Another crypto lender shuts down after $1.6M hack

Kinto, a blockchain project operating on Arbitrum, has announced that it will cease operations at the end of September, following a catastrophic $1.6 million hack in July that rendered the platform insolvent.

The decision essentially represents a bankruptcy for the start-up, which had touted itself as a safer version of traditional DeFi because it verified users and insured wallets.

The crash is the result of a smart contract loophole on Kinto's chain, which was exploited by attackers to mint 110,000 fake tokens.

Those tokens were leveraged to siphon nearly $1.55 million from lending pools, backwaters of the project's reserves. With that, Kinto's native token fell 95%, which gutted both confidence and liquidity on the network.Photo of hack. Source: Getty Images

Kinto's failed recovery

In the weeks following the attack, the team mounted a “Phoenix” recovery program that raised $1 million to reboot trading and repay users. Although it allowed Kinto to buy some time, the effort was not enough to fix Kinto's financial problems.

On Sept. 7, the team threw in the towel, saying, "It is time to face reality and shut down responsibly.”

The Linto group, however, confirmed that a major breach (CPIMP attack) had been discovered and was mitigated by the security company Dedaub. Weimar Bug Bugs spread across multiple DeFi protocols, threatening tens of millions, and hiding in plain sight by playing as though it was part of normal activity.

The team said, “100% of remaining Safe assets will repay Phoenix lenders, who took the risk to help us relaunch. They’ll recover ~76% of the principal,” and are continuing to make further efforts to trace and recover the assets that have been stolen.

More news:

Sam Altman’s Worldcoin rallies 50% after massive treasury announcement Major Wall Street firm rolls out Bitcoin Fund with gold insurance Elizabeth Warren and crypto industry unite in 'unlikely alliance' slamming Trump’s bill

Kinto promises to compensate victims

As a last-minute gesture of goodwill, Kinto’s founder, Ramón Recuero, promised $55,000 out of his own pocket to the victims' compensation fund.

Related: What are tokenized stocks? Explained

According to the plan, each eligible wallet address will receive up to $1,000 to cover the full amount for about 80% of depositors.

“This will ensure that 80% of all depositors receive their full amount back,” the team said in its statement.

Kinto faces backlash

News of Kinto’s shutdown was met with dismay by some in the crypto community. One user on X, posting under the handle Purefier, accused the team of cashing out before folding: “You came, make money, and now you’re shutting down… Didn’t expect much.”

Story Continues

Kinto stood apart from other DeFi protocols by making users identify themselves and by promising wallet insurance — a floor of safety against the same brand of untraceable hacks that DeFi acolytes have long dreaded.

It even had access to exclusive opportunities, like tokenized U.S. equities you couldn’t find on other chains. But the exploit proved fatal, beyond repair, highlighting once again how vulnerabilities in smart contracts can undermine even projects designed around security.

However, this is not the first time, several crypto firms — including Mt. Gox, QuadrigaCX, Cryptopia, Bitgrail, ACX.io, and Youbit — have been forced to shut down after devastating hacks.

This story was originally reported by TheStreet on Sep 10, 2025, where it first appeared in the MARKETS section. Add TheStreet as a Preferred Source by clicking here.

View Comments