Kontigo blocks vulnerability and reimburses roughly $341,000 after breach

Kontigo detected unauthorized access over the weekend and announced the incident on January 5 via X, reporting that attackers drained about $340,900–$341,000, primarily in USDC, from 1,005 customer wallets and that CEO Jesus A. Castillo had a personal account compromised. Engineers identified and isolated the vulnerability, disabled the affected access path, rotated credentials and keys, tightened access policies, added rate limits, withdrawal checks and session controls, and traced fund flows to support recovery efforts. Kontigo completed full reimbursement from corporate funds and reported that impacted wallets now reflect restored balances; the company said attackers have been identified and that services remained available while additional monitoring and customer support addressed residual tickets. Kontigo reported it is conducting a deeper internal review. The company is YC-backed, founded in 2023, reported more than one million monthly active users, reported processing over $1 billion, reported roughly $30 million in annualized revenue, and closed a $20 million seed round on December 22, 2025, led by FoundersX Ventures; it is expanding dollar accounts, remittances, and merchant payments across multiple Latin American markets, including Venezuela. Kontigo previously faced scrutiny tied to frozen intermediary accounts, and cross-border dollar flows in Latin America are subject to AML and sanctions oversight. Expected follow-ups include a detailed post-mortem, third-party security reviews, published upgrades to authentication, session security and key management, and verification of reimbursement and legal or recovery steps against the attackers. 

Source: https://web3businessnews.com/crypto/kontigo-stablecoin-hack-repay/

Hosted on Acast. See acast.com/privacy for more information.