As a result of the breach of the Mobius Token project, a hacker stole 28.5 million MBU tokens, leading to losses of $2.15 million. According to analysts, the perpetrator was able to execute the attack in just a few minutes.
This is reported by Finway
The critical exploit occurred on May 11, 2025, as reported by the Cyvers Alerts project team. The incident took place after the system detected the deployment of a malicious smart contract targeting Mobius Token.
“Two minutes before the attack, our system detected the deployment of a malicious smart contract that ultimately targeted Mobius Token.”
The attacker initiated the attack two minutes after the activation of the malicious contract. In a short span of time, he withdrew funds from the Mobius Token team’s crypto wallet using a series of transactions.
In total, 28.5 million MBU tokens were stolen as a result of the breach, which the criminal converted to USDT using the Tornado Cash mixer to launder the funds. Representatives of Cyvers described this attack as “critical,” emphasizing the nature of the code and the unusual behavior of the smart contracts.
At the time of preparing this material, the Mobius Token team had not provided official comments regarding the incident. According to PeckShield, in April 2025, total losses from hacker attacks in the crypto sector reached $357.1 million, of which some funds were recovered thanks to the efforts of the zkSync, KiloEx, and Term Labs teams.
In conclusion, analyst ZachXBT also discovered thefts of user funds from the Coinbase exchange totaling $45 million.