adminIn recent developments, hacker Protocol drained 1,337 ETH via compromised Unleash multisig governance. The stolen funds have been sent through Tornado Cash to obscure transaction trails. The breach is limited to Unleash, and Story Protocol infrastructure is unaffected. A hacker who recently exploited Unleash Protocol has begun laundering stolen funds through the Ethereum-based privacy service Tornado Cash, according to on-chain data and blockchain security firms. The attacker is attempting to obscure the trail of roughly 1,337 ETH, valued at close to $4 million, drained from Unleash earlier this week. Security companies PeckShield and CertiK have reported that the funds were transferred to Ethereum and broken into multiple batches, often around 100 ETH each, before being deposited into Tornado Cash, a well-known crypto mixing protocol. Governance takeover led to the Unleash exploit Unleash confirmed on Tuesday that it had suffered a significant security breach, resulting in approximately $3.9 million in losses. The protocol has paused operations and launched a forensic investigation into the incident. According to Unleash, preliminary findings indicate that an externally owned wallet gained unauthorised administrative control over the protocol via its multisignature (multisig) governance system. The attacker then executed an unauthorised contract upgrade that enabled withdrawals of user funds without proper approvals. “This upgrade enabled asset withdrawals that were not approved by the Unleash team and occurred outside our intended governance and operational procedures,” the team said in a statement posted on X. Security analysts suggest the compromise may have been the result of phishing or another form of social engineering that allowed the attacker to gain control over governance keys, effectively bypassing standard safeguards. The stolen assets bridged and mixed The stolen assets reportedly included Wrapped IP (WIP), USDC, Wrapped Ether (WETH), stIP, and vIP tokens. On-chain analysis shows that most of these assets were first bridged to Ethereum, then consolidated into ETH and routed through Tornado Cash, an approach commonly used by hackers to hinder tracking and recovery efforts. CertiK said it initially detected suspicious withdrawals of WETH and IP-related tokens that were sent to an externally owned address created using Safe’s SafeProxyFactory, a popular smart contract framework for multisig wallets. #CertiKInsight 🚨 We have detected deposits of 1337.1 ETH (~$3.9M) into Tornado Cash from 0xc946981F5dFBFA10cf858B95d51Fc06DCD15BfE3. The fund traces to suspicious withdrawals of Wrapped ETH and Story tokens from a multisig that may have been compromised.… pic.twitter.com/YIFEAEwilc — CertiK Alert (@CertiKAlert) December 30, 2025 No broader ecosystem impact, says Unleash Unleash emphasised that the breach was confined to its own governance and administrative contracts. The Unleash team stated there is currently no evidence that Story Protocol, the Layer 1 blockchain Unleash is built on, was compromised. “The impact appears limited to Unleash-specific contracts and administrative controls,” the Unleash team said, adding that Story Protocol’s validators, core infrastructure, and contracts remain unaffected. Unleash is one of the higher-profile applications in the Story Protocol ecosystem, which focuses on tokenised intellectual property and on-chain IP management. PIP Labs, the company behind Story Protocol, has raised around $140 million in funding from prominent investors. Users warned as investigation continues The Unleash team has urged users not to interact with the protocol while the investigation is ongoing and said it will provide updates on the incident and potential remediation measures as more verified information becomes available. As of the time of writing, Unleash had not disclosed whether it plans to pursue fund recovery efforts or compensation for affected users, and the use of Tornado Cash by the hacker may significantly complicate any attempts to trace or reclaim the stolen assets. The post Unleash Protocol hacker moves stolen funds through Tornado Cash appeared first on CoinJournal.
Looking closer, market participants highlight key drivers such as liquidity flows, macro risk appetite, regulatory headlines, and on-chain activity. Short-term swings often reflect liquidation cascades and funding imbalances, while spot volumes and exchange inflows set the broader tone.
Analysis: The medium-term picture hinges on whether buyers can sustain momentum without excessive leverage. If flows continue favoring majors like BTC and ETH, altcoins could experience a staggered rotation instead of a broad-based rally. Meanwhile, policy clarity in key jurisdictions remains a decisive catalyst; clearer rules typically compress risk premia and attract institutional allocations. Beyond price action, on-chain metrics such as active addresses, fees, and stablecoin velocity help validate trend strength.
Outlook: Over the next few weeks, observers will watch price acceptance above recent resistance, derivatives positioning, and ETF-related flows. A constructive setup would feature rising spot demand, contained leverage, and improving breadth across sectors such as DeFi, infrastructure, and Layer-2 ecosystems.
Original source: link
