/p>\n

<\/span><\/p>\n

\u201cThe implications of temporarily acquiring nine figures of assets, and then disposing of them, for me personally, is something that I don’t really want to find out,\u201d said Samczsun, who has worked on several white hat hacks that saved millions in crypto ($350 million in the case of Sushi Swap<\/a>, and almost $10 million in the case of Lien Finance<\/a>). \u201cAnd so if possible, I just avoid that entirely. I\u2019m not sure if the Good Samaritan law extends to blockchain,” referring to laws<\/a> that encourage people to help someone who is in danger or distress in an emergency situation without having to worry about getting sued if they inadvertently cause injury or death.<\/p>\n

<\/span><\/div>\n

<\/p>\n

According to Preston, Samczsun has the right approach, given that the Computer Fraud and Abuse Act (CFAA) can penalize actions that cause loss, such as taking crypto from someone\u2019s wallet, even when they are not otherwise fraudulent. <\/p>\n

<\/span><\/p>\n

\u201cIf you decide to take curative matters into your own hands, and for avoidance of doubt you absolutely should not do this, you are playing with fire, so keep in mind that you run the risk of attracting a prosecutor\u2019s attention,\u201d Preston said. <\/p>\n

<\/span><\/p>\n

\n

\u201cThe only way that we could save the users of the protocol was to drain funds from their wallet.\u201d<\/p>\n<\/blockquote>\n

<\/p>\n

At a conference organized by Chainalysis last month, Elizabeth Roper, the chief of the cybercrime and identity theft bureau at the New York County District Attorney’s Office, said that white hatting is \u201ca real gray area\u201d of the law and it could be something prosecutors may want to look at.<\/p>\n

<\/span><\/p>\n

\u201cIf it ends up saving everyone, every user on the platform and a bunch of money and the person who did it kind of immediately discloses it,\u201d Roper said, \u201cmaybe we wouldn’t use our resources to prosecute that person, but again it depends on the specific case.\u201d<\/p>\n

<\/span><\/p>\n

When asked if she\u2019s worried about unwanted consequences, LP appeared calm. She explained that for her the risk-benefit calculation is based on the fact that oftentimes the crypto project involved is relatively small, may not even be based in the U.S., and probably won\u2019t file charges if she helps them. <\/p>\n

<\/span><\/div>\n

<\/p>\n

\u201cIt\u2019s very unlikely I’m gonna get prosecuted, but it’s very likely that I can maybe save some of these funds and make sure that someone doesn’t go completely broke and have a very bad week, month, year, whatever,\u201d LP said. <\/p>\n

<\/span><\/p>\n

***<\/p>\n

<\/span><\/p>\n

One outcome that is more likely for white hatters is to get a reward for their trouble. The Fantasm case is not the only time LP and her team at RugDoc have rescued funds. In that case, they didn\u2019t ask for a reward. Other times, they have.<\/p>\n

<\/span><\/p>\n

\u201cIf it’s a large and notorious project that is going to have funds leftover, we will be like: \u2018Alright, guys, we just saved your butts here, you should give us something,\u201d LP said. <\/p>\n

<\/span><\/p>\n

Bonassi said that usually the standard reward, if there is no official bug bounty, is 10 percent of the money that could have been stolen. But he has pulled off white hat hacks and reported vulnerabilities with no compensation in the past, out of a willingness to help not just the crypto project involved, but the whole ecosystem. Other than stopping a potential hack, Bonassi also likes to think as white hat hacks as a learning opportunity for everyone involved. <\/p>\n

<\/span><\/p>\n

And the larger the reward, the more likely researchers will be motivated to go out, find bugs, and report them. <\/p>\n

<\/span><\/p>\n

\u201cWe started with bug bounties of 10k, then 100k. Now we have bug bounties of 1 million, 10 million. Probably in the next year, we are going to see hundreds of millions\u2014billions,\u201d Bonassi said. \u201cBecause the difference between Web3 and other industries is with a hack that occurs in a few seconds, you get access to an infinite amount of money. So we need to push big incentives to make it safe.\u201d<\/p>\n

<\/span><\/p>\n

Subscribe to our podcast, CYBER<\/a>. Subscribe to our new Twitch channel<\/a>.<\/strong><\/em><\/p>\n

<\/span><\/div>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":47005,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[8592],"class_list":["post-47004","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackercybercrimefraudcryptography"],"yoast_head":"\nMeet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-06T14:12:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/video-images.vice.com\/topics\/57a205628cb727dec795a6b1\/callout_logo\/1614199980283-screen-shot-2021-02-24-at-34918-pm.png?resize=240:*\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves\",\"datePublished\":\"2022-06-06T14:12:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/\"},\"wordCount\":2467,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg\",\"keywords\":[\"headline,hacker,cybercrime,fraud,cryptography\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/\",\"name\":\"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg\",\"datePublished\":\"2022-06-06T14:12:23+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg\",\"width\":240,\"height\":238},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,cybercrime,fraud,cryptography\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackercybercrimefraudcryptography\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/","og_locale":"en_US","og_type":"article","og_title":"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-06-06T14:12:23+00:00","og_image":[{"url":"https:\/\/video-images.vice.com\/topics\/57a205628cb727dec795a6b1\/callout_logo\/1614199980283-screen-shot-2021-02-24-at-34918-pm.png?resize=240:*","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves","datePublished":"2022-06-06T14:12:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/"},"wordCount":2467,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg","keywords":["headline,hacker,cybercrime,fraud,cryptography"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/","url":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/","name":"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg","datePublished":"2022-06-06T14:12:23+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/06\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves.jpg","width":240,"height":238},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/meet-the-vigilantes-who-hack-millions-in-crypto-to-save-it-from-thieves\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,cybercrime,fraud,cryptography","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackercybercrimefraudcryptography\/"},{"@type":"ListItem","position":3,"name":"Meet The Vigilantes Who Hack Millions In Crypto To Save It From Thieves"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47004"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47004\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/47005"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}