Hacken Token Plunges 98% After Private Key Leak

In a series of alarming incidents, the cryptocurrency world has been rocked by two significant scandals. The first involves the Ukrainian cybersecurity firm Hacken, whose native token $HAI experienced a catastrophic 98% plunge due to a private key leak. This breach allowed an attacker to
nearly 900 million tokens, causing a rapid sell-off that decimated the token’s value. The incident occurred on both Ethereum and Binance Smart Chain (BSC), leading to a significant drop in $HAI’s market capitalization from approximately $12.7 million to $7.2 million.The breach was a result of a compromised private key associated with an account that held “minter” privileges, enabling the creation of new tokens at will. Hacken confirmed the exploit in a statement, noting that the attacker managed to mint hundreds of millions of tokens and dumped them on decentralized exchanges on the BSC network. The attacker is believed to have made off with around $250,000 in illicit gains, but the real damage came from the hyperinflationary impact of doubling the token’s total supply in a matter of minutes.
The price of $HAI plummeted by as much as 97% in the immediate aftermath of the exploit, triggering panic among holders. The token saw a modest rebound but remains well below its pre-exploit levels. The incident sent shockwaves through the cybersecurity and Web3 communities, highlighting the irony that Hacken, a firm advising projects on how to avoid such vulnerabilities, fell victim to the very issue it warns others about.
In an unusually candid admission, Hacken’s co-founder and CEO Dyma Budorin took full responsibility for the incident, blaming the breach on a long-standing failure to upgrade the firm’s infrastructure with multi-signature protection for sensitive accounts. The company has since regained control by using its deployer wallet to revoke minting permissions from the affected accounts. Hacken is now planning a potential token swap to help affected users recover losses and hinted at a larger restructuring effort involving a “big merge between $HAI and Hacken equity shareholders,” which it claims is valued at over $100 million.
Meanwhile, a Florida investor, Brian Firestone, has alleged that he was scammed out of $860,000 by a Denver-based crypto training center and a fraudulent exchange. Firestone claims that the Alpha Stock Investment Training Center (ASITC) and a fake exchange called CoinBridge Partners orchestrated an elaborate scheme that led to devastating financial loss. The trading “school” reportedly coordinated the scam using a now-defunct website and a fake exchange address in Cherry Creek, Colorado.
According to the lawsuit, Firestone was first contacted in December 2024 by a man identifying himself as John Smith, a representative of ASITC. Smith offered to teach cryptocurrency trading and provided Firestone with a $500 “starter gift” to begin learning signal-based crypto strategies. Initially, the results were astonishing, with Firestone’s $500 quickly growing to $55,000, prompting him to invest $50,000 more in January. Within weeks, his CoinBridge account allegedly ballooned to $2 million.
However, the rapid gains soon turned into devastating losses. A failed trade reduced Firestone’s balance to just $12,000, leading him to wire $470,000 more in cash and take out a $330,000 loan from ASITC to continue trading. Following this, his account reportedly surged to $24.5 million. But things took a suspicious turn on March 9 when a trade in Tether (USDT) failed to execute, and his entire balance vanished overnight. In a final desperate bid to recover, Firestone borrowed another $1 million from ASITC, raising his account balance to $6.6 million. But when he was unable to repay part of his loan, ASITC allegedly shut down his CoinBridge account on May 1, cutting off access to all funds.
Firestone’s lawsuit accuses ASITC, CoinBridge, John Smith, and ASITC founder Raymond Torres of fraud, theft, and racketeering, alleging the entire operation was a coordinated scam. The suit describes CoinBridge as a completely fictitious crypto exchange with fabricated investor figures and no legitimate regulatory standing. Although a real entity named CoinBridge Partners exists in Wyoming, it has denied any connection to the accused parties or the operation in Denver.
Firestone’s ordeal highlights a broader trend in crypto-related fraud. According to blockchain security firm CertiK, over $2.1 billion has already been stolen in 2025 through various crypto scams, with a significant portion stemming from social engineering, wallet mismanagement, and fake platforms rather than traditional smart contract vulnerabilities. The rise in human-centered attacks marks a shift in the threat landscape, with most attackers now focusing on user behavior—exploiting trust, confusion, and urgency.
In 2024, phishing attacks alone led to more than $1 billion in damages across nearly 300 incidents, making it the most damaging attack vector in crypto security. Many of these scams used fabricated trading dashboards, AI-generated support agents, and deepfake communications to fool users into making irreversible transfers. The ASITC website and CoinBridge platform have since gone offline, and both appear to have scrubbed their digital footprints. The lawsuit is expected to move forward as federal authorities begin investigating the financial and digital paper trails behind the scheme.

Comments
No comments yet