Cryptohack Roundup: Critical Ethereum Vulnerability

Every week, ISMG rounds up cybersecurity incidents in digital assets. This week’s stories include a critical Ethereum vulnerability, conviction in a £1.5M fraud, sentencing in a torture and crypto theft case, the U.S. Securities and Exchange Commission’s new roadmap, Jan crypto stats, Coinbase users alleged social engineering victims, and U.S. lawmakers’ digital assets working group.

Critical Ethereum Vulnerability Fixed

Geth developers released version 1.14.13, dubbed “Schwarzschild,” to fix a critical peer-to-peer vulnerability tracked as CVE-2025-24883, that could enable denial-of-service attacks on Ethereum nodes. Users running version 1.14 or later are advised to update immediately to prevent potential crashes. The flaw, discovered by Polygon security researchers, could allow remote attackers to disrupt affected nodes. The update was coordinated with multiple Layer 2 solutions to ensure ecosystem-wide protection. Geth, Ethereum’s most widely used execution layer client, said that nodes running version 1.13.x were unaffected by this vulnerability.

The U.K. Financial Conduct Authority has convicted two people for their roles in an £1.5 million crypto investment scam. Raymondip Bedi and Patrick Mavanga defrauded 65 investors out of £1.54 million between 2017 and 2019 by cold-calling victims and directing them to a fake crypto investment site. Both pleaded guilty to conspiracy to defraud and money laundering, with Mavanga also convicted of perverting the course of justice. A third defendant faces retrial in September 2025, while a fourth was acquitted.

A U.K. gang that kidnapped and tortured a man to steal $124,000 in cryptocurrency has been sentenced to over 76 years in prison. The victim endured months of assaults and extortion, beginning in January 2023 when he was forced to transfer funds at knifepoint, reported Warrington Guardian. In October, he was kidnapped, beaten and locked in a cupboard before being released after paying. The ordeal ended in December when police, tipped off by an anonymous call, rescued him from captivity. A judge handed down sentences for the seven men ranging from two to 20 years for kidnapping, robbery and other violent offenses, including weapons found at the crime scene.

The SEC’s crypto task force outlined 10 key priorities, shifting focus from aggressive enforcement to more adaptable regulations. The agency aims to establish well-defined classifications for digital assets, distinguishing securities from commodities. It also seeks to streamline crypto exchange-traded products, improve settlement mechanisms and enhance cross-border cooperation. Another major goal is clarifying jurisdictional boundaries and repealing outdated policies. Led by Hester Peirce – an appointee of President Donald Trump in 2018 – the task force aims to collaborate with crypto builders and regulators, signaling a more innovation-friendly regulatory approach under Acting Chair Mark Uyeda.

The crypto industry lost $73.9 million to 19 hacking incidents in January, a nine-fold increase from December but a 44.6% drop from last year, said Immunefi. The largest losses came from the $69.1 million Phemex hack and a $2.5 million exploit of Moby Trade. BNB Chain was the most targeted network, suffering 10 attacks, followed by Ethereum. No fraud cases were reported.

Onchain investigator ZachXBT says Coinbase users lost over $65 million to social engineering scams between December and January, with actual losses likely much higher. Scammers reportedly used stolen personal data to impersonate Coinbase support, tricking victims into transferring funds via fake emails and cloned websites. ZachXBT criticized Coinbase for inadequate fraud prevention, alleging that the exchange rarely flags scam addresses. He urged Coinbase to strengthen security, including optional phone number input for KYC users, a restricted withdrawal option for beginners, and better community outreach, warning that scams continue to cost users hundreds of millions annually.

U.S. lawmakers have formed a bicameral working group to develop a regulatory framework for digital assets and stablecoins. Led by White House Crypto Czar David Sacks and key congressional leaders, the group aims to align Senate and House efforts. Senator Bill Hagerty introduced a stablecoin bill outlining federal and state oversight, while future legislation will likely mirror the FIT21 Act, which strengthens the Commodity Futures Trading Commission’s role in crypto regulation. The Trump administration continues its pro-crypto stance, with Sacks overseeing efforts to craft federal policies and explore a strategic digital assets stockpile alongside top financial regulators.