What are the biggest security and risk events in crypto: PIPPIN market manipulation, smart contract vulnerabilities, and exchange custody risks explained

PIPPIN market manipulation: How 26 connected addresses withdrew $96 million from centralized exchanges

In 2025, coordinated activities involving 26 connected PIPPIN-related addresses triggered significant market concerns when these wallets orchestrated a massive withdrawal totaling $96 million from centralized exchanges. This coordinated outflow represents a substantial movement of capital that raised immediate red flags among market analysts and regulatory bodies.

The synchronized nature of these withdrawals across multiple addresses suggests deliberate coordination rather than organic user behavior. On-chain analysis reveals that these addresses maintain interconnected transaction histories, indicating they likely operate under unified control or coordination. The timing and scale of these movements align with suspected market manipulation tactics designed to artificially influence PIPPIN's price trajectory.

The SEC initiated investigations into these suspicious trading patterns, examining whether coordinated exchange outflows constitute market manipulation. PIPPIN's high ranking of #5 in SymSense metrics indicates sustained regulatory scrutiny. Evidence suggests potential coordination between address clusters working to artificially inflate trading volumes and manipulate price movements, warranting serious attention from compliance officials and investors alike.

Smart contract vulnerabilities and reentrancy attacks: The $27 million Penpie exploit case study

In September 2024, the Penpie Protocol experienced a catastrophic security breach resulting in a $27 million loss, exposing critical vulnerabilities in smart contract architecture. The attack exploited a reentrancy vulnerability within the PendleStaking contract's _harvestBatchMarketRewards function, which lacked essential security measures such as reentrancy guards.

The attacker's methodology involved triggering the redeemRewards() function to call claimRewards() of specific markets, allowing recursive execution before state updates completed. By deploying counterfeit SY tokens and depositing high-value PENDLE-LPT tokens, the attacker manipulated the reward distribution mechanism. The protocol's failure to validate market trustworthiness exacerbated the vulnerability, enabling systematic exploitation.

This incident revealed that Penpie's smart contract had insufficient access controls and inadequate validation mechanisms. The attacker deposited LPT market tokens that were mistakenly treated as legitimate rewards, inflating their reward balance without proper verification. Following protocol detection, teams froze operations to prevent additional losses, though another malicious contract deployment indicated the attacker targeted the remaining $105 million in protocol assets.

The Penpie hack demonstrates how a single unmitigated reentrancy vulnerability can cascade into catastrophic financial losses. This case underscores the critical importance of implementing robust security practices including reentrancy guards, state validation, and comprehensive smart contract auditing before mainnet deployment to protect decentralized finance ecosystems.

Exchange custody risks: Internal control concentration reaching 80-90% token supply threatens investor security

Cryptocurrency exchange custody presents unprecedented concentration risks that fundamentally threaten investor protection mechanisms. Analysis of PIPPIN demonstrates these vulnerabilities with particular severity: internal addresses currently control approximately 80% of the token supply, representing roughly $380 million in value within a single entity's management structure.

The SEC's recent investor guidance emphasizes that such concentrated internal holdings create systemic vulnerabilities beyond standard exchange risks. When internal addresses control the overwhelming majority of circulating supply, custodial frameworks collapse entirely—investors cannot verify genuine market liquidity or price discovery mechanisms. The absence of off-exchange settlement networks and segregated custody protocols means user funds remain vulnerable to internal control breaches.

Leading cryptocurrency platforms now implement multi-venue liquidity access and integrated custody solutions specifically to mitigate these concentration dangers. Investors must evaluate whether their exchange custodian maintains transparent ownership records, implements cold storage protocols for majority holdings, and provides genuine asset segregation. Without such protections, deposit security remains theoretical rather than guaranteed.