Espresso co-founder reports $30k crypto theft through ThirdWeb contract vulnerability
Jill Gunter, co-founder of Espresso, reported Thursday that her crypto wallet was drained due to a vulnerability in a Thirdweb contract, according to statements posted on social media.
- Crypto veteran Jill Gunter reported the theft of over $30,000 in USDC from her wallet, which was drained on Dec. 9 and routed through Railgun.
- The vulnerability stemmed from a legacy Thirdweb contract that allowed access to funds with unlimited token approvals.
- The incident followed a separate 2023 open-source library flaw that affected more than 500 token contracts and was exploited at least 25 times, according to ScamSniffer.
Gunter, described as a 10-year veteran of the cryptocurrency industry, said more than $30,000 in USDC stablecoin was stolen from her wallet. The funds were transferred to the privacy protocol Railgun while she was preparing a presentation on cryptocurrency privacy for an event in Washington, D.C., according to her account.
In a follow-up post, Gunter detailed the investigation into the theft. The transaction that drained her jrg.eth address occurred on December 9, with the tokens having been moved into the address the day before in anticipation of funding an angel investment planned for that week, she stated.
Although the tokens were transferred from jrg.eth to another address identified as 0xF215, the transaction showed a contract interaction with 0x81d5, according to Gunter’s analysis. She identified the vulnerable contract as a Thirdweb bridge contract she had previously used for a $5 transfer.
Thirdweb informed Gunter that a vulnerability had been discovered in the bridge contract in April, she reported. The vulnerability allowed anyone to access funds from users who had approved unlimited token permissions. The contract has since been labeled as compromised on Etherscan, a blockchain explorer.
Gunter stated she did not know whether she would receive reimbursement and characterized such risks as an occupational hazard in the cryptocurrency industry. She pledged to donate any recovered funds to the SEAL Security Alliance and encouraged others to consider donations as well.
Thirdweb published a blog post stating the theft resulted from a legacy contract not being properly decommissioned during its April 2025 vulnerability response. The company said it has permanently disabled the legacy contract and that no user wallets or funds remain at risk.
In addition to the vulnerable bridge contract, Thirdweb disclosed a wide-reaching vulnerability in late 2023 in a commonly used open-source library. Security researcher Pascal Caversaccio of SEAL criticized Thirdweb’s disclosure approach, stating that providing a list of vulnerable contracts gave malicious actors advance warning.
According to analysis by ScamSniffer, a blockchain security firm, over 500 token contracts were affected by the 2023 vulnerability and at least 25 were exploited.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Renewable Energy Learning: An Unseen Driver of Expansion in 2025
- 2025 wind energy education programs are critical for addressing a 100,000-technician labor gap and advancing green infrastructure. - Institutions like STL USA and NREL integrate AI analytics, blade recycling, and hands-on turbine training to meet industry demands. - Industry partnerships with OEMs and $36M+ in federal funding accelerate workforce development but face policy risks from DOI land-use restrictions. - Global clean energy investment reached $2.1T in 2024, with U.S. renewables accounting for 93
Investing in EdTech and Skills Training to Empower Tomorrow's Workforce
- Global high-growth sectors like AI, renewables, and biotech are reshaping workforce demands, driving rapid STEM education evolution through edtech and vocational training. - AI-powered adaptive learning and immersive VR/AR tools now personalize education, with 36% of 2024 edtech funding directed toward workforce-specific skill development. - Vocational programs and industry partnerships (e.g., U.S. EC4A, EU Green Deal) are closing STEM skills gaps, creating direct pipelines to 16.2M+ clean energy jobs by
The Rising Influence of EdTech on Career-Focused Investment Prospects
- Global EdTech market grows at 20.5% CAGR to $790B by 2034, driven by STEM/digital skills demand. - STEM workers earn 45% higher wages; 10.4% occupation growth vs 4.0% non-STEM, reshaping labor markets. - 2025 EdTech VC investments show 35% YoY decline, concentrating on AI tools and scalable upskilling platforms. - MENA/South Asia EdTech sees 169% funding growth, addressing equity gaps through global platforms. - AI-driven EdTech and M&A activity (e.g., ETS-Ribbon) highlight sector's shift toward outcome-
KITE Price Forecast Following Listing: Managing Post-IPO Fluctuations and Institutional Investor Outlook
- Kite Realty Group (KITE) fell 63% post-IPO despite strong retail occupancy and NOI growth, highlighting valuation disconnect between real estate fundamentals and tech IPO expectations. - Institutional sentiment split: COHEN & STEERS boosted holdings by 190% amid industrial pivot, while others divested $18. 3M , reflecting uncertainty over hybrid retail-industrial strategy execution. - Analysts remain divided on $24–$30 price targets, balancing KITE's 7.4% dividend increase and industrial shift against ma
Trending news
MoreCrypto prices
More
