Hacked, Paid, Promised to Fix It — and Hacked Again: Kontigo Crypto Wallet Attacked Twice in 5 Days
A final blow to the startup's reputation.
A final blow to the startup's reputation.
The startup Kontigo, backed by the Y Combinator accelerator and having raised $22 million in investments in 2025, has once again faced a cyberattack and temporarily shut down access to its platform. The company announced this in an official statement published on X. This incident is already the second since the beginning of 2026 and has again disrupted the service's operation.
According to Kontigo representatives, the team detected a new attempt to interfere with the authentication system through which users access their crypto wallets. The threat was contained, after which defensive mechanisms were activated. As part of these measures, the company decided to temporarily shut down the platform while simultaneously deploying an update intended to patch the identified vulnerabilities.
In the published message, Kontigo promised to provide an update on the situation at 14:00 Caracas time. A few hours earlier, at 10:38, one of the project's co-founders, Camilo Sanchez, publicly reported the new incident. He assured customers that the company would compensate for any possible damages and apologized for the service disruptions.
However, the first warning signs appeared even earlier. At 9:27 local time, an X user with the handle @InversionesRCI wrote that their Kontigo account had been drained again, and this time there were no transaction records left in the history. After the company's official statement, numerous complaints from other clients began appearing on social media, reporting that they could not log into their accounts.
The previous attack occurred on January 5. At that time, the attackers managed to steal approximately $340,000 USDC, affecting about 1,005 users. Following the incident, Kontigo announced enhanced security measures and promised full reimbursement for losses. Judging by comments on X, reimbursements were made, with only a small number of clients having unresolved issues not directly related to the hack.
On January 7, Camilo Sanchez wrote that the team was working on stabilizing access to the app and would publish a technical report analyzing the first cyberattack within 24–48 hours. The new incident is likely to delay these plans. Users are currently awaiting information about the consequences of the second hack attempt and details on which specific systems were targeted.
Against this backdrop, Kontigo appears not as an exception, but as part of a broader, unfortunate trend. In 2025 alone, major exchanges including Bybit, Nobitex, and Upbit were attacked, with total damages exceeding a billion dollars. Despite significant losses, these companies continued operating. Kontigo is now trying to follow the same recovery path, albeit having to face two attacks within days of each other.
