According to ChainCatcher, Purrlend suffered a security breach on its HyperEVM and MegaETH deployments on May 2, losing approximately $1.52 million. Attackers compromised the protocol’s 2/3 admin multi-signature wallet and granted themselves BRIDGE_ROLE permissions, then minted unbacked pUSDm and pUSDC tokens to borrow assets from the lending pool.
Purrlend has paused the protocol and revoked the compromised permissions. The team is working with security experts, law enforcement, and cross-chain bridge partners to track and recover the stolen funds.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
The U.S. DOJ charges three men from Tennessee for cross-state wrench attacks: robbed a California crypto holder of $6.5 million
The U.S. Department of Justice on May 12 filed federal charges against three Tennessee men: Elijah Armstrong, Nino Chindavanh, and Jayden Rucker. The three allegedly crossed state lines into California from November to December 2025, disguised themselves as delivery workers to break into the homes of cryptocurrency holders, then after restricting the victims’ movements with firearms, zip ties, and tape, forced them to transfer crypto assets, with the single largest amount reaching $6.5 million.I
ChainNewsAbmedia11m ago
Aurellion Suffers Attack, 455,003 USDC Drained Today
According to Slow Mist, decentralized shipping project Aurellion suffered an attack today (May 12), with attackers gaining control of the Diamond contract and draining 455,003 USDC from multiple authorized victim
GateNews2h ago
SlowMist Detects 'Mini Shai-Hulud' npm Worm Stealing CI/CD Keys and Crypto Wallet Data
According to blockchain security firm SlowMist, its threat monitoring system MistEye detected a sophisticated npm worm named 'Mini Shai-Hulud' spreading through developer projects including TanStack, UiPath, and DraftLab. The malware uses compromised GitHub credentials to publish packages
GateNews6h ago
Goliath Ventures Ex-CEO Delgado Apologizes, Charged With Operating $328M Crypto Ponzi Scheme
According to ChainCatcher, Goliath Ventures ex-CEO Christopher Delgado recently apologized to investors after being charged by U.S. prosecutors with operating a $328 million cryptocurrency Ponzi scheme. Delgado stated he betrayed investor trust and voluntarily returned to face fraud and money
GateNews8h ago
